AWS Services Flashcards
AWS Trusted Advisor
Trusted Advisor checks security groups for rules that allow unrestricted access to a resource. Unrestricted access increases opportunities for malicious activity, such as hacking, denial-of-service attacks, or loss of data.
AWS Config
AWS Config continuously monitors and records changes to your AWS resources, but it does not identify security groups that allow unrestricted access.
Amazon CloudWatch
CloudWatch is a monitoring service that collects and tracks metrics for AWS resources. It does not identify security groups that allow unrestricted access.
AWS Cloud Trail
CloudTrail provides an audit record of API calls. It does not identify security groups that allow unrestricted access.
You can use CloudTrail to log, monitor and retain account activity related to actions across your AWS infrastructure. CloudTrail provides an event history of your AWS account activity, including actions taken through the AWS Management Console, AWS SDKs, command-line tools, and other AWS services.
AWS Cloud Map
AWS Cloud Map creates and maintains a map of backend services. AWS Cloud Map will not address governance or payment consolidation.
AWS Organizations
Organizations provides centralized governance and billing for an AWS environment, including multiple accounts.
AWS Systems Manager OpsCenter
OpsCenter provides a central location for IT professionals to view, investigate, and resolve operational work items. OpsCenter does not consolidate billing
AWS Billing and Cost Management
This solution consolidates the billing in a report, but it will work only for the individual accounts (without cross-account billing). This solution does not address central governance.
Amazon Inspector
Amazon Inspector is an automated security assessment service that helps improve the security and compliance of applications deployed on Amazon EC2 instances. Amazon Inspector does not perform S3 data classification and automatic discovery.
Amazon Macie
Macie is an automated security assessment service that helps improve the security and compliance of applications deployed on AWS.
Amazon GuardDuty
GuardDuty is a threat detection service that continuously monitors for malicious activity and unauthorized behavior to protect your AWS accounts and workloads. GuardDuty does not perform S3 data classification.
AWS Secrets Manager
Secrets Manager helps you protect secrets needed to access your applications, services, and IT resources. Secrets Manager does not perform S3 data classification and automatic discovery.
Amazon S3
Amazon S3 is an object storage service and a durable object storage service
AWS Elastic Beanstalk
Elastic Beanstalk is a service to deploy and scale web applications and services developed with common programming languages on automatically deployed infrastructure with capacity management, load balancing, auto scaling, and monitoring. Elastic Beanstalk makes it easier to provision and support an application. Elastic Beanstalk does not reduce website latency.
Amazon DynamoDB Accelerator (DAX)
DAX is used to reduce response times from a DynamoDB table from single-digit milliseconds to microseconds. DynamoDB tables cannot host static websites.
Amazon Route 53
Route 53 is a highly available and scalable DNS web service. The three main functions of Route 53 are registering domain names, routing internet traffic to the resources for your domain, and checking the health of those resources. Route 53 can direct traffic to S3 buckets.
Amazon CloudFront
CloudFront is a web service that speeds up the distribution of your static and dynamic web content, such as .html, .css, .js, and image files, to your users. Content is cached in edge locations. Content that is repeatedly accessed can be served from the edge locations instead of the source S3 bucket.
AWS Direct Connect
Direct Connect links your internal network to a Direct Connect location over a network connection. One end of the connection attaches to your on-premises router. The other end connects to a Direct Connect router. With this connection, you can bypass the ISPs in your network path. However, the company must use an existing internet connection in this scenario.
Amazon Connect
Amazon Connect is an omnichannel cloud contact center. Amazon Connect helps you provide customer service at a low cost. Amazon Connect uses an omnichannel design to provide a seamless experience across voice and chat for your customers and agents. Amazon Connect does not provide a network connection.
AWS Site-to-Site VPN
Site-to-Site VPN creates an encrypted network path between your on-premises network and your AWS Cloud network. This connection between your on-premises network and your AWS Cloud network uses the internet.
AWS Client VPN
Client VPN is a managed client-based VPN service that gives you the ability to securely access your AWS resources and the resources in your on-premises network. With Client VPN, you can access your resources from any location through an OpenVPN-based VPN client. You would use Client VPN to connect individual laptops to AWS, not an entire data center.
AWS CodeArtifact
CodeArtifact is a managed artifact repository service that stores and shares software that is ready for deployment. CodeArtifact is not a source code management service.
AWS CodeBuild
CodeBuild is a service that helps users to automatically compile source code, run unit tests, and produce software packages that are ready for deployment. CodeBuild is not a code management service.
AWS CodePipeline
CodePipeline is a service that manages the movement of code between the individual services. CodePipeline is not a source code storage service.
AWS CodeCommit
CodeCommit is a source code version control service. CodeCommit helps users store and manage developers’ source code in AWS.
AWS Global Accelerator
Global Accelerator is a networking service that improves the performance of your users’ network traffic by up to 60%. Global Accelerator uses the AWS global network infrastructure. Global Accelerator is not a relational database.
Amazon DynamoDB
DynamoDB is a fully managed NoSQL database service. DynamoDB provides fast and predictable performance with seamless scalability.
Amazon Aurora
Aurora is a MySQL- and PostgreSQL-compatible relational database built for the cloud. Aurora combines the performance and availability of traditional enterprise databases with the simplicity and cost-effectiveness of open source databases.
Amazon Elastic Block Store (EBS)
Amazon EBS is an easy-to-use, high-performance block-storage service. You can use Amazon EBS with Amazon EC2 for both throughput- and transaction-intensive workloads at any scale. You can run a database on Amazon EC2 instances and use Amazon EBS for the storage for that database. However, Amazon EBS by itself is not a relational databas
Amazon Transcribe
Amazon Transcribe is a service that uses machine learning to convert audio data to text. Amazon Transcribe is not a text-to-speech conversion service.
STT
Amazon Polly
Amazon Polly is a machine learning service that converts text to speech. This service provides the ability to read text out loud.
TTS
Amazon Translate
Amazon Translate is a machine learning language translation service. Amazon Translate is not a text-to-speech conversion service.
Amazon Textract
Amazon Textract is a machine learning service that can extract text from scanned documents. Amazon Textract is not a text-to-speech conversion service.
AWS Database Migration Service (DMS)
AWS DMS can be used to migrate data from an on-premises database to a database in AWS. However, AWS DMS does not migrate the actual server to an EC2 instance.
AWS Migration Hub
Migration Hub is a service that helps plan and track application migrations. Migration Hub does not perform system migrations.
AWS Application Migration Service (MGN)
AWS MGN is an automated lift-and-shift solution. This solution can migrate physical servers and any databases or applications that run on them to EC2 instances in AWS.