SaaS on AWS September 2010
3
offerings. Or, leverage AWS to achieve the economic benefits of multi-tenancy without having to re-write their existing
software. As mentioned above, AWS allows the ISV to easily spin up unique environments for each new customer and
pay for that infrastructure only when they need it.
Managing Uptime for a Global Customer Base
A highly reliable and available IT infrastructure requires SaaS providers to not only maintain reliable storage and backup
devices, but also operate a reliable network with redundant networking devices, transit connections, and physical
connections between data centers. In addition to backup and reliable networking, SaaS providers must also have a
tested, working solution for disaster recovery. This includes deploying data and applications across multiple data centers
– either with failure resilient software or in a more traditional hot/cold standby approach. To achieve realistic disaster
recovery, all of the data centers and servers involved have to be constantly utilized; if they sit idle, it’s almost certain
they won’t function as desired when activated from a cold start. SaaS providers need to account for both the cost and
the complexity of this redundancy when evaluating their deployment. AWS includes all this in its simple usage charges,
and lets customers easily do things like deploy servers in any one of our global regions (East Coast US, West Coast US,
EU, and Singapore). Within a region, ISVs can further enable the availability of their application by deploying servers
across multiple Availability Zones, which provides the ability to remain resilient in the face of most failure modes
including natural disasters or system failures.
Providing a Secure Environment
Another direct cost for SaaS providers running their applications is ensuring the confidentiality, integrity, and availability
of business critical data. Examples of security costs for SaaS providers include capital expenditures for network security
devices, security software licenses, staffing of an information security organization, costs associated with information
security regulatory compliance, physical security requirements, smart cards for access control, and so on. To provide
end-to-end security and end-to-end privacy in the cloud, AWS builds services in accordance with security best practices
and features, and clearly documents how developers can effectively use those features. AWS customers thus take
advantage of Amazon’s reliable and secure global computing infrastructure, which has been the backbone of
Amazon.com’s multi-billion dollar retail business for more than 15 years, at no additional cost to the customer. For
more information on AWS security, consult the Amazon Web Services: Overview of Security Processes whitepaper at
aws.amazon.com/security.
Overall Cost
AWS passes on to providers the financial benefits of operating at Amazon’s scale. In addition to server, power, and
network infrastructure costs, personnel costs also need to be accounted for. These include cost of the sizable IT
infrastructure teams that are needed to handle the “heavy lifting” – managing heterogeneous hardware and the related
supply chain, staying up-to-date on data center design, negotiating contracts, dealing with legacy software, operating
data centers, moving facilities, scaling and managing physical growth, etc. – all the things that AWS’s services handle on
behalf of SaaS providers.
SaaS Architecture on AWS
SaaS architectures are often variations of the classic three-tier web application hosting model. Design priorities are
typically reliability, security, availability, performance, and cost. To illustrate best practices for deploying this model on
AWS, let’s first review the traditional web hosting architecture: