Your Cloud Environment
Amazon Virtual Private Cloud (VPC) lets you provision a logically isolated section of AWS where you launch and manage AWS resources in a virtual network that you define. It is your private area within AWS.
You can think of this as the fence around all the systems you have in AWS. You have complete control over your virtual networking environment, including selection of your own IP address range, creation of subnets, and configuration of route tables and network gateways. You can use both IPv4 and IPv6 in your VPC for secure and easy access to resources and applications.
Elastic Compute Cloud (EC2) provides secure, resizable compute capacity in AWS. It serves as the foundation upon which your application sits. It is the container that holds the operating systems, mainframe emulators, application executables, and other supporting software that make up your application.
Depending on your specific circumstances, you may separate some pieces into their own EC2 instances, or you may run everything into one instance. For example, maybe you’ll have an EC2 dedicated to batch COBOL and another dedicated to Online. You may even segregate EC2s by applications.
Elastic Block Storage (EBS) can be thought of as a hard drive for storing data. Lots and lots of data. EBS serves as the primary storage “device” for EC2 instances running migrated applications.
Another storage option is Simple Storage Service (S3). EC2 instances connect to S3 through APIs to access and store object data. S3 can be used for bulk data repositories or "data lakes" for analytics.
AWS also offers Amazon Glacier (not shown above) as a low-cost, reliable service for backup and archiving of all types of data.
AWS storage services are designed to deliver 99.999999999% durability and scale past trillions of objects worldwide. These services are combined to meet the storage requirements of your mainframe applications.
Amazon’s Relational Database Service (RDS) is where all your legacy relational data will reside. This includes any flat file data that’s been converted to relational. For example, all your flat files and IMS DB data that's been converted to relational and migrated to RDS. DB2 data would also be migrated here.
This service is optimized for database performance. It is cost-efficient, has resizable capacity, and is designed to reduce time-consuming database administration tasks.
RDS is available in several familiar database engines, including Microsoft SQL Server, Oracle, PostgreSQL, MySQL and MariaDB. You could also set up a DB2 LUW server instance. However, you may want to consider migrating your relational data to Amazon Aurora, a MySQL-compatible database that has been optimized for AWS and can perform up to 5 times faster than MySQL.
An analysis of your existing legacy databases and applications will reveal all the changes required to migrate your data to Aurora or any other RDBMS running in AWS.
Applications with a high volume of transactions require something to balance the workload. Amazon Elastic Load Balancing (ELB) does just that. It automatically distributes incoming application traffic across multiple EC2 instances to achieve scalability, high-performance, and fault tolerance in your migrated applications. It provides the load balancing capability needed to route traffic evenly among your applications and keep them performing efficiently.
In the AWS environment, you will be using Lightweight Directory Access Protocol (LDAP) for accessing and maintaining distributed directory information services. While there are other possibilities, this is most likely where you will map your legacy application user IDs, passwords, permissions, etc.
Hosting LDAP services on a smaller separate EC2 instance often makes it easier to maintain independently of applications. However, a full analysis of your legacy security environment is required to determine how to best architect and configure security in the migrated system.
AWS Identity and Access Management (IAM) enables you to create and manage AWS users and groups, and use permissions to allow and deny their access to AWS resources. This is for AWS infrastructure security rather than application-level security.
Every IT system needs to be monitored. AWS CloudWatch is a monitoring service for AWS cloud resources now running the legacy applications you deployed to AWS.
You use this tool to collect and track metrics, monitor log files, set alarms, and automatically react to changes in your AWS resources. This data is used to resolve problems quickly and keep your migrated applications running smoothly – much like you do on the mainframe today. Other cloud-ready monitoring tools are available from 3rd parties as well.
Just as you have products and processes to control your application sources and manage application releases on your mainframe today, you need to have a similar set of tools in AWS.
AWS CodeCommit is a fully-managed source code control service providing secure and private Git repositories. It eliminates the need to operate your own source control system or worry about scaling its infrastructure.
CodeCommit is where you will store your migrated application source code and binaries, new source and binaries, an anything else you want to archive.