A question that seems to appear strangely often is, “can you host Magento on Amazon Web Services (AWS)?”. The short answer is, “yes”. You absolutely can – but that doesn’t mean that you necessarily should.
AWS provides a range of services for hosting. The best known is EC2, its VPS business. However, there are some 30+ other services that provide IT infrastructure through different channels. For example, Amazon’s Route53 service provides domain registration and DNS services, and CloudFront provides a CDN service (so that visitors further from your server can browse your website more quickly).
The main benefit of AWS, in my opinion, isn’t EC2. EC2 is similar to other good quality VPSs on the market. The main advantage is that you can combine EC2 with the other services and build a very scalable, very reliable and very secure environment for Magento.
The reason that’s often cited for a move to AWS is scalability. It’s attractive because of the seasonal nature of many e-commerce stores, which is understandable. However, the scalability of EC2 needs to be weighed carefully against the cost of simply purchasing a larger server. If scalability is your main concern, do the maths. How much would AWS cost you over a year, including scaling up and down? Could you use the same budget to get a powerful dedicated server that would serve you all year round?
Depending on the number of peaks during the year and the size of the peaks, AWS may be cost effective for scalability alone. If your traffic is such that one server simply won’t do then you absolutely should consider AWS as one possible alternative.
Another key benefit of AWS is its security profile. It’s common for Magento stores to take credit card payments directly. If you accept credit card payments directly on your store (without redirecting your clients to a payment page hosted by another company such as PayPal) then you probably need to be PCI compliant.
Depending on the type of PCI compliance that you need, there is a good chance that AWS will be one of a very small number of virtual hosting providers that can offer the compliance that you need. This is because, typically, hosting is shared between customers and there are technical reasons why it cannot be guaranteed that your customers’ cardholder data wouldn’t be intercepted by the hosting company or another customer with whom you share hosting resources.
Actually, to the best of my knowledge, Amazon is the only commercial hosting provider that has achieved PCI compliance at Level 1 for its virtual hosting services (EC2, RDS and many of its other services). AWS is also certified to ISO27001, HIPAA and other standards that may be relevant in your industry. If you need to be compliant but don’t need a dedicated server, AWS could be one of very few choices.
Amazon’s EC2 has an excellent track record for resilience. CloudHarmony, that scores leading cloud hosting providers for resilience and performance, haven’t identified one instance of downtime on Amazon’s EC2 for around five years.
However, by harnessing AWS’s other services, it’s possible to combine EC2 and keep them in sync so that, if one fails, even if the data centre if hit by a meteor, you can continue to trade. Such architectures are relatively complex to maintain so you may need external maintenance and support to facilitate the move to AWS and to keep everything running smoothly.
You absolutely can move to AWS – and we can help! Hosting Magento on AWS would best suit stores with highly volatile traffic, stores that require PCI compliance and stores that cannot afford downtime. Other stores might see their hosting bills increase with little benefit. Scalability is all the rage but scalability for scalability’s sake is a poor choice.