AWS - Cloud Practitioner Flashcards
Amazon Athena
Amazon Athena is an interactive query service that makes it easy to analyze data in
Amazon S3 using standard SQL. Athena is serverless, so there is no infrastructure to
manage, and you pay only for the queries that you run.
Amazon EMR
Amazon EMR provides a managed Hadoop framework that makes it easy, fast, and
cost-effective to process vast amounts of data across dynamically scalable Amazon EC2
instances. You can also run other popular distributed frameworks such as Apache
Spark, HBase, Presto, and Flink in Amazon EMR, and interact with data in other AWS
data stores such as Amazon S3 and Amazon DynamoDB.
Amazon Elasticsearch Service
Amazon Elasticsearch Service makes it easy to deploy, secure, operate, and scale
Elasticsearch to search, analyze, and visualize data in real-time.
Amazon Kinesis
Amazon Kinesis makes it easy to collect, process, and analyze real-time, streaming data
so you can get timely insights and react quickly to new information.
Amazon Redshift
Amazon Redshift is a fast, scalable data warehouse that makes it simple and costeffective to analyze all your data across your data warehouse and data lake.
Amazon QuickSight
Amazon QuickSight is a fast, cloud-powered business intelligence (BI) service that
makes it easy for you to deliver insights to everyone in your organization. QuickSight
lets you create and publish interactive dashboards that can be accessed from browsers
or mobile devices.
AWS Data Pipeline
AWS Data Pipeline is a web service that helps you reliably process and move data
between different AWS compute and storage services, as well as on-premises data
sources, at specified intervals.
AWS Glue
AWS Glue is a fully managed extract, transform, and load (ETL) service that makes it
easy for customers to prepare and load their data for analytics.
AWS Lake Formation
AWS Lake Formation is a service that makes it easy to set up a secure data lake in days.
A data lake is a centralized, curated, and secured repository that stores all your data,
both in its original form and prepared for analysis.
Amazon Managed Streaming for Kafka (MSK)
Amazon Managed Streaming for Kafka (Amazon MSK) is a fully managed service that
makes it easy for you to build and run applications that use Apache Kafka to process
streaming data. A
AWS Step Functions
AWS Step Functions lets you coordinate multiple AWS services into serverless
workflows so you can build and update apps quickly.
Amazon MQ
Amazon MQ is a managed message broker service for Apache ActiveMQ that makes it
easy to set up and operate message brokers in the cloud.
Amazon SQS
Amazon Simple Queue Service (Amazon SQS) is a fully managed message queuing
service that enables you to decouple and scale microservices, distributed systems, and
serverless applications.
Amazon SNS
Amazon Simple Notification Service (Amazon SNS) is a highly available, durable, secure,
fully managed pub/sub messaging service that enables you to decouple microservices,
distributed systems, and serverless applications.
Amazon SWF
Amazon Simple Workflow (Amazon SWF) helps developers build, run, and scale
background jobs that have parallel or sequential steps. You can think of Amazon SWF
as a fully-managed state tracker and task coordinator in the cloud.
Amazon Sumerian
Amazon Sumerian lets you create and run virtual reality (VR), augmented reality (AR),
and 3D applications quickly and easily without requiring any specialized programming
or 3D graphics expertise.
AWS Cost Explorer
AWS Cost Explorer has an easy-to-use interface that lets you visualize, understand, and
manage your AWS costs and usage over time
AWS Budgets
AWS Budgets gives you the ability to set custom budgets that alert you when your
costs or usage exceed (or are forecasted to exceed) your budgeted amount.
AWS Cost & Usage Report
The AWS Cost & Usage Report is a single location for accessing comprehensive
information about your AWS costs and usage
Reserved Instance (RI) Reporting
AWS provides a number of RI-specific cost management solutions out-of-the-box to
help you better understand and manage your RIs.
Amazon Managed Blockchain
Amazon Managed Blockchain is a fully managed service that makes it easy to create
and manage scalable blockchain networks using the popular open source frameworks
Hyperledger Fabric and Ethereum.
Alexa for Business
Alexa for Business is a service that enables organizations and employees to use Alexa
to get more work done.
Amazon WorkDocs
Amazon WorkDocs is a fully managed, secure enterprise storage and sharing service
with strong administrative controls and feedback capabilities that improve user
productivity.
Amazon WorkMail
Amazon WorkMail is a secure, managed business email and calendar service with
support for existing desktop and mobile email client applications.
Amazon Chime
Amazon Chime is a communications service that transforms online meetings with a
secure, easy-to-use application that you can trust. Amazon Chime works seamlessly
across your devices so that you can stay connected
Amazon EC2
Amazon Elastic Compute Cloud (Amazon EC2) is a web service that provides secure,
resizable compute capacity in the cloud. It is designed to make web-scale computing
easier for developers.
EC2 Instance types
- On-Demand Instances
- Reserved Instances
- Spot Instances
Amazon EC2 Auto Scaling
Amazon EC2 Auto Scaling helps you maintain application availability and allows you to
automatically add or remove EC2 instances according to conditions you define
Amazon Elastic Container Registry
Amazon Elastic Container Registry (Amazon ECR) is a fully-managed Docker container
registry that makes it easy for developers to store, manage, and deploy Docker
container images
Amazon Elastic Container Service
Amazon Elastic Container Service (Amazon ECS) is a highly scalable, high-performance
container orchestration service that supports Docker containers and allows you to
easily run and scale containerized applications on AWS.
Amazon Elastic Container Service for Kubernetes
Amazon Elastic Container Service for Kubernetes (Amazon EKS) makes it easy to
deploy, manage, and scale containerized applications using Kubernetes on AWS
Amazon Lightsail
Amazon Lightsail is designed to be the easiest way to launch and manage a virtual
private server with AWS. Lightsail plans include everything you need to jumpstart your
project – a virtual machine, SSD- based storage, data transfer, DNS management, and a
static IP address – for a low, predictable price.
AWS Batch
AWS Batch enables developers, scientists, and engineers to easily and efficiently run
hundreds of thousands of batch computing jobs on AWS.
AWS Elastic Beanstalk
AWS Elastic Beanstalk is an easy-to-use service for deploying and scaling web
applications and services developed with Java, .NET, PHP, Node.js, Python, Ruby, Go,
and Docker on familiar servers such as Apache, Nginx, Passenger, and Internet
Information Services (IIS).
AWS Fargate
AWS Fargate is a compute engine for Amazon ECS that allows you to
run containers without having to manage servers or clusters.
AWS Lambda
AWS Lambda lets you run code without provisioning or managing servers. You pay only
for the compute time you consume—there is no charge when your code is not
running.
AWS Serverless Application Repository
The AWS Serverless Application Repository enables you to quickly deploy code
samples, components, and complete applications for common use cases such as web
and mobile back-ends, event and data processing, logging, monitoring, IoT, and more.
AWS Storage Gateway
AWS Storage Gateway is a hybrid storage service that enables your on-premises
applications to seamlessly use AWS cloud storage.
Amazon S3 Glacier
Amazon S3 Glacier is a secure, durable, and extremely low-cost storage service for
data archiving and long-term backup
Amazon Elastic File System
Amazon Elastic File System (Amazon EFS) provides a simple, scalable, elastic file system
for Linux-based workloads for use with AWS Cloud services and on-premises resources.
Amazon EFS is a regional service storing data within and across
multiple Availability Zones (AZs) for high availability and durability. You can access your
file systems across AZs and regions and share files between thousands of Amazon EC2
instances and on-premises servers via AWS Direct Connect or AWS VPN.
Amazon Elastic Block Store
Amazon Elastic Block Store (Amazon EBS) provides persistent block storage volumes
for use with Amazon EC2 instances in the AWS Cloud.
Amazon S3
Amazon Simple Storage Service (Amazon S3) is an object storage service that offers
industry-leading scalability, data availability, security, and performance.
AWS WAF
AWS WAF is a web application firewall that helps protect your web applications from
common web exploits that could affect application availability, compromise security,
or consume excessive resources.
AWS Single Sign-On (SSO)
AWS Single Sign-On (SSO) is a cloud SSO service that makes it easy to centrally manage
SSO access to multiple AWS accounts and business applications
AWS Shield
AWS Shield is a managed Distributed Denial of Service (DDoS) protection service that
safeguards web applications running on AWS.
AWS Secrets Manager
AWS Secrets Manager helps you protect secrets needed to access your applications,
services, and IT resources. The service enables you to easily rotate, manage, and
retrieve database credentials, API keys, and other secrets throughout their lifecycle.
AWS Organizations
AWS Organizations has four main benefits:
1) Centrally manage access polices across multiple AWS accounts.
2) Automate AWS account creation and management.
3) Control access to AWS services
4) Consolidate billing across multiple AWS accounts.
AWS Key Management Service
AWS Key Management Service (KMS) makes it easy for you to create and manage keys
and control the use of encryption across a wide range of AWS services and in your
applications.
AWS Firewall Manager
AWS Firewall Manager is a security management service that makes it easier to
centrally configure and manage AWS WAF rules across your accounts and applications.
AWS Directory Service
AWS Directory Service for Microsoft Active Directory, also known as AWS Managed
Microsoft AD, enables your directory-aware workloads and AWS resources to use
managed Active Directory in the AWS Cloud.
AWS CloudHSM
AWS CloudHSM is a cloud-based hardware security module (HSM) that enables you to
easily generate and use your own encryption keys on the AWS Cloud.
AWS Certificate Manager
AWS Certificate Manager is a service that lets you easily provision, manage, and deploy
Secure Sockets Layer/Transport Layer Security (SSL/TLS) certificates for use with AWS
services and your internal connected resources and establish the identity of websites over the Internet as well as resources on private networks.
AWS Artifact
AWS Artifact is your go-to, central resource for compliance-related information that
matters to you. It provides on-demand access to AWS’ security and compliance reports
and select online agreements.
Amazon Macie
Amazon Macie is a security service that uses machine learning to automatically
discover, classify, and protect sensitive data in AWS.
Amazon Inspector
Amazon Inspector is an automated security assessment service that helps improve the
security and compliance of applications deployed on AWS. Amazon Inspector
automatically assesses applications for exposure, vulnerabilities, and deviations from
best practices.
Amazon GuardDuty
Amazon GuardDuty is a threat detection service that continuously monitors for
malicious or unauthorized behavior to help you protect your AWS accounts and
workloads. It monitors for activity such as unusual API calls or potentially unauthorized
deployments that indicate a possible account compromise. GuardDuty also detects
potentially compromised instances or reconnaissance by attackers.
AWS Identity and Access Management
AWS Identity and Access Management (IAM) enables you to securely control access to
AWS services and resources for your users. Using IAM, you can create and manage
AWS users and groups, and use permissions to allow and deny their access to AWS
resources.
Amazon Cloud Directory
Amazon Cloud Directory enables you to build flexible, cloud-native directories for
organizing hierarchies of data along multiple dimensions. With Cloud Directory, you
can create directories for a variety of use cases, such as organizational charts, course
catalogs, and device registries.
AWS Security Hub
AWS Security Hub gives you a comprehensive view of your high-priority security alerts
and compliance status across AWS accounts
AWS Ground Station
AWS Ground Station is a fully managed service that lets you control satellite
communications, downlink and process satellite data, and scale your satellite
operations quickly, easily and cost-effectively without having to worry about building
or managing your own ground station infrastructure
AWS RoboMaker
AWS RoboMaker is a service that makes it easy to develop, test, and deploy intelligent
robotics applications at scale.
Elastic Load Balancing
Elastic Load Balancing (ELB) automatically distributes incoming application traffic
across multiple targets, such as Amazon EC2 instances, containers, and IP addresses.
AWS Cloud Map
AWS Cloud Map is a cloud resource discovery service. With Cloud Map, you can define
custom names for your application resources, and it maintains the updated location of
these dynamically changing resources. This increases your application availability
because your web service always discovers the most up-to-date locations of its
resources.
AWS App Mesh
AWS App Mesh makes it easy to monitor and control microservices running on AWS.
App Mesh standardizes how your microservices communicate, giving you end-to-end
visibility and helping to ensure high-availability for your applications.
AWS Transit Gateway
AWS Transit Gateway is a service that enables customers to connect their Amazon
Virtual Private Clouds (VPCs) and their on-premises networks to a single gateway
Amazon API Gateway
Amazon API Gateway is a fully managed service that makes it easy for developers to
create, publish, maintain, monitor, and secure APIs at any scale.
AWS Global Accelerator
AWS Global Accelerator is a networking service that improves the availability and
performance of the applications that you offer to your global users
AWS Direct Connect
AWS Direct Connect makes it easy to establish a dedicated network connection from
your premises to AWS.
AWS PrivateLink
AWS PrivateLink simplifies the security of data shared with cloud-based applications by
eliminating the exposure of data to the public Internet.
Amazon Route 53
Amazon Route 53 is a highly available and scalable cloud Domain Name System (DNS)
web service.
Amazon CloudFront
Amazon CloudFront is a fast content delivery network (CDN) service that securely
delivers data, videos, applications, and APIs to customers globally with low latency,
high transfer speeds, all within a developer-friendly environment.
Amazon VPC
Amazon Virtual Private Cloud (Amazon VPC) lets you provision a logically isolated
section of the AWS Cloud where you can launch AWS resources in a virtual network
that you define.
AWS AppSync
AWS AppSync
AWS AppSync is a serverless back-end for mobile, web, and enterprise applications.
AWS Device Farm
AWS Device Farm is an app testing service that lets you test and interact with your
Android, iOS, and web apps on many devices at once, or reproduce issues on a device
in real time.
Amazon Pinpoint
Amazon Pinpoint makes it easy to send targeted messages to your customers through
multiple engagement channels.
Amazon Cognito
Amazon Cognito lets you add user sign-up, sign-in, and access control to your web and
mobile apps quickly and easily. With Amazon Cognito, you also have the option to
Amazon Web Services – Overview of Amazon Web Services
Page 63
authenticate users through social identity providers such as Facebook, Twitter, or
Amazon, with SAML identity solutions, or by using your own identity system
AWS Amplify
AWS Amplify makes it easy to create, configure, and implement scalable mobile
applications powered by AWS.
AWS Transfer for SFTP
AWS Transfer for SFTP is a fully managed service that enables the transfer of files
directly into and out of Amazon S3 using the Secure File Transfer Protocol (SFTP)—also
known as Secure Shell (SSH) File Transfer Protocol.
AWS DataSync
AWS DataSync is a data transfer service that makes it easy for you to automate moving
data between on-premises storage and Amazon S3 or Amazon Elastic File System
(Amazon EFS).
AWS Snowmobile
AWS Snowmobile is an exabyte-scale data transfer service used to move extremely
large amounts of data to AWS. You can transfer up to 100 PB per Snowmobile, a 45-
foot long ruggedized shipping container, pulled by a semi-trailer truck.
AWS Snowball Edge
AWS Snowball Edge is a data migration and edge computing device that comes in two
options: Storage Optimized (well suited for local storage and large scale data transfer) and Compute Optimized (for use cases such as
advanced machine learning and full motion video analysis in disconnected
environments)
AWS Snowball
AWS Snowball is a petabyte-scale data transport solution that uses secure appliances
to transfer large amounts of data into and out of AWS.
AWS Server Migration Service
AWS Server Migration Service (SMS) is an agentless service which makes it easier and
faster for you to migrate thousands of on-premises workloads to AWS.
AWS Database Migration Service
AWS Database Migration Service helps you migrate databases to AWS easily and
securely. The source database remains fully operational during the migration,
minimizing downtime to applications that rely on the database.
AWS Application Discovery Service
AWS Application Discovery Service helps enterprise customers plan migration projects
by gathering information about their on-premises data centers. AWS Application Discovery Service collects
and presents configuration, usage, and behavior data from your servers to help you
better understand your workloads.
AWS Migration Hub
AWS Migration Hub provides a single location to track the progress of application
migrations across multiple AWS and partner solutions.
AWS Elemental MediaTailor
AWS Elemental MediaTailor lets video providers insert individually targeted advertising
into their video streams without sacrificing broadcast-level quality-of-service
AWS Elemental MediaStore
AWS Elemental MediaStore is an AWS storage service optimized for media. It gives you
the performance, consistency, and low latency required to deliver live streaming video
content.
AWS Elemental MediaPackage
AWS Elemental MediaPackage reliably prepares and protects your video for delivery
over the Internet.
AWS Elemental MediaLive
AWS Elemental MediaLive is a broadcast-grade live video processing service. It lets you
create high-quality video streams for delivery to broadcast televisions and internetconnected multiscreen devices, like connected TVs, tablets, smart phones, and set-top
boxes.
AWS Elemental MediaConvert
AWS Elemental MediaConvert is a file-based video transcoding service with broadcastgrade features. It allows you to easily create video-on-demand (VOD) content for
broadcast and multiscreen delivery at scale.
AWS Elemental MediaConnect
AWS Elemental MediaConnect is a high-quality transport service for live video. Today,
broadcasters and content owners rely on satellite networks or fiber connections to
send their high-value content into the cloud or to transmit it to partners for
distribution.
Amazon Elastic Transcoder
Amazon Elastic Transcoder is media transcoding in the cloud. It is designed to be a
highly scalable, easy- to-use, and cost-effective way for developers and businesses to
convert (or transcode) media files from their source format into versions that will play
back on devices like smartphones, tablets, and PCs.
AWS Well-Architected Tool
The AWS Well-Architected Tool helps you review the state of your workloads and
compares them to the latest AWS architectural best practices.
AWS License Manager
AWS License Manager makes it easier to manage licenses in AWS and on-premises
servers from software vendors such as Microsoft, SAP, Oracle, and IBM.
The AWS Console Mobile Application
The AWS Console Mobile Application lets customers view and manage a select set of
resources to support incident response while on-the-go.
AWS Managed Services
AWS Managed Services provides ongoing management of your AWS infrastructure so
you can focus on your applications
AWS Personal Health Dashboard
AWS Personal Health Dashboard provides alerts and remediation guidance when AWS
is experiencing events that might affect you. While the Service Health Dashboard
displays the general status of AWS services, Personal Health Dashboard gives you a
personalized view into the performance and availability of the AWS services underlying
your AWS resources.
AWS Trusted Advisor
AWS Trusted Advisor is an online resource to help you reduce cost, increase
performance, and improve security by optimizing your AWS environment.
AWS OpsWorks
AWS OpsWorks is a configuration management service that provides managed
instances of Chef and Puppet. Chef and Puppet are automation platforms that allow
you to use code to automate the configurations of your servers.
AWS Config
AWS Config is a fully managed service that provides you with an AWS resource
inventory, configuration history, and configuration change notifications to enable
security and governance
AWS CloudTrail
AWS CloudTrail is a web service that records AWS API calls for your account and
delivers log files to you. The recorded information includes the identity of the API
caller, the time of the API call, the source IP address of the API caller, the request
parameters, and the response elements returned by the AWS service.
AWS CloudFormation
AWS CloudFormation gives developers and systems administrators an easy way to
create and manage a collection of related AWS resources, provisioning and updating
them in an orderly and predictable fashion.
AWS Systems Manager
AWS Systems Manager gives you visibility and control of your infrastructure on AWS.
Systems Manager provides a unified user interface so you can view operational data
from multiple AWS services and allows you to automate operational tasks across your
AWS resources.
AWS Control Tower
AWS Control Tower automates the set-up of a baseline environment, or landing zone,
that is a secure, well-architected multi-account AWS environment.
AWS Auto Scaling
AWS Auto Scaling monitors your applications and automatically adjusts capacity to
maintain steady, predictable performance at the lowest possible cost.
Amazon CloudWatch
Amazon CloudWatch is a monitoring and management service built for developers,
system operators, site reliability engineers (SRE), and IT managers.
AWS Inferentia
AWS Inferentia is a machine learning inference chip designed to deliver high
performance at low cost.
The AWS Deep Learning AMI
The AWS Deep Learning AMIs provide machine learning practitioners and researchers
with the infrastructure and tools to accelerate deep learning in the cloud, at any scale.
AWS DeepLens
AWS DeepLens helps put deep learning in the hands of developers, literally, with a
fully programmable video camera, tutorials, code, and pre-trained models designed to
expand deep learning skills.
Amazon Personalize
Amazon Personalize is a machine learning service that makes it easy for developers to
create individualized recommendations for customers using their applications.
Amazon Textract
Amazon Textract is a service that automatically extracts text and data from scanned
documents. Amazon Textract goes beyond simple optical character recognition (OCR)
to also identify the contents of fields in forms and information stored in tables.
Amazon Forecast
Amazon Forecast is a fully managed service that uses machine learning to deliver
highly accurate forecasts.
Amazon Transcribe
Amazon Transcribe is an automatic speech recognition (ASR) service that makes it easy
for developers to add speech-to-text capability to their applications
Amazon Translate
Amazon Translate is a neural machine translation service that delivers fast, highquality, and affordable language translation
Amazon Rekognition
Amazon Rekognition is a service that makes it easy to add image analysis to your
applications. With Rekognition, you can detect objects, scenes, and faces in images.
Amazon Polly
Amazon Polly is a service that turns text into lifelike speech. Polly lets you create
applications that talk, enabling you to build entirely new categories of speech-enabled
products.
Amazon Lex
Amazon Lex is a service for building conversational interfaces into any application
using voice and text. Lex enables you to
build applications with highly engaging user experiences and lifelike conversational
interactions.
Amazon Comprehend
Amazon Comprehend is a natural language processing (NLP) service that uses machine
learning to find insights and relationships in text. No machine learning experience
required.
Amazon SageMaker
Amazon SageMaker is a fully-managed platform that enables developers and data
scientists to quickly and easily build, train, and deploy machine learning models at any
scale. Amazon SageMaker removes all the barriers that typically slow down developers
who want to use machine learning.
AWS Partner Device Catalog
The AWS Partner Device Catalog helps you find devices and hardware to help you
explore, build, and go to market with your IoT solutions.
AWS IoT Things Graph
AWS IoT Things Graph is a service that makes it easy to visually connect different
devices and web services to build IoT applications.
AWS IoT SiteWise
AWS IoT SiteWise is a managed service that makes it easy to collect and organize data
from industrial equipment at scale
AWS IoT Device Management
AWS IoT Device Management makes it easy to securely onboard, organize, monitor,
and remotely manage IoT devices at scale.
AWS IoT Device Defender
AWS IoT Device Defender is a fully managed service that helps you secure your fleet of
IoT devices.
AWS IoT Button
The AWS IoT Button is a programmable button based on the Amazon Dash Button
hardware. This simple Wi-Fi device is easy to configure, and it’s designed for
developers to get started with AWS IoT Core, AWS Lambda, Amazon DynamoDB,
Amazon SNS, and many other Amazon Web Services without writing device-specific
code.
AWS IoT Analytics
AWS IoT Analytics is a fully-managed service that makes it easy to run and
operationalize sophisticated analytics on massive volumes of IoT data without having
to worry about the cost and complexity typically required to build an IoT analytics
platform.
AWS IoT 1-Click
AWS IoT 1-Click is a service that enables simple devices to trigger AWS Lambda
functions that can execute an action.
AWS IoT Greengrass
AWS IoT Greengrass seamlessly extends AWS to devices so they can act locally on the
data they generate, while still using the cloud for management, analytics, and durable
storage.
Amazon Lumberyard
Amazon Lumberyard is a free, cross-platform, 3D game engine for you to create the
highest-quality games, connect your games to the vast compute and storage of the
AWS Cloud, and engage fans on Twitch.
Amazon GameLift
Amazon GameLift is a managed service for deploying, operating, and scaling dedicated
game servers for session-based multiplayer games.
AWS X-Ray
AWS X-Ray helps developers analyze and debug distributed applications in production
or under development, such as those built using a microservices architecture.
AWS Cloud9
AWS Cloud9 is a cloud-based integrated development environment (IDE) that lets you
write, run, and debug your code with just a browser. It includes a code editor,
debugger, and terminal.
AWS CodeStar
AWS CodeStar enables you to quickly develop, build, and deploy applications on AWS.
AWS CodeStar provides a unified user interface, enabling you to easily manage your
software development activities in one place.
AWS CodePipeline
AWS CodePipeline is a fully managed continuous delivery service that helps you
automate your release pipelines for fast and reliable application and infrastructure updates. CodePipeline automates the build, test, and deploy phases of your release
process every time there is a code change, based on the release model you define.
AWS CodeDeploy
AWS CodeDeploy is a service that automates code deployments to any instance,
including EC2 instances and instances running on premises.
AWS CodeBuild
AWS CodeBuild is a fully managed build service that compiles source code, runs tests,
and produces software packages that are ready to deploy.
AWS CodeCommit
AWS CodeCommit is a fully-managed source control service that hosts secure Gitbased repositories. It makes it easy for teams to collaborate on code in a secure and
highly scalable ecosystem.
Amazon AppStream 2.0
Amazon AppStream is a fully managed, secure application streaming service that allows you to stream desktop applications from AWS to any device running a web browser, without rewriting them
Amazon WorkSpaces
Amazon WorkSpaces is a fully managed, secure cloud desktop service. You can use
Amazon WorkSpaces to provision either Windows or Linux desktops in just a few
minutes and quickly scale to provide thousands of desktops to workers across the
globe
Amazon Timestream
Amazon Timestream is a fast, scalable, fully managed time series database service for
IoT and operational applications that makes it easy to store and analyze trillions of
events per day at 1/10th the cost of relational databases.
Amazon Quantum Ledger Database (QLDB)
Amazon QLDB is a fully managed ledger database that provides a transparent,
immutable, and cryptographically verifiable transaction log owned by a central trusted authority.
Amazon Neptune
Amazon Neptune is a fast, reliable, fully-managed graph database service that makes it
easy to build and run applications that work with highly connected datasets
Amazon ElastiCache
Amazon ElastiCache is a web service that makes it easy to deploy, operate, and scale
an in-memory cache in the cloud. The service improves the performance of web applications by allowing you to retrieve information from fast, managed, in-memory
caches, instead of relying entirely on slower disk-based databases. Redis and Memcache caching engines are supported
Amazon DynamoDB
Amazon DynamoDB is a key-value and document database that delivers single-digit
millisecond performance at any scale. It’s a fully managed, multiregion, multimaster
database with built-in security, backup and restore, and in-memory caching for
internet-scale applications.
Amazon Relational Database Service (Amazon RDS)
Amazon Relational Database Service (Amazon RDS) makes it easy to set up, operate,
and scale a relational database in the cloud.
Amazon Aurora
Amazon Aurora is a MySQL and PostgreSQL compatible relational database engine that
combines the speed and availability of high-end commercial databases with the
simplicity and cost-effectiveness of open source databases.
Amazon Simple Email Service (Amazon SES)
Amazon Simple Email Service (Amazon SES) is a cloud-based email sending service
designed to help digital marketers and application developers send marketing,
notification, and transactional emails.
Amazon Connect
Amazon Connect is a self-service, cloud-based contact center service that makes it
easy for any business to deliver better customer service at lower cost.
AWS Outposts
AWS Outposts bring native AWS services, infrastructure, and operating models to
virtually any data center, co-location space, or on-premises facility.
Pillars of well architectured framework
Cost of optimization Reliability Operational excellence Performance efficiency Security
AWS General Design Principles
Stop guessing your capacity needs (autoscaling)
Test systems at production scale (pay as you go test environments)
Automate to make architectural experimentation easier
Allow for evolutionary architecture
Drive architecure using data
Improve through game days
AWS Free Tier
Free tier offers for new customers and available for 12 months
EC2, RDS, S3, CloudFront
Free tier offers for all customers and do not expire after 12 months
DynamoDB, Glacier, Lambda
EC2 pricing
EC2 cost based on 1. number of hours 2. instance type 3. elastic load balancing 4. number of instances 5. pricing model Following don’t contribute to EC2 cost 1. CloudWatch (basic report) 2. Elastic IP 3. Autoscaling 4. Operating system
Lambda Pricing
- You are charged based on the number of requests for your functions and the time it takes for your code to execute
- The price depends on the amount of memory you allocate to your function.
- additional charges if your Lambda function uses other AWS services or transfers data
EBS Pricing
- Volume
- Snapshot
- Data transfer
S3 Pricing
S3 cost is based on
- Storage class
- Data transfer
- Storate
- Requests
RDS Pricing
1) Clock hours of server time: Resources incur charges when they are running—for example, from the time you launch a DB instance until you terminate it.
2) Database characteristics: The physical capacity of the database you choose will affect how much you are charged. Database characteristics vary depending on the database engine, size, and memory class.
3) Database purchase type: When you use On-Demand DB Instances, you pay for compute capacity for each hour your DB Instance runs, with no required minimum commitments. With Reserved DB Instances, you can make a low, one-time, upfront payment for each DB Instance you wish to reserve for a 1- or 3-year term.
4) Number of database instances: With Amazon RDS, you can provision multiple DB instances to handle peak loads.
5) Provisioned storage: There is no additional charge for backup storage of up to 100 percent of your provisioned database storage for an active DB Instance. After the DB Instance is terminated, backup storage is billed per GB per month.
6) Additional storage: The amount of backup storage in addition to the provisioned storage amount is billed per GB per month.
7) Requests: The number of input and output requests to the database.
8) Deployment type: You can deploy your DB Instance to a single Availability Zone (analogous to a standalone data center) or multiple Availability Zones (analogous to a secondary data center for enhanced availability and durability). Storage and I/O charges vary, depending on the number of Availability Zones you deploy to.
9) Data transfer: Inbound data transfer is free, and outbound data transfer costs are tiered.
DynamoDB Pricing
There is no additional charge for data transferred between Amazon DynamoDB and other Amazon Web Services within the same Region. Data transferred across Regions (e.g., between Amazon DynamoDB in the US East (Northern Virginia) Region and Amazon EC2 in the EU (Ireland) Region) will be charged on both sides of the transfer.
Cloudfront pricing
1) Traffic distribution: Data transfer and request pricing varies across geographic regions, and pricing is based on the edge location through which your content is served.
2) Requests: The number and type of requests (HTTP or HTTPS) made and the geographic region in which the requests are made.
3) Data transfer out: The amount of data transferred out of your Amazon CloudFront edge locations.
Amazon DynamoDB Reserved Capacity
If you can predict your need for Amazon DynamoDB read-and-write throughput, Reserved Capacity offers significant savings over the normal price of DynamoDB provisioned throughput capacity
Amazon ElastiCache Reserved Nodes
Amazon ElastiCache Reserved Nodes give you the option to make a low, one-time payment for each cache node you want to reserve and, in turn, receive a significant discount on the hourly charge for that node. Amazon
Amazon RDS Reserved instances
Like Amazon EC2 RIs, Amazon RDS RIs can be purchased using No Upfront, Partial Upfront, or All Upfront terms. All Reserved Instance types are available for Aurora, MySQL, MariaDB, PostgreSQL, Oracle, and SQL Server database engines.
AWS Managed Services
SQS S3 Amazon CloudFront for content delivery ELB for load balancing Amazon DynamoDB for NoSQL databases Amazon CloudSearch for search workloads Amazon Elastic Transcoder for video encoding Amazon Simple Email Service (Amazon SES) for sending and receiving emails
Edge Caching
Edge caching allows content to be served by infrastructure that is closer to viewers, which lowers latency and gives you the high, sustained data transfer rates necessary to deliver large popular objects to end users at scale.
Amazon DynamoDB Accelerator (DAX)
Amazon DynamoDB Accelerator (DAX) is a fully managed, highly available, in-memory cache for DynamoDB that delivers performance improvements from milliseconds to microseconds, for high throughput. DAX adds in-memory acceleration to your DynamoDB tables without requiring you to manage cache invalidation, data population, or cluster management.
Shuffle Sharding
One fault-isolating improvement you can make to traditional horizontal scaling is called sharding. Similar to the technique traditionally used with data storage systems, instead of spreading traffic from all customers across every node, you can group the instances into shards. For example, if you have eight instances for your service, you might create four shards of two instances each (two instances for some redundancy within each shard) and distribute each customer to a specific shard. In this way, you are able to reduce the impact on customers in direct proportion to the number of shards you have.
Security
Share Security Responsibility with AWS
Reduce Privileged Access
Security as code
Real-Time Auditing
design principles for operational excellence in the cloud
1- Perform operations as code
2- Annotated documentation
3- Make frequent, small, reversible changes
4- Refine operations procedures frequently.
5- Anticipate failure
6- Learn from all operational failures
Amazon DevPay
Amazon DevPay is a cloud-based billing and account management service that enables developers to collect payment for their AWS applications.
How to find paid AMI
You can find a paid AMI using the Amazon EC2 console, AWS Marketplace and AWS CLI.
What are tags
Tags are key-value pairs that allow you to organize your AWS resources into groups.
You can use tags to:
1- Visualize information about tagged resources in one place, in conjunction with Resource Groups.
2- View billing information using Cost Explorer and the AWS Cost and Usage report.
3- Send notifications about spending limits using AWS Budgets.
Reserved instance pricing
There are three types of EC2 reserved instances(RIs) that you can choose from based on your applications needs:
1- Standard RIs: These provide the most significant discount (up to 75% off On-Demand) and are best suited for steady-state usage.
2- Convertible RIs: These provide a discount (up to 54% off On-Demand) and the capability to change the attributes of the RI as long as the exchange results in the creation of Reserved Instances of equal or greater value. Like Standard RIs, Convertible RIs are best suited for steady-state usage.
3- Scheduled RIs: These are available to launch within the time windows you reserve. This option allows you to match your capacity reservation to a predictable recurring schedule that only requires a fraction of a day, a week, or a month.
Elastic Network Interface (ENI)
An elastic network interface (ENI) is a logical networking component in a VPC that represents a virtual network card.
AWS Professional Services
The AWS Professional Services organization is a global team of experts that can help you realize your desired business outcomes when using the AWS Cloud.
Amazon Kinesis Firehose
Amazon Kinesis Firehose allows you to ingest massive streams of data and store the data on Amazon S3 (as well as Amazon Redshift and Amazon Elasticsearch).
RDS read replicas
Read replicas are supported by MySQL, MariaDB, PostgreSQL, and Aurora.
Route 53 Routing policies
Simple routing policy – Use for a single resource that performs a given function for your domain, for example, a web server that serves content for the example.com website.
Failover routing policy – Use when you want to configure active-passive failover.
Geolocation routing policy – Use when you want to route traffic based on the location of your users.
Geoproximity routing policy – Use when you want to route traffic based on the location of your resources and, optionally, shift traffic from resources in one location to resources in another.
Latency routing policy – Use when you have resources in multiple AWS Regions and you want to route traffic to the region that provides the best latency.
Multivalue answer routing policy – Use when you want Route 53 to respond to DNS queries with up to eight healthy records selected at random.
Weighted routing policy – Use to route traffic to multiple resources in proportions that you specify.
AWS Security Token Service
The AWS Security Token Service (STS) is a web service that enables you to request temporary, limited-privilege credentials for AWS Identity and Access Management (IAM) users or for users that you authenticate
SQS Retention Period
Amazon SQS automatically deletes messages that have been in a queue for more than maximum message retention period. The default message retention period is 4 days. However, you can set the message retention period to a value from 60 seconds to 1,209,600 seconds (14 days) using the SetQueueAttributes action.
AWS Import/Export
data transport service used to move large amounts of data into and out of the Amazon Web Services public cloud using portable storage devices for transport. The service also enables a user to perform an export job from Amazon S3, but not from Amazon EBS or Glacier.
Route table
A route table contains a set of rules, called routes, that are used to determine where network traffic is directed.
Each subnet in your VPC must be associated with a route table; the table controls the routing for the subnet. A subnet can only be associated with one route table at a time, but you can associate multiple subnets with the same route table.
VPC Endpoint
An Amazon VPC endpoint enables you to create a private connection between your Amazon VPC and another AWS service without requiring access over the Internet or through a NAT device, VPN connection, or AWS Direct Connect.
