AWS vs Azure Services

AWS service	Plain English definition	Azure equivalent	Description
Amazon Elastic Compute Cloud / EC2	Host the bits of things you think of as a computer A web service that enables you to launch and manage Linux/UNIX and Windows server instances in Amazon’s data centers.	Virtual Machines (VMs)	Provision Windows and Linux Virtual Machines and applications in minutes
Identity and Access Management (IAM)	Setup additional users, setup new AWS Keys and policies A web service that enables Amazon Web Services customers to manage users and user permissions within AWS.	Azure Active Directory	Synchronize on-premises directories and enable single sign-on
Amazon Simple Storage Service / S3	Store images and other assets for websites. Keep backups and share files between services. Host static websites. Also, many of the other AWS services write and read from S3. Storage for the internet. You can use it to store and retrieve any amount of data at any time, from anywhere on the web.	Azure Blob Storage	Durable, highly available and massively scalable cloud storage
Virtual private cloud / VPC	Overcome objections that “all our stuff is on the Internet!” by adding an additional layer of security. Makes it appears as if all of your AWS services are on the same little network instead of being small pieces in a much bigger network An elastic network populated by infrastructure, platform, and application services that share common security and interconnection.	Azure Virtual Private Network (VPN)	Your private network in the cloud
API Gateway	Proxy your apps API through this so you can throttle bad client traffic, test new versions, and present methods more cleanly.	API Management	Publish APIs to developers, partners and employees securely and at scale
Amazon Relational Database Service / RDS	Be your app’s Mysql, Postgres, Oracle database A web service that makes it easier to set up, operate, and scale a relational database in the cloud. It provides cost­ efficient, resizable capacity for an industry­ standard relational database and manages common database administration tasks.	SQL Database	Managed Relational SQL Database-as-a-service
Route53	Buy a new domain, setup the DNS records for that domain A web service you can use to create a new DNS service or to migrate your existing DNS service to the cloud.	DNS	Host your DNS domain in Azure
Amazon Simple Email Service / SES	Send one off emails like password resets, notifications, etc. You could use it send Newsletter if you wrote all the code, but that’s not a great idea. An easy­ to ­use, cost ­effective email solution for applications.
Cloudfront	Make your websites load faster by spreading out static file delivery to be closer to where your users are. An AWS content delivery service that helps you improve the performance, reliability, and availability of your websites and applications.	CDN	Deliver content to end-users through a robust network of global data centers
CloudSearch	Pull in data on S3 or in RDS and and then search it for every instance of ‘Jimmy’ A fully ­managed service in the AWS cloud that makes it easy to set up, manage, and scale a search solution for your website or application	Azure Search	Fully-managed search-as-a-service
DynamoDB	Be your app’s MongoDB	DocumentDB	NoSQL database for JSON documents optimized for frequent writes
Elasticache	Be your app’s Memcached or Redis	Redis Cache	High throughput, low latency data access to build fast and scalable applications
Elastic Transcoder Cognitor	Deal with video weirdness (change formats, compress, etc.)	Media Services	Encode, store, and stream video and audio at scale
Lambda	Run little self contained snippets of JS to do discrete tasks. Sort of a combination of a queue and execution in one. Currently mostly used for storing and then executing changes to your AWS setup. Also, you can put it behind the API Gateway and expose it that way.
Simple Queue Service (SQS)	Store data for future processing in a queue. The lingo for this is storing “messages” but it doesn’t have anything to do with email or SMS. SQS doesn’t have any logic it’s just a place to put things and take things out.	Azure Queue
Cognito	Give end users - (non AWS) - the ability to log in with Google, Facebook, etc.
Device Farm	Test your app on a bunch of different IOS and Android devices simultaneously
Mobile Analytics	Track what people are doing inside of your app
Simple Notification Service (SNS)	Send mobile notifications, emails and/or SMS messages	Notification Hubs	Scalable, cross-platform push notification infrastructure
CodeCommit	Version control your code - hosted Git	Visual Studio Online	Visual Studio Online offers: - hosted source control system - Team Foundation Service, Git - load testing service - support for agile development with features like continuous integration builds, Kanban boards and virtual team rooms.
Code Deploy	Get your code from your CodeCommit repo (or Github) onto a bunch of EC2 instances in a sane way
CodePipeline	Run automated test on your code and then do stuff with it depending on if it passes those tests
EC2 Container Service	Put a Dockerfile into an EC2 instance so you can run a website
Elastic Beanstalk	Move your app hosted on Heroku to AWS when it gets too expensive
AppStream	Put a copy of a Windows application on a windows machine that people get remote access to.	RemoteApp	Deploy Windows client apps in the cloud, run on any device
Direct Connect	Pay your Telco + AWS to get a dedicated leased line from your data center or network to AWS. Cheaper than Internet out for Data.	ExpressRoute	Dedicated private network fiber connections to Azure
Directory Service	Tie together other apps that need a Microsoft Active Directory to control them	Azure AD Domain Services	Your domain controller as a service
WorkDocs	Share Word Docs with your colleagues
WorkMail	Give everyone in your company the same email system and calendar
Workspaces	Gives you a standard windows desktop that you’re remotely controlling
Service Catalog	Give other AWS users in your group access to preset apps you’ve built so they don’t have to read guides like this.
Storage Gateway	Stop buying more storage to keep word docs on. Make automating getting files into S3 from your corporate network easier	StorSimple	Enterprise hybrid cloud storage solution that provides primary storage, backup, archive, integrated data protection, and location-independent disaster recovery
Data Pipeline	Extract, Transform and Load data from elsewhere in AWS. Schedule when it happens and get alerts when they fail	Data Factory	Orchestrate and manage data transformation and movement
Elastic Map Reduce	Iterate over massive text files of raw data that you’re keeping in S3 A web service that makes it easy to process large amounts of data efficiently. Amazon EMR uses Hadoop processing combined with several AWS products to do such tasks as web indexing, data mining, log file analysis, machine learning, scientific simulation, and data warehousing.	HDInsight	Provision managed Hadoop clusters
Glacier	Make backups of your backups that you keep on S3. Also, beware the costs of getting data back out in a hurry. For long term archiving	Backup	Simple and reliable server backup to the cloud
Kinesis	Ingest lots of data very quickly (For things like analytics or people retweeting Kanye) that you then later use other AWS services to analyze	Events Hub	Receive telemetry from millions of devices
RedShift	Store a whole bunch of analytics data, do some processing and dump it out	SQL Data Warehouse	Elastic data warehouse-as-a-service with enterprise-class features
Machine Learning	Predict future behavior from existing data for problems like fraud detection or “people that bought x also bought y”	Azure Machine Learning	Powerful cloud-based predictive analytics
SWF	Build a service of “deciders” and “workers” on top of EC2 to accomplish a set task. Unlike SQS - logic is setup inside the service to determine how and what should happen
CloudFormation	Build a service of “deciders” and “workers” on top of EC2 to accomplish a set task. Unlike SQS - logic is setup inside the service to determine how and what should happen A service for writing or changing templates that create and delete related AWS resources together as a unit.
CloudTrail	Log who is doing what in your AWS stack (API calls)
CloudWatch	Get alerts about AWS services messing up or disconnecting A web service that enables you to monitor and manage various metrics, and configure alarm actions based on data from those metrics.	Azure Audit Logs	Includes all the provisioning actions performed in the Azure Resource Manager in addition to other actions related to managing Azure resources (ex. Alerts, AutoScaling, deployments etc).
Config	Keep from going insane if you have a large AWS setup and changes are happening that you want to track.
OpsWorks	Handle running your application with things like auto-scaling
Trusted Advisor	Find out where you’re paying too much in your AWS setup (unused EC2 instances, etc.)
Amazon Elastic File System	Managed service to easily set up and scale shared file storage Share files between applications running in your virtual machines using familiar Windows APIs or file REST API.	Azure Files	a shared file system that supports the standard SMB 2.1 protocol.
Elastic Block Store (EBS)	SSD-based storage	Azure Premium Storage	High-performance, low-latency disk support for virtual machines running I/O-intensive workloads
Directory Services Identity and Access Management Key Management Service (KMS)	Authentication and authorization	Azure Active Directory Multi-Factor Authentication Key Vault
CloudFormation	enables declarative provisioning of AWS cloud resources	Azure Resource Manager (ARM) JSON Template	to specify cloud resource definitions in a JSON file so that infrastructure can be deployed as code
Cloud HSM	Compliance	Azure Trust Center
AWS GovCloud	Government Services	Azure Government

References:

• List of AWS Products
• AWS Glossary
• List of Azure Services
• Mapping AWS services to those of other cloud providers

This Week I Learned - Week #154

This Week I Learned -

* PowerShell's Invoke-RestMethod command can be used to call REST APIs

* To celebrate 10 years of AWS, AWS training partner, qwikLABS is offering 95 free online self-paced labs through the end of March 2016.

* “Polanyi’s Paradox” - “We know more than we can tell”. The top Go players can’t fully access their own knowledge about how they’re able to perform so well. This self-ignorance is common to many human abilities, from driving a car in traffic to recognizing a face. Polanyi’s Paradox hasn’t prevented us from using computers to accomplish complicated tasks, like processing payrolls, optimizing flight schedules, routing telephone calls and calculating taxes. But as anyone who’s written a traditional computer program can tell you, automating these activities has required painstaking precision to explain exactly what the computer is supposed to do. AlphaGo, the artificial intelligence system built by the Google subsidiary DeepMind, does use simulations and traditional search algorithms to help it decide on some moves, but its real breakthrough is its ability to overcome Polanyi’s Paradox - NY Times

* Financial institutions in the United States are obliged by the Gramm-Leach-Bliley Act to ensure the security and confidentiality of personal information. Complaints against violations can be filed with the FTC

* Denmark and other countries which top the list of happiest countries are fairly homogeneous nations with strong social safety nets. Factors which contribute to the rankings - gross domestic product per capita (the rawest measure of a nation’s wealth); healthy years of life expectancy; social support (as measured by having someone to count on in times of trouble); trust (as measured by perceived absence of corruption in government and business); perceived freedom to make life choices; and generosity (as measured by donations)...crises can prompt vastly different responses based on the underlying social fabric. In Greece, where the economy began to plummet in 2007, setting off a crisis in the eurozone that has resulted in three financial bailouts, widespread corruption and mistrust were associated with the diminishing sense of happiness over the past decade. In contrast, trust and “social capital” are so high in Japan that scholars found, to their surprise, that happiness actually increased in Fukushima, which was devastated by an earthquake and tsunami in 2011, because an outpouring of generosity and cooperation contributed to the community’s resilience and rebuilding. - NY Times

* From the comments to the above linked article - Denmark is also one of the top countries for prescriptions for antidepressants.

* For the past half-century, the world economy has been held hostage by just one country: the Kingdom of Saudi Arabia.

* US, once the world's largest wheat exporter, is scheduled to import the grain this month from South America.

* Websites which provide online recharging facility & connect consumers with mobile, DTH & data service providers in India can get up to 3% on a transaction

* ISRO has a public page showing places in India with heaviest rainfall. Bhuvan, ISRO's geo-platform, has lots of interesting info on India presented through maps.

* Securities and Exchange Board of India (SEBI) currently permits investment of Rs 50,000/- per Financial Year per Mutual Fund for Aadhaar based eKYC using OTP verification.

* "Knowledge is only potential power. For the power to be manifested, it must be applied" - Arthashastra

This Week I Learned - Week #149

This Week I Learned -

* Azure's new CDN experience is built on the Azure Resource Manager. It allows you to preload individual assets to your CDN endpoint and purge individual cached assets or entire directories from your CDN endpoints.

* Netflix started migrating their systems to AWS in August of 2008 and "..in early January, 2016, after seven years of diligent effort, we have finally completed our cloud migration and shut down the last remaining data center bits used by our streaming service!". Notes from Netflix Tech Blog articles:
- "By incorporating the principles of redundancy and graceful degradation in our architecture, and being disciplined about regular production drills using Simian Army, it is possible to survive failures in the cloud infrastructure and within our own systems without impacting the member experience."
- To deal with fault-tolerance & be proactive, Netflix has built a Simian Army suite of tools to induce various kinds of failures, or detect abnormal conditions, and test Netflix's ability to survive them.
- Cost reduction was not the main reason Netflix decided to move to the cloud though it ended up being a fraction of those in the data center -- a welcome side benefit.
- "..the easiest way to move to the cloud is to forklift all of the systems, unchanged, out of the data center and drop them in AWS. But in doing so, you end up moving all the problems and limitations of the data center along with it. Instead, we chose the cloud-native approach, rebuilding virtually all of our technology and fundamentally changing the way we operate the company."
- "Architecturally, we migrated from a monolithic app to hundreds of micro-services, and denormalized and our data model, using NoSQL databases. Budget approvals, centralized release coordination and multi-week hardware provisioning cycles made way to continuous delivery, engineering teams making independent decisions using self service tools in a loosely coupled DevOps environment, helping accelerate innovation."

* JSON.NET is the recommended library to serialize and deserialize JSON in .NET

* HTML, CSS & JavaScript consist of more than 300 W3C specifications from over 400 member organizations. No browser implements every standard, and in fact more than a third of web standards aren’t implemented by any of the most popular browsers - Windows Blog

* Personal assistant programs like Cortana and Apple’s Siri need access to your location, your contacts, voice input, information from email and text messages, browser history, search history, calendar details “and other information.”. Companies often claim this is to provide more relevant results, but the data may also be used to help send more targeted advertisements your way - NY Times

* Steve Kangas coined the term bookmarklet as a portmanteau (a word created from two other words) of bookmark and applet.

* Befunky is an online app that can turns your photographs into interesting cartoons without requiring any software.

* Tableizer is an online web app that  can convert Spreadsheets into HTML Table format

* Six out of the eight startups valued at over $1 billion have domiciled outside India, either in Singapore or US. In 2014, 54% of all new-age startups raising money chose to domicile outside India.

* Uber claims it has a little over 250,000 driver partners on its platform in India. Ola says it has over 350,000.

* The online grocery market in India valued at $200 million annually. Amazon has set the cat among the pigeons by deciding to get into the already crowded hyperlocal grocery delivery market. Currently cornered by BigBasket, Grofers and Peppertap - Business Standard

* Amit Singhal, the senior vice president for search, and one of the earliest builders of Google’s global system, announced that he would retire on Feb. 26. Singhal, 48, joined Google in 2000 as employee No. 176. One of his earliest jobs at Google was rewriting the initial breakthrough algorithms. "When a regular person hits a wall and gets discouraged, that’s when Amit is just getting started." - Matt Cutts

* StatCrunch is a statistical data analysis package that takes data from a web page through a user-initiated bookmarklet click.

* The United States Air Force facility commonly known as Area 51 is a remote detachment of Edwards Air Force Base, within the Nevada Test and Training Range. The base's current primary purpose is publicly unknown. Its secretive nature and undoubted connection to classified aircraft research, together with reports of unusual phenomena, have led Area 51 to become a focus of modern UFO and conspiracy theories - Wikipedia

* If you consume fewer calories than your body requires for daily operations, it turns to internal sources of fuel. Those sources consist of body fat and lean tissue, meaning muscle. The problem with losing muscle is that, unlike fat tissue, muscle burns calories. Having less muscle means a lower resting metabolic rate, so you burn fewer calories throughout the day. Losing muscle may also discourage physical activity, which is important for maintaining weight loss. Extra protein is advisable during weight loss to avoid stripping yourself of muscle. Exercise is also key, particularly weight training, since it is known to build muscle. - NY Times

* Blame it on Lead: Exposure to lead has been linked to reduced reading scores, oppositional behavior and increased rates of teen pregnancy.

* Cockroaches choose from one of several preferred trajectories when running from a predator, and that variability is enough to confound their attackers most of the time. Although there was some variability, the researchers discovered that over repeated tests this angle of escape ranged from about 90 degrees (at a right angle to the direction of the threat) to 180 degrees (the opposite direction), with peaks, or preferred trajectories, of about 90, 120, 150 and 180 degrees - NY Times

* Kaushik Jayaram and Robert J. Full, who work on technology inspired by biology, were drawn to roaches as a model for soft robots. Cockroaches can tolerate pressure equivalent to 900 times their body weight. When pressed flat enough that their legs splayed, they could still move about 20 body lengths a second. They can tolerate flattening not because the roach exoskeleton is soft, but because it is composed of rigid plates connected by more flexible tissue.

* Some consolation  - A court in Saudi Arabia revised the punishment given to a stateless Palestinian poet convicted of apostasy, reducing it from death to eight years in prison, 800 lashes and public repentance

* Artur Fischer, a German inventor who registered more than 1,100 patents is ahead of Thomas Edison, who had 1,093 patents to his name. He was nearsighted, short and lacked a high school diploma. What Bill Gates was to the personal computer, Artur Fischer is to do-it-yourself home repair. At 27 years of age, he founded his own company, the Fischer Group, which today has 42 international subsidiaries, employs 4,000 people worldwide and sells its 14,000 products in more than 100 countries. One of Mr. Fischer’s most recent inventions is a gadget that makes it possible to hold and cut the top off an egg of any size. He got started on the problem when a hotel owner complained to him that his guests, on opening their boiled eggs for breakfast, always made a mess — the year was 1946.

* Iraq depends on oil for 90% of its revenue

* India is the world’s largest meat exporter.

Azure Powershell 1.0.1 MSI is hosted on Amazon's S3 file storage service

The Azure Powershell 1.0.1 MSI installable package is hosted on Github which serves this installable file from Azure's competitor Amazon's S3 file storage service

Back in 2012, Hotmail's sign-up page used to rely on Google's ReCAPTCHA service.

Adapting "AWS Well-Architected Framework" for Azure

The AWS Well-Architected Framework consists of a set of questions you can use to evaluate how well an architecture is aligned to AWS best practices. I found the 56-paged white-paper [^PDF] thought-provoking. The same questions could be applied to Azure as well. For my reference, I plan to adapt the answers that are written for AWS in the white-paper & jot down notes making them Azure specific

The AWS Well-Architected Framework is based on four pillars—security, reliability, performance efficiency, and cost optimization. The white-paper raises 45 questions across those four categories. As a first step towards compiling Azure specific answers for the questions to ask while building cloud solutions, I've replaced the AWS references in the questions with Azure equivalent keywords (work in progress) -

SEC 1. How are you encrypting and protecting your data at rest?
SEC 2. How are you encrypting and protecting your data in transit?
SEC 3. How are you protecting access to and use of the Azure root account credentials?
SEC 4. How are you defining roles and responsibilities of system users to control human access to the Azure Portal and APIs?
SEC 5. How are you limiting automated access (such as from applications, scripts, or third-party tools or services) to Azure resources?
SEC 6. How are you managing keys and credentials?
SEC 7. How are you enforcing network and host-level boundary protection?
SEC 8. How are you enforcing Azure service level protection?
SEC 9. How are you protecting the integrity of the operating systems on your Azure VM instances?
SEC 10.How are you capturing and analyzing Azure logs?

REL 1. How are you managing Azure service limits for your account?
REL 2. How are you planning your network topology on Azure?
REL 3. Do you have an escalation path to deal with technical issues?
REL 4. How does your system adapt to changes in demand?
REL 5. How are you monitoring Azure resources?
REL 6. How are you executing change management?
REL 7. How are you backing up your data?
REL 8. How does your system withstand component failures?
REL 9. How are you planning for recovery?

PERF 1. How do you select the appropriate instance type for your system?
PERF 2. How do you ensure that you continue to have the most appropriate instance type as new instance types and features are introduced?
PERF 3. How do you monitor your instances post launch to ensure they are performing as expected?
PERF 4. How do you ensure that the quantity of your instances matches demand?
PERF 5. How do you select the appropriate storage solution for your system?
PERF 6. How do you ensure that you continue to have the most appropriate storage solution as new storage solutions and features are launched?
PERF 7. How do you monitor your storage solution to ensure it is performing as expected?
PERF 8. How do you ensure that the capacity and throughput of your storage solutions matches demand?
PERF 9. How do you select the appropriate database solution for your system?
PERF 10. How do you ensure that you continue to have the most appropriate database solution and features as new database solution and features are launched?
PERF 11. How do you monitor your databases to ensure performance is as expected?
PERF 12. How do you ensure the capacity and throughput of your databases matches demand?
PERF 13. How do you select the appropriate proximity and caching solutions for your system?
PERF 14. How do you ensure that you continue to have the most appropriate proximity and caching solutions as new solutions are launched?
PERF 15. How do you monitor your proximity and caching solutions to ensure performance is as expected?
PERF 16. How do you ensure that the proximity and caching solutions you have matches demand?

COST 1. How do you make sure your capacity matches but does not substantially exceed what you need?
COST 2. How are you optimizing your usage of Azure services?
COST 3. Have you selected the appropriate resource types to meet your cost targets?
COST 4. Have you selected the appropriate pricing model to meet your cost targets?
COST 5. Are there Azure managed services/PaaS that you can use to improve your ROI?
COST 6. What access controls and procedures do you have in place to govern Azure service costs?
COST 7. How are you monitoring usage and spending?
COST 8. How do you decommission resources that you no longer need, or stop resources that are temporarily not needed?
COST 9. How do you consider data-transfer charges when designing your architecture?
COST 10. How do you manage and/or consider the adoption of new services?

What is Cloud Governance?

A compilation of important points from the Cloud Governance articles I read:

Cloud services governance involves applying specific policies or principles to the use of cloud services.

It can be useful to think of cloud governance by examining its opposite: the free-for-all chaos in which cloud services are used by an organization without any oversight in place. To avoid this chaos, put polices in place for cloud service use to control the leakage of private information to the cloud and to control the  excessive use of cloud services (which must be paid for, after all). With governance and security in place, cloud computing can be used in safety and confidence.

The idea of Cloud governance is to monitor cloud resource usage, such as servers and services, and to limit what systems and users can do with those resources.

Cloud governance comes in many flavors, including service level, data level and platform level

Service­ level or API governance installs policies around access to services exposed by public or private clouds. Users who request access to cloud services have to go through a centralized mechanism that checks the requester's authorization. This mechanism also forces compliance with predefined policies that dictate when and how to access the cloud services 

Data ­level governance, much like service ­level governance, focuses on both storage and data management. Once again, policies are placed around data and data storage systems to define and control access. 

Platform­ level governance, sometimes called a cloud management platform, is related to platform management itself. This means placing automation services around cloud platform governance and management, including provisioning and de-provisioning cloud resources as needed by applications or data. 

The objective of platform ­level governance is to provide a single point of control for complex, distributed, and heterogeneous public and private cloud­ based resources. This allows policies to define when and where resources are put to work and to ensure users use only what's necessary. The end result is not overpaying for subscription ­based services, and the system works around issues like outages. 

Public cloud removes some of the infrastructure and administrative overhead of the traditional data center, but the onus of meeting cloud governance requirements still  falls squarely on IT's shoulders. In the ever-shifting cloud landscape, it's important to create a governance model that resembles an ongoing process -- not a product

To illustrate Cloud governance with an example, consider the case of Amazon Machine Instances (AMIs or Azure VMs). The ability to enforce rules such that certain users can deploy certain AMIs is important. At a finer level, the ability to control who can reboot a VM, who can add capacity to an existing VM environment, and who can delete existing virtual machine instances is important. 
  
Without a Cloud governance system in place, unwanted running AMI machine instances can proliferate and cause unnecessary cost. However, the opposite is also true:  without a Cloud governance solution in place, it is possible that useful AMI instances might be mistakenly deleted. 

Lifecycle management of AMI instances avoids the problems of rogue instances, just as SOA Governance tackled the issue of rogue services which tend to proliferate in organizations without a governance framework in  place.