Choose Region
Four factors:
- Data sovereignty
- Latency
- New service/feature
- cost
How many AZs
Best practice: start with two AZ, so that if resources in one AZ are unreachable, your application won’t fail.
For heavy usage (Amazon DynamoDB) it may be beneficial to use more than two AZs.
Applications that heavily use Amazon EC2 spot instances
Two or more AZs to access more price options
Application with MySQL, MS SQL Server, Oracle data sources
Two availability zones for active/passive
Data sources Cassandra or MongoDB
2 or more for extremely high availability
VPC
Using One VPC
- High-performance computing: lower latency
- Microsoft Active Directory for identity management: better security
- Small, single applications
For most user cases, there are two primary patterns:
Multi-VPC
easier to maintain, suited for single team/organisations; sometimes required for governance or compliance
Multi-Account
Managing access and standards can be challenging in more complex organisations.
- Larger organisation
- multiple IT teams
- medium-sized organisation anticipating fast growth.
AWS Organisation
Hierarchical grouping of accounts
Organisation permissions overrule account permissions.