AWS for Beginners: The Services That Actually Matter

AWS has over 200 services. The console sidebar scrolls for days. It's designed to make you feel like you need all of them. You don't. As a developer, about 10 services cover 90% of what you'll ever touch.

The mental model is simple: everything in AWS is a service with an API. Compute, storage, databases, networking, queues — they're all managed services you provision through a console, CLI, or API call. You pay for what you use (mostly), and you don't manage physical hardware.

The Services You Actually Need to Know

EC2 (Elastic Compute Cloud)

Virtual servers. You pick an OS, instance size, and region. You get a machine with an IP address. SSH in, install your stuff, run your app.

# Launch an instance with the CLI
aws ec2 run-instances \
  --image-id ami-0abcdef1234567890 \
  --instance-type t3.micro \
  --key-name my-key-pair \
  --security-group-ids sg-0123456789abcdef0

t3.micro is free tier eligible — 750 hours/month for the first 12 months. That's enough to run one instance 24/7.

EC2 is the building block. Most other compute services are abstractions on top of it.

S3 (Simple Storage Service)

Object storage. Files go in, files come out. No filesystem hierarchy — it's a flat namespace with key-value pairs (the "folders" you see in the console are just key prefixes).

# Upload a file
aws s3 cp ./build s3://my-website-bucket/ --recursive

# Make a bucket publicly readable (for static hosting)
aws s3 website s3://my-website-bucket/ --index-document index.html

S3 is absurdly durable (99.999999999% — eleven 9s). Use it for static assets, backups, data lakes, user uploads, static website hosting, and build artifacts. The free tier gives you 5GB.

Lambda

Serverless functions. You upload code, AWS runs it when triggered. No servers to manage, you pay per invocation and execution time.

# lambda_function.py
import json

def handler(event, context):
    name = event.get("queryStringParameters", {}).get("name", "World")
    return {
        "statusCode": 200,
        "body": json.dumps({"message": f"Hello, {name}!"})
    }

Hook it up to API Gateway and you have an HTTP endpoint that costs literally nothing until it gets traffic. The free tier includes 1 million requests per month — permanently, not just the first year.

Lambda is great for webhooks, scheduled tasks (cron jobs), image processing pipelines, and lightweight APIs. It's not great for long-running processes (15-minute timeout) or anything needing persistent connections.

RDS (Relational Database Service)

Managed PostgreSQL, MySQL, MariaDB, or SQL Server. AWS handles backups, patches, replication, and failover. You connect to it like any database.

# Your connection string looks normal
postgresql://admin:password@my-db.abc123.us-east-1.rds.amazonaws.com:5432/myapp

Free tier: db.t3.micro with 20GB storage for 12 months. After that, the smallest instances run about $15/month.

DynamoDB

NoSQL (key-value / document). Fully managed, scales automatically, single-digit millisecond latency at any scale. The pricing model is based on read/write capacity units.

Good for: session storage, user profiles, IoT data, gaming leaderboards, anything with simple access patterns. Bad for: complex queries with joins, ad-hoc analytics, anything where you don't know your access patterns upfront.

Free tier: 25GB storage and enough read/write capacity for most hobby projects — permanently.

CloudFront

CDN. Caches your content at edge locations worldwide. Put it in front of S3 for static sites, or in front of your API to cache responses and terminate SSL closer to users.

Route 53

DNS. Register domains, manage DNS records. It's just DNS but integrated with everything else in AWS. $0.50/month per hosted zone.

IAM (Identity and Access Management)

The permission system. Every AWS service interacts with IAM. Users, roles, and policies control who can do what.

This is the service that trips beginners up the most. A few rules of thumb:

• Never use your root account for daily work. Create an IAM user.
• Use the principle of least privilege. Don't give a Lambda function admin access when it only needs to read from one S3 bucket.
• Use roles, not access keys, whenever possible. EC2 instances and Lambda functions should assume roles, not have hardcoded credentials.

Regions and Availability Zones

AWS has data centers grouped into regions (us-east-1, eu-west-1, ap-southeast-1, etc.). Each region has multiple availability zones — physically separate data centers connected by low-latency links.

Pick the region closest to your users. us-east-1 (Virginia) is the default and has the most services, but if your users are in Europe, eu-west-1 (Ireland) or eu-central-1 (Frankfurt) will give them better latency.

The Free Tier (and How to Not Get Surprised)

AWS's free tier has three categories:

1. 12-month free — EC2 t3.micro, RDS t3.micro, 5GB S3, etc. Starts when you create your account.
2. Always free — Lambda (1M requests/month), DynamoDB (25GB), CloudWatch (basic monitoring).
3. Trial — some services offer short-term trials.

To avoid surprise bills:

• Set a billing alarm. Go to CloudWatch, create an alarm for estimated charges > $5. Do this first, before anything else.
• Don't leave things running. That EC2 instance you launched for testing? It's billing hourly even if nobody's using it. Stop or terminate it.
• Watch data transfer. Transferring data out of AWS costs money. S3 + CloudFront helps because CloudFront's data transfer is cheaper than S3 direct.
• Check the billing dashboard weekly for the first few months.

# Set up a billing alarm with CLI
aws cloudwatch put-metric-alarm \
  --alarm-name "billing-alarm" \
  --metric-name EstimatedCharges \
  --namespace AWS/Billing \
  --statistic Maximum \
  --period 21600 \
  --threshold 10 \
  --comparison-operator GreaterThanThreshold \
  --evaluation-periods 1 \
  --alarm-actions arn:aws:sns:us-east-1:ACCOUNT_ID:billing-alerts

Deploy a Simple App: The Shortest Path

The fastest way to get something running:

1. Build your app and push to a Git repo
2. Create an S3 bucket, enable static hosting, upload your frontend
3. Create a Lambda function with API Gateway for your backend
4. Point a Route 53 domain at it
5. Put CloudFront in front for SSL and caching

Or skip all of that and use AWS Amplify or Elastic Beanstalk, which handle deployment, scaling, and HTTPS for you. Beanstalk is basically "give me a zip file of my app and figure out the rest." It's not cool, but it works.

AWS vs Azure vs GCP

The honest comparison:

AWS has the most services, the largest community, and the most job listings. If you're learning cloud to get hired, AWS certifications carry the most weight. Azure dominates in enterprises already using Microsoft products. If the company runs Active Directory, Office 365, and .NET, they're probably on Azure. GCP has the best Kubernetes (GKE), BigQuery is fantastic for analytics, and Firebase is popular for mobile backends. Smaller market share but strong in ML/AI tooling.

The core concepts transfer between all three. Learning AWS doesn't lock you in — the services have different names but similar patterns. EC2/Azure VMs/Compute Engine, S3/Blob Storage/Cloud Storage, Lambda/Azure Functions/Cloud Functions.

If you want to practice deploying to AWS without worrying about costs, CodeUp has guided projects that walk you through real deployments using free tier services. Building something concrete beats reading documentation every time.

Start with one service. Deploy one thing. The rest clicks into place faster than you'd expect.