AWS Services Flashcards
Inspector
Inspects EC2 Instances
Network Assessments - Agentless
Host Assessments - With Agen (Installed on OS)
Macie
- Discovers & protects sensitive data in AWS
Think personal info. (PII)
GuardDuty
Threat detection
Analyse logs uses machine learning to detect threats.
Macie
Uses ML to find and protect sensitive data - PII
GuardDuty
Uses ML to analyse logs to detect an attack.
WAF - Web App Firewall
Web Exploits - Layer 7. App Load Balancer, API GW, CloudFront
Think SQL Injection & Cross-Site Scripting - XSS
Blacklist threats - Geo Match - Rate-based rules.
SSM Parameter Store
Store config & secrets. Can use KMS. CloudFormation Intergration.
Think encrypt parameters in Lambda.
Neptune
Graph database
Common uses-
Social Networking - Think likes & Comments
Step Functions
SWF - Simple WorkFlow
SF
State Machine, Workflow, Orchestrate Lambda funct. - Think Step Functions.
SWF - Now legacy unless external signals and child processes
AppSync
Store and sync data across web app and mobile apps
Uses GraphQL
Transit Gateway
Connects VPC’s and On-Prem networks
PrivateLink
Expose service to VPC e.g. MSP serving app in their VPC to customers VPC.
Resource Access Manager - RAM
Share AWS resources with other AWS accounts
Share VPC
AWS Transit GW
Route53 Resolver Rules
Licence Manager Configs
CloudTrail
Log events and API calls. Think audit, compliance and governance.
EventBridge
NextGen CloudWatch Events
Event Bus - AWS Events - CloudWatch Events
Partner Event Bus - Saas Providers can send events i.e. ZenDesk, DataDog
Custom Events - Custom application events.
Glue
ETL - Extract Transform Load
Data from S3/RDS to Glue for ETL then to RedShift Data Warehouse
OpenSearch/Elastic Search
Search any field for partial matches in databases
Secrets Manager
Store Secrets - Force rotation of secrets.
Integrated with RDS using KMS
DataSync
More large amounts of data from on-prem to AWS
The agent needs to be installed.
EMR - Elastic MapReduce
Analyse and process big data - Hadoop Clusters
Global Accelerator
Uses AWS network route to the application, reduces latency and hops to the destination
Uses AnyCast IP to work
SQS Long Polling
Enabled at queue lvl or API lvl using WaitTimeSeconds
Must be set to more than 0 and less than 20
AWS Config
Assess, Audit, Evaluate AWS resources.
e.g. Is there unrestricted SSH access to my security groups?
Per Region basis
Can have notifications sent to SNS
CloudWatch Metrics
EC2 Default - 5 mins
Detailed - 1 min
Custom Metrics -
RAM, Disk Metrics, In-Depth CPU, NetStat. Processes, Swap Space - Can be installed with SSM
SSD Uses & HDD Uses
SSD - small random I/O operations
HDD - large sequential I/O operations
Can EBS volumes be edited on the fly?
Yes
Geolocation Routing Policy vs Geoproximity
Geolocation - routes traffic based on the location of the users
Geoproximity - routes based on the location of resources
Simple, Step, Target Tracking & Scheduled Scaling
Simple - Relies on a metric e.g. CloudWatch alarm for CPU usage over 80%, must wait for the checks and cooldown to complete before scaling further.
Step - Improves simple, scaling happens in stages. It can continue to scale as it triggers more alarms.
Target Tracking - Allows specifying a scaling metric value that the ASG needs to stick to e.g. set the CPU limit to 80% and it will scale out AND in to keep it running at 80%
Scheduled - Set times in the day to scale in and out - Predict demand
