AWS Whitepaper Flashcards
What are the cloud computing models?
Infrastructure as a Service (IaaS)
Platform as a Service (PaaS)
Software as a Service (SaaS)
What is the AWS Shared Responsibility Model?
Customers are responsible for security in the cloud. - Data Configuration
AWS is responsible for security of the cloud. Hardware, Operation of Managed Services, Global Infrastructure.
What is SaaS?
End-user applications
Completed product that is run and managed by the service provider. Don’t worry about how the service is maintained
What is PaaS?
Removes the need for your organization to manage the underlying infrastructure usually hardware and operating systems.
Focus on deployment and management of your application. Don’t worry about provisioning, configuring or understanding the hardware or OS.
What is IaaS?
Contains the basic building blocks for cloud IT and typically provides access to networking features, computers (virtual or on dedicated hardware), and data storage space.
Similar to existing IT resources that many IT departments and developers are familiar with today.
How many countries and teritories does AWS have?
245
How many availability zones does AWS have?
81
How many regions does AWS have?
25
How many direct connect locations does AWS have?
108
How many local zones and wavelength zones does AWS have?
11 - local zones
17 - wavelength zones
How many points of presence does AWS have? How many of those are for edge locations and regional edge cache?
275
265 + for Edge Locations
13 + Regional Edge Cache
What are the Benefits of AWS Security?
- Keep Your Data Safe
- Meet Compliance Requirements
- Save Money
- Scale Quickly
A simple and intuitive user interface to manage the AWS services
AWS Management Console
With just one tool to download and configure, you can control multiple AWS services from the command line and automate them through scripts
AWS Command Line Interface
Simplify using AWS services in your applications with an Application Program Interface (API) tailored to your programming language or platform
Software Development Kits (SDKs)
An interactive query service that makes it easy to analyze data in Amazon S3 using standard SQL.
Amazon Athena
What is Amazon Athena integrated with?
Athena is out-of-the-box integrated with AWS Glue Data Catalog,
A managed service in the AWS Cloud that makes it simple and cost-effective to set up, manage, and scale a search solution for your website or application
Amazon CloudSearch
How many languages does AWS CloudSearch support?
34 languages
What is Amazon Elasticsearch Service?
Deploy, secure, operate, and scale Elasticsearch to search, analyze, and visualize data in real-time.
USE CASE: log analytics, full-text search, application monitoring, and clickstream analytics, with enterprise-grade availability, scalability, and security.
Industry-leading cloud big data platform for processing vast amounts of data using open source tools such as Apache Spark, Apache Hive, Apache HBase, Apache Flink, Apache Hudi, and Presto.
Amazon EMR
Run petabyte-scale analysis at less than half of the cost of traditional on-premises solutions and over 3x faster than standard Apache Spark.
Amazon EMR
A data management and analytics service purpose-built for the financial services industry (FSI)
Amazon FinSpace
What is AWS Kinesis?
Makes it easy to collect, process, and analyze real-time, streaming data so you can get timely insights and react quickly to new information
AWS Service that process and analyze data as it arrives and respond instantly instead of having to wait until all your data is collected before the processing can begin
Amazon Kinesis
What are the four services of AWS Kinesis?
Kinesis Data Firehose, Kinesis Data Analytics, Kinesis Data Streams, and Kinesis Video Streams
AWS Kinesis service: The easiest way to reliably load streaming data into data stores and analytics tools. It can capture, transform, and load streaming data into S3
Amazon Kinesis Data Firehose
AWS Kinesis service: Analyze streaming data, gain actionable insights, and respond to your business and customer needs in real-time
Amazon Kinesis Data Analytics
AWS Kinesis service: massively scalable and durable real-time data streaming service. Can continuously capture gigabytes of data per second from hundreds of thousands of sources such as website clickstreams, database event streams, financial transactions, social media feeds, IT logs, and location-tracking events.
Amazon Kinesis Data Streams
The data collected is available in milliseconds to enable real-time analytics use cases such as real-time dashboards, real-time anomaly detection, dynamic pricing, and more.
AWS Kinesis service: makes it easy to securely stream video from connected devices to AWS for analytics, machine learning (ML), playback, and other processing.
Amazon Kinesis Video Streams
What is AWS Redshift?
Most widely used cloud data warehouse. It makes it fast, simple and costeffective to analyze all your data using standard SQL and your existing Business Intelligence (BI) tools.
A fast, cloud-powered business intelligence (BI) service that makes it easy for you to deliver insights to everyone in your organization as receive answers in seconds through natural langauge queries and create and publish interactive dashboards that can be accessed from browsers or mobile devices.
Amazon QuickSight
What is AWS Data Exchange?
Makes it easy to find, subscribe to, and use third-party data in the cloud.
Qualified data providers include category-leading brands such as Reuters, who curate data from over 2.2 million unique news stories per year in multiple languages; Change Healthcare, who process and anonymize more than 14 billion healthcare transactions and $1 trillion in claims annually; Dun & Bradstreet, who maintain a database of more than 330 million global business records; and Foursquare, whose location data is derived from 220 million unique consumers and includes more than 60 million global commercial
venues
USE CASE: academic researchers can conduct studies on climate change by subscribing to data on carbon dioxide emissions; and healthcare professionals can subscribe to aggregated data from historical clinical trials to accelerate their research activities
A web service that helps you reliably process and move data between different AWS compute and storage services, as well as on-premises data sources, at specified intervals
AWS Data Pipeline
You can regularly access your data where it’s stored, transform and process it at scale, and efficiently transfer the results to AWS services
A fully managed extract, transform, and load (ETL) service that makes it easy for customers to prepare and load their data for analytics
AWS Glue
What is ETL?
Extract, Transform, Load
A service that makes it easy to set up a secure data lake in days.
AWS Lake Formation
What is a data lake?
Centralized, curated, and secured repository that stores all your data, both in its original form and prepared for analysis.
A fully managed service that makes it easy for you to build and run applications that use Apache Kafka to process streaming data.
Amazon Managed Streaming for Apache Kafka (Amazon MSK)
What is Apache Kafka?
Open-source platform for building real-time streaming data pipelines and applications.
Fully managed service that makes it easy to coordinate the components of distributed applications and microservices using visual workflows.
A reliable way to coordinate components and step through the functions of your application. Provides a graphical console to arrange and visualize the components of your application as a series of steps.
AWS Step Functions
Keyword: Series of steps
What is AWS AppFlow?
Fully managed integration service that enables you to securely transfer data between Software-as-a-Service (SaaS) applications
A serverless event bus that makes it easier to build event-driven applications at scale using events generated from your applications, integrated Software-as-a-Service (SaaS) applications, and AWS services. Delivers a stream of real-time data from event sources.
Amazon EventBridge
A managed orchestration service for Apache Airflow that makes it easier to set up and operate end-to-end data pipelines in the cloud at scale
Amazon Managed Workflows for Apache Airflow (MWAA)
An open-source tool used to programmatically author, schedule, and monitor sequences of processes and tasks referred to as “workflows.”
Apache Airflow
A managed message broker service for Apache ActiveMQ and RabbitMQ that makes it easy to set up and operate message brokers in the cloud
Amazon MQ
Allow different software systems–often using different programming languages, and on different platforms–to communicate
and exchange information.
Message brokers
Highly available, durable, secure, fully managed pub/sub messaging service that enables you to decouple microservices, distributed systems, and serverless applications. Can be used to fan out notifications to end users using mobile push, SMS, and email.
Amazon Simple Notification Service
A fully managed message queuing service that enables you to decouple and scale microservices, distributed systems, and serverless applications
Amazon Simple Queue Service
What are the types of message queue in AMAZON SQS? Differentiate them.
Standard queues offer maximum throughput, best-effort ordering, and at-least-once delivery.
SQS FIFO queues are designed to guarantee that messages are
processed exactly once, in the exact order that they are sent.
Helps developers build, run, and scale background jobs that have parallel or sequential steps. A fully-managed state tracker and task coordinator in the cloud.
Amazon Simple Workflow Service
What is AWS Sumerian?
Create and run virtual reality (VR), augmented reality (AR), and 3D applications quickly and easily without requiring any specialized programming or 3D graphics expertise.
Fully managed service that makes it easy to create and manage scalable blockchain networks using the popular open source frameworks Hyperledger Fabric and
Ethereum.
Amazon Managed Blockchain
AWS service that enables organizations and employees to use Alexa to get more work done.
Alexa for Business
What is AWS Chime?
Communications service that transforms online meetings with a secure, easy-to-use application that you can trust.
Use case: online meetings, video conferencing, calls, chat
A cost-effective, flexible, and scalable email service that enables developers to send mail from within any application.
Amazon SES
Fully managed, secure enterprise storage and sharing service with strong administrative controls and feedback capabilities that improve user productivity.
Amazon WorkDocs
Users can comment on files, send them to others for feedback, and upload new versions without having to resort to emailing multiple versions of their files as attachments.
What is AWS WorkMail?
A secure, managed business email and calendar service with support for existing desktop and mobile email client applications.
Provides you the ability to track the consumption of shared AWS resources used by software applications and report granular cost breakdown across tenant base.
AWS Application Cost Profiler
Easy-to-use interface that lets you visualize, understand, and manage your AWS costs and usage over time.
AWS Cost Explorer
Set custom budgets that alert you when your costs or usage exceed (or are forecasted to exceed) your budgeted amount
AWS Budgets
Budgets can be tracked at the monthly, quarterly, or yearly level.
What is AWS Cost & Usage Report?
A single location for accessing comprehensive information about your AWS costs and usage
Helps you better understand and manage your RIs, you can visualize your RI data at an aggregate level or inspect a particular RI subscription
Reserved Instance (RI) Reporting
Flexible pricing model offering lower prices compared to On-Demand pricing
Savings Plans
Three types of Savings plan used by AWS
Compute Savings Plans, EC2 Instance Savings Plans, and Amazon SageMaker Savings Plans
A web service that provides secure, resizable compute capacity in the cloud. It is designed to make web-scale computing easier for developers.
Amazon EC2
Helps you maintain application availability and allows you to automatically add or remove EC2 instances according to conditions you define
Amazon EC2 Auto Scaling
Types of scaling features of AWS EC2 Auto Scaling?
Dynamic scaling and predictive scaling.
- can be used together to scale faster
Difference between Dynamic scaling and predictive scaling on AWS EC2 Scaling?
Dynamic scaling responds to changing demand and predictive scaling automatically schedules the right number of EC2 instances based on predicted demand
Simplifies the building, testing, and deployment of Virtual Machine and container images for use on AWS or on-premises
Amazon EC2 Image Builder
Designed to be the easiest way to launch and manage a virtual private server
Amazon Lightsail
Fully managed service that makes it easy for developers to quickly deploy containerized web applications and APIs, automatically builds and deploys the web application and load balances traffic with encryption
AWS App Runner
Enables developers, scientists, and engineers to easily and efficiently run hundreds of thousands of batch computing jobs on AWS.
AWS Batch
Easy-to-use service for deploying and scaling web applications and services developed with Java, .NET, PHP, Node.js, Python, Ruby, Go, and Docker on familiar servers such as Apache, Nginx, Passenger, and Internet Information Services (IIS)
AWS Elastic Beanstalk
AWS service that lets you upload a code and it will automatically handle the deployment, from capacity provisioning, load balancing, and auto-scaling to application health monitoring.
AWS Elastic Beanstalk
What is AWS Fargate?
Compute engine for Amazon ECS that allows you to run containers without having to manage servers or clusters.
Two modes of Elastic Container Service (ECS)? Differentiate them.
Fargate launch type and EC2 launch type.
With Fargate launch type, all you have to do is package your application in containers, specify the CPU and memory requirements. define networking and IAM policies, and launch the application.
EC2 launch type allows you to have server-level, more granular control over the infrastructure that runs your container applications.
Lets you run code without provisioning or managing servers. You pay only for the compute time you consume
AWS Lambda
Quickly deploy code samples, components, and complete applications for common use cases such as web and mobile back-ends, event and data
processing, logging, monitoring, IoT, and more.
AWS Serverless Application Repository
Bring native AWS services, infrastructure, and operating models to virtually any data center, co-location space, or on-premises facility.
AWS Outposts
Two variants of AWS Outposts? Differentiate them.
1) VMware Cloud on AWS Outposts allows you to use the same VMware control plane and APIs you use to run your infrastructure
2) AWS native variant of AWS Outposts allows you to use the same exact APIs and control plane you use to run in the AWS cloud, but on-premises
An AWS Infrastructure offering optimized for mobile edge computing applications.
AWS Wavelength
Embed AWS compute and storage services within communications service providers’ (CSP) data centers at the edge of the 5G network, so application traffic from 5G devices can reach application servers running in Wavelength Zones without leaving the telecommunications network.
An integrated cloud offering jointly developed by AWS and VMware delivering a highly scalable, secure and innovative service that allows organizations to seamlessly migrate and extend their on-premises VMware vSphere-based environments to the AWS Cloud running on next-generation
Amazon Elastic Compute Cloud (Amazon EC2) bare metal infrastructure.
VMware Cloud on AWS
Use case: ideal for enterprise IT infrastructure and operations organizations looking to migrate their on-premises vSphere-based workloads to the public cloud, consolidate and extend their data center capacities, and optimize, simplify and modernize their disaster recovery solutions
Self-service, omnichannel cloud contact center service that makes it easy for any business to deliver better customer service at lower cost.
Amazon Connect
A fully-managed Docker container registry that makes it easy for developers to store, manage, and deploy Docker container images.
Amazon Elastic Container Registry
A highly scalable, high-performance container orchestration service that supports Docker containers and allows you to easily run and scale containerized applications on AWS.
Amazon Elastic Container Service
What is Amazon Elastic Kubernetes Service?
Makes it easy to deploy, manage, and scale containerized applications using Kubernetes on AWS
A command-line tool for modernizing .NET and Java applications into containerized applications. It analyzes and builds an inventory of all applications running in virtual machines, on-premises, or in the cloud.
AWS App2Container
AWS service that provides an integrated experience to use OpenShift.
Red Hat OpenShift Service on AWSR (ROSA)
A MySQL and PostgreSQL compatible relational database engine that combines the speed and availability of high-end commercial databases with the simplicity and cost-effectiveness of open source databases
Amazon Aurora
Amazon Aurora is up to ____ faster than standard MySQL databases and _____ faster than standard PostgreSQL databases.
Five times faster than standard MySQL databases and three times faster than standard PostgreSQL databases.
Amazon Aurora features a distributed, fault-tolerant, self-healing storage system that auto-scales up to ____ per database instance. It delivers high performance and availability with up to ______ read replicas, point-in-time recovery, continuous backup to Amazon S3, and replication across _____ Availability Zones (AZs)
Amazon Aurora features a distributed, fault-tolerant, self-healing storage system that auto-scales up to 128TB per database instance. It delivers high performance and availability with up to 15 low-latency read replicas, point-in-time recovery, continuous backup to Amazon S3, and replication across three (3) Availability Zones (AZs)
A key-value and document database that delivers single-digit millisecond performance at any scale, can handle more than 10 trillion requests per day and support peaks of more than 20 million requests per second.
Amazon DynamoDB
A web service that makes it easy to deploy, operate, and scale an in-memory cache in the cloud.
Amazon ElastiCache
Open-source in-memory caching engines that AWS ElastiCache supports? Differentiate them
Redis - a fast, open-source, in-memory key-value data store for use as a database, cache, message broker, and queue.
Memcached - a widely adopted memory object caching system. ElastiCache for Memcached is protocol compliant with Memcached.
An AWS service that is scalable, highly available, and managed Apache Cassandra–compatible database service
Amazon Keyspaces (for Apache Cassandra)
Fast, reliable, fully-managed graph database service that makes it easy to build and run applications that work with highly connected datasets.
Amazon Neptune
USE Cases: recommendation engines, fraud detection, knowledge graphs, drug discovery, and network security.
Makes it easy to set up, operate, and scale a relational database in the cloud.
Amazon Relational Database Service
How do you easily migrate or replicate your existing databases to Amazon RDS?
Use the AWS Database Migration Service
Let you deploy managed databases in on-premises VMware environments using the Amazon RDS technology. Utilize the same simple interface for managing databases in on-premises VMware environments as you would use in AWS.
Amazon RDS on VMware
A fully managed ledger database that provides a transparent, immutable, and cryptographically verifiable transaction log owned by a central trusted authority.
Amazon Quantum Ledger Database (QLDB)
QLDB uses an immutable transactional log, known as a _____, that tracks each application data change and maintains a complete and verifiable history of changes over time
Journal
A fast, scalable, fully managed time-series database service for IoT and operational applications that makes it easy to store and analyze trillions of events per day at 1/10th the cost of relational databases
Amazon Timestream
A purpose-built time series database that efficiently stores and processes this data by time intervals.
Timestream
A fast, scalable, highly available, and fully managed document database service that supports MongoDB workloads.
Amazon DocumentDB (with MongoDB compatibility)
AWS service: no-cost, multiplatform, production-ready distribution of the Open Java Development Kit (OpenJDK).
Amazon Corretto
Develop and run Java applications on popular operating systems, including Amazon Linux 2, Windows, and macOS
Corretto
Cloud-based integrated development environment (IDE) that lets you write, run, and debug your code with just a browser.
AWS Cloud9
Use case: work on your projects from your office, home, or anywhere using an internet-connected machine. Share your development environment with your team, enabling you to pair program and track each other’s inputs in real time.
Browser-based shell that makes it easy to securely manage, explore, and interact with your AWS resources.
AWS CloudShell
A fully managed artifact repository service that makes it easy for organizations of any size to securely store, publish, and share software packages used in their software development process
AWS CodeArtifact
Use case: can be configured to automatically fetch software packages and dependencies from public artifact repositories so developers have access to the latest versions.
Fully managed build service that compiles source code, runs tests and produces software packages that are ready to deploy.
AWS CodeBuild
Fully managed source control service that makes it easy for companies to host secure and highly scalable private Git repositories.
AWS CodeCommit
A service that automates code deployments to any instance, including EC2 instances and instances running on-premises. Makes it easier for you to rapidly release new features, helps you avoid downtime during application deployment, and handles the complexity of updating your
applications.
AWS CodeDeploy
Fully managed continuous delivery service that helps you automate your release pipelines for fast and reliable application and infrastructure updates.
AWS CodePipeline
Difference between CodeDeploy and CodePipeline?
AWS CodeDeploy belongs to “Deployment as a Service” category of the tech stack, while AWS CodePipeline can be primarily classified under “Continuous Deployment”.
Quickly develop, build, and deploy applications on AWS
AWS CodeStar
A fully managed service for running fault injection experiments on AWS that makes it easier to improve an application’s performance, observability, and resiliency
AWS Fault Injection Simulator
Stressing an application in testing or production environments by creating disruptive events, such as sudden increase in CPU or memory consumption, observing how the system responds, and implementing improvements.
Chaos Engineering,
Analyze and debug distributed applications in production or under development, such as those built using a microservices architecture. You can understand how your application and its underlying services are performing so you can identify and troubleshoot the root
cause of performance issues and errors
AWS X-Ray
Fully managed application streaming service, you centrally manage your desktop applications on AppStream 2.0 and securely deliver them to any computer
Amazon AppStream 2.0
Fully managed, secure cloud desktop service. Provision either Windows or Linux desktops in just a few minutes and quickly scale to provide thousands of desktops to workers across the globe.
Amazon WorkSpaces
Use case: users get a fast, responsive desktop of their choice that they can access anywhere, anytime, from any supported device
Fully managed service that lets you provide your employees with secure, easy access to your internal corporate websites and web apps using their mobile phones. Traditional solutions is Virtual Private Networks (VPNs)
Amazon WorkLink
Makes it easy for developers to add location functionality to applications without compromising data security and user privacy.
Amazon Location Service
Makes it easy to send targeted messages to your customers through multiple engagement channels
Amazon Pinpoint
You can integrate Amazon Pinpoint into your mobile and web apps to capture usage data to provide you with insight into how customers interact with your apps.
Use case: promotional alerts and customer retention campaigns, and transactional messages are messages such as order confirmations and password reset
messages. Transactional campaigns can be sent via email, SMS, push notifications, and voice messages
Create, configure, and implement scalable mobile applications powered by AWS. Seamlessly provisions and manages your mobile backend and provides a simple framework to easily integrate your backend with your iOS, Android, Web, and React Native frontends
AWS Amplify
Same with Google’s Firebase which provisions and manages backends for your mobile applications.
App testing service that lets you test and interact with your Android, iOS, and web apps on many devices at once, or reproduce issues on a device in real-time
AWS Device Farm
A serverless back-end for mobile, web, and enterprise applications. Build data driven mobile and web applications by handling securely all the application data management tasks like online and offline data access, data synchronization, and
data manipulation across multiple data sources.
AWS AppSync
A managed service for deploying, operating, and scaling dedicated game servers for session-based multiplayer games.
Amazon GameLift
Makes it easy to manage server infrastructure, scale capacity to lower latency and cost, match players into available game sessions, and defend from
distributed denial-of-service (DDoS) attacks.
Free, cross-platform, 3D game engine for you to create the highest-quality games, connect your games to the vast compute and storage of the AWS Cloud, and engage fans on Twitch.
Amazon Lumberyard
A hardware service that enables simple devices to trigger AWS Lambda functions that can execute an action
AWS IoT 1-Click
Fully-managed service that makes it easy to run and operationalize sophisticated analytics on massive volumes of IoT data without having to worry about the cost and complexity typically required to build an IoT analytics platform. It automates each of the difficult steps that are required to analyze data from IoT devices
AWS IoT Analytics
USE CASE: For example, to help farmers determine when to water their crops, vineyard irrigation systems often enrich moisture sensor data with rainfall data from the vineyard, allowing for more efficient water usage while maximizing harvest yield. The data from these devices can frequently have significant gaps, corrupted messages, and false readings that must be cleaned up before
analysis can occur and AWS IoT Analytics automates each of the difficult steps that are required to analyze data from IoT devices
A programmable button based on the Amazon Dash Button hardware
AWS IoT Button
USE CASE: You can code the button’s logic in the cloud to configure button clicks to count or track items, call or alert someone, start or stop something, a remote control, order services, or even provide feedback
Managed cloud service that lets connected devices easily and securely interact with cloud applications and other devices, your applications can keep track of and communicate with all your devices, all the time, even when they aren’t connected
AWS IoT Core
Fully managed service that helps you secure your fleet of IoT devices, makes it easy to maintain and enforce IoT configurations, such as ensuring device identity, authenticating and authorizing devices, and encrypting device data, it also sends an alert if there are any gaps in your IoT configuration that might create a security risk.
AWS IoT Device Defender
Makes it easy to securely onboard, organize, monitor, and remotely manage IoT devices at scale.
AWS IoT Device Management
Fully managed IoT service that makes it easy to detect and respond to events from IoT sensors and applications, automatically triggers alerts and actions in response to events based on the logic you define. This helps resolve issues quickly, reduce maintenance
costs, and increase operational efficiency
AWS IoT Events
Patterns of data identifying more complicated circumstances than expected, such as changes in equipment when a belt is stuck or connected motion detectors using movement signals to activate lights and security cameras.
Events
Seamlessly extends AWS to devices so they can act locally on the data they generate, while still using the cloud for management, analytics, and durable storage.
Connected devices can run AWS Lambda functions, execute predictions based on machine learning models, keep device data in sync, and communicate with other devices securely – even when not connected to the Internet.
AWS IoT Greengrass
Managed service that makes it easy to collect, store, organize and monitor data from industrial equipment at scale to help you make better, data-driven decisions. Monitor operations across facilities, quickly compute common industrial performance metrics and create applications that analyze industrial equipment data to prevent costly equipment issues and reduce gaps in production.
AWS IoT SiteWise
Simplifies the process by providing software running on a gateway that resides in your facilities and automates the process of collecting
and organizing industrial equipment data.
A service that makes it easy to visually connect different devices and web services to build IoT applications. Provides a visual drag-and-drop interface for connecting and coordinating devices and web services, so you can build IoT applications quickly
AWS IoT Things Graph
Helps you find devices and hardware to help you explore, build, and go to market with your IoT solutions
AWS Partner Device Catalog
Search for and find hardware that works with AWS, including development kits and embedded systems to build new devices, as well as off-the-shelf-devices such as gateways, edge servers, sensors, and cameras for immediate IoT project integration.
An operating system for microcontrollers that makes small, low-power edge devices easy to program, deploy, secure, connect, and manage
FreeRTOS
USE CASE: Microcontrollers have limited compute power and memory capacity and typically perform simple, functional tasks. Microcontrollers frequently run operating systems that do not have built-in functionality to connect to local networks or the cloud, making IoT applications a challenge. FreeRTOS helps solve this problem by providing both the core operating system (to run the edge device) as well as software libraries that make it easy to securely connect to the cloud (or other edge devices) so you can collect data from them for IoT applications and take action.
A machine learning service which makes it easy to build the workflows required for human review, the AWS service that brings human review to all developer
Amazon Augmented AI
Developer tool that provides intelligent recommendations to improve code quality and identify an application’s most expensive lines of code
Amazon CodeGuru
USE CASE: uses machine learning and automated reasoning to identify critical issues, security vulnerabilities, and hard-to-find bugs during application development and provides recommendations to
improve code quality
A natural language processing (NLP) service that uses machine learning to find insights and relationships in a text in your unstructured data.
Amazon Comprehend
USE CASE: identifying specific items of interest inside vast swathes of text (such as finding company names in analyst reports), and can learn the sentiment hidden inside language (identifying negative reviews, or positive customer interactions with customer service agents), at almost limitless scale.
AWS Service which is used in extracting complex medical information from unstructured text. The service can identify medical information, such as medical conditions, medications, dosages, strengths, and frequencies from a variety of sources like doctor’s notes, clinical trial reports, and patient health records.
Amazon Comprehend Medical
Machine Learning (ML) powered service that makes it easy to improve an application’s operational performance and availability, detects behaviors that deviate from normal operating patterns so you can identify operational issues long before they impact your customers.
Amazon DevOps Guru
Allows you to attach low-cost GPU-powered acceleration to Amazon EC2 and Amazon SageMaker instances to reduce the cost of running deep learning inference by up to 75%.
Amazon Elastic Inference
In most deep learning applications, what is the term for making predictions using a trained model
Inference
A fully managed service that uses machine learning to deliver highly accurate forecasts
Amazon Forecast
USE CASE: For example, the demand for a particular color of a shirt may change with the seasons and store location. This complex relationship is hard to determine on its own, but machine learning is ideally suited to recognize it. Once you provide your data, Amazon Forecast will automatically examine it, identify what is meaningful, and produce a forecasting model capable of making predictions that are up to 50% more accurate than looking at time series data alone.
Fully managed service that uses machine learning (ML) and more than 20 years of fraud detection expertise from Amazon, to identify potentially fraudulent activity so customers can catch more online fraud faster.
Amazon Fraud Detector
HIPAA-eligible service that healthcare providers, health insurance companies, and pharmaceutical companies can use to store, transform, query, and analyze large-scale health data
Amazon HealthLake
USE CASE: You can analyze unstructured clinical text from diverse sources. HealthLake transforms unstructured data using natural language processing (NLP) models, and provides powerful query and search capabilities. You can use HealthLake to organize, index, and structure patient information in a secure, compliant, and auditable manner
An intelligent search service powered by machine learning. Reimagines enterprise search for your websites and applications so your employees and customers can easily find the content they are looking for, even when it’s scattered across multiple locations and content repositories within your organization.
Amazon Kendra
A service for building conversational interfaces into any application using voice and text. Provides the advanced deep learning functionalities of automatic speech recognition (ASR) for converting speech to text, and natural language understanding (NLU) to recognize the intent of the text, to enable you to build applications with highly engaging user experiences and lifelike conversational
interactions
Amazon Lex
USE CASE: The same deep learning technologies that power Amazon Alexa are now available to any developer, enabling you to quickly and easily build sophisticated, natural language, conversational bots (“chatbots”)
Analyzes the data from the sensors on your equipment (e.g. pressure in a generator, flow rate of a compressor, revolutions per minute of fans), to automatically train a machine learning model based on just your data, for your equipment
Amazon Lookout for Equipment
Use case: Uses your unique ML model to analyze incoming sensor data in real-time and accurately identify early warning signs that could lead to machine failures. This means you can detect equipment abnormalities with speed and precision, quickly diagnose issues, take action to reduce expensive downtime, and reduce false alerts
Uses machine learning (ML) to automatically detect and diagnose anomalies (i.e. outliers from the norm) in business and operational data, such as a sudden dip in sales revenue or customer acquisition rates.
Amazon Lookout for Metrics
A machine learning (ML) service that spots defects and anomalies in visual representations using computer vision (CV), uses ML to see and understand images from any camera as a person would, but with an even higher degree of accuracy and at a much larger
scale.
Amazon Lookout for Vision
An end-to-end system that uses machine learning (ML) to detect abnormal behavior in industrial machinery, enabling you to implement predictive maintenance and reduce unplanned
downtime. It includes sensors to capture vibration and temperature data from equipment.
Amazon Monitron
A machine learning service that makes it easy for developers to create individualized recommendations for customers using their applications.
Amazon Personalize
USE CASE: you provide an activity stream from your application – page views, signups, purchases, and so forth – as well as an inventory of the items you want to recommend, such as
articles, products, videos, or music. Its ;ike having your own Amazon.com machine learning personalization team at your disposal, 24 hours a day
Service that turns text into lifelike speech (text-to-Speech). Polly lets you create applications that talk, enabling you to build entirely new categories of speech-enabled products
Amazon Polly
Use case: You can cache and save Polly’s speech audio to replay offline or redistribute. And Polly is easy to use. You simply send the text you want to be converted into speech to the Polly API, and Polly immediately returns the audio stream to your application so your application can play it directly or store it in a standard audio file format, such as MP3
Makes it easy to add image and video analysis to your applications using proven, highly scalable, deep learning technology that requires no machine learning expertise to use.
Amazon Rekognition
Use case: you can identify objects, people, text, scenes, and activities in images and videos, as well as detect any inappropriate content
Fully-managed service that enables developers and data scientists to quickly and easily build, train, and deploy machine learning models at any scale. It also includes modules that can be used together or independently to build, train, and deploy your machine learning models.
Amazon SageMaker
Service which helps you build highly accurate training datasets for machine learning quickly. It offers easy access to public and private human labelers and provides them with built-in workflows and interfaces for common labeling task
It can also lower your labeling costs by up to 70% using automatic labeling, which works by training it from data labeled by humans so that the service learns to label data independently.
Amazon SageMaker Ground Truth
A service that automatically extracts text and data from scanned documents, it uses machine learning to instantly “read” virtually any type of document to accurately extract text and data without the need for any manual effort or custom code.
Amazon Textract
An automatic speech recognition (ASR) service that makes it easy for developers to add speech-to-text capability to their applications. You can analyze audio files stored in Amazon S3 and have the service return a text file of the transcribed speech
Amazon Transcribe
Neural machine translation service that delivers fast, high-quality, and affordable language translation.
Amazon Translate
A fast and scalable training and inference framework with an easy-to-use, concise API for machine learning.
It also includes the ______ interface that allows developers of all skill levels to get started with deep learning on the cloud, on edge devices, and on mobile apps.-
Apache MXNet on AWS
Gluon interface
A fast and scalable training and inference framework with an easy-to-use, concise API for machine learning.
It also includes the ______ interface that allows developers of all skill levels to get started with deep learning on the cloud, on edge devices, and on mobile apps.-
Apache MXNet on AWS
Gluon interface
Provide machine learning practitioners and researchers with the infrastructure and tools to accelerate deep learning in the cloud, at any scale
AWS Deep Learning AMIs
World’s first musical keyboard powered by machine learning to enable developers of all skill levels to learn Generative AI while creating original music outputs, consists of a USB keyboard
AWS DeepComposer
Helps put deep learning in the hands of developers, literally, with a fully programmable video camera, tutorials, code, and pre-trained models designed to expand deep learning skills.
AWS DeepLens
A 1/18th scale race car which gives you an interesting and fun way to get started with reinforcement learning (RL)
AWS DeepRacer
Machine learning inference chip designed to deliver high performance at low cost.
AWS Inferentia
USE CASE: Developers can reduce inference costs by up to 75% by attaching GPU-powered inference acceleration to Amazon EC2 and SageMaker instances.
Enables developers to quickly and easily get started with deep learning in the cloud
TensorFlow on AWS
A monitoring and management service built for developers, system operators, site reliability engineers (SRE), and IT managers. Collects monitoring and operational data in the form of logs, metrics, and events,
Amazon CloudWatch
Monitors your applications and automatically adjusts capacity to maintain steady, predictable performance at the lowest possible cost
AWS Auto Scaling
Interactive agent that makes it easy to monitor and interact with your AWS resources in your Slack channels and Amazon Chime chat rooms
AWS Chatbot
Recommends optimal AWS resources for your workloads to reduce costs and improve performance by using machine learning to analyze historical utilization metrics. Helps you choose optimal configurations for three types of AWS resources: Amazon EC2 instances, Amazon EBS volumes, and AWS Lambda functions,
based on your utilization data
AWS Compute Optimizer
Automates the set-up of a baseline environment, or landing zone, that is a secure, well-architected multi-account AWS environment. It configures AWS management and security services based on established best practices in a secure, compliant, multi-account environment.
AWS Control Tower
Gives developers and systems administrators an easy way to create and manage a collection of related AWS resources, provisioning and updating them in an orderly and predictable fashion. You can also use the sample templates or create your own templates to describe your AWS resource
AWS CloudFormation
After the AWS resources are deployed, you can modify and update them in a controlled and predictable way, in effect applying version control to your AWS infrastructure the same way you do with your software. You can also visualize your templates as diagrams and edit them using a drag-and-drop interface with the AWS
CloudFormation Designer
A web service that records AWS API calls for your account and delivers log files to you. The recorded information includes the identity of the API caller, the time of the API call, the source IP address of the API caller, the request parameters, and the response elements returned by the AWS service
AWS CloudTrail
A fully managed service that provides you with an AWS resource inventory, configuration history, and configuration change notifications to enable security and governance.
AWS Config
Config Rules feature enables you to create rules that automatically check the configuration of AWS resources recorded by AWS Config
Use case: discover existing and deleted AWS resources, determine your overall compliance against rules, and dive into configuration details of a resource at any point in time. These capabilities enable compliance auditing, security analysis, resource change tracking, and troubleshooting.
Offers a guided way of sizing, configuring, and deploying AWS resources for third-party applications such as Microsoft SQL Server Always On and HANA based SAP systems, without the need to manually identify and provision individual AWS resources.
AWS Launch Wizard
Use case: Provides an estimated cost of deployment, and lets you modify your resources to instantly view an updated cost assessment. Once you approve the AWS resources, Launch Wizard automatically provisions and configures the selected resources to create a fully-functioning, production-ready application. AWS Launch Wizard also creates CloudFormation templates that can serve as a baseline to accelerate subsequent deployments.
Centrally manage and govern your environment as you grow and scale your AWS resources.
AWS Organizations
Use case: programmatically create new AWS accounts and allocate resources, group accounts to organize your workflows, apply policies to accounts or groups for governance, and simplify billing by using a single payment method for all of your accounts.
Configuration management service that provides managed instances of Chef and Puppet
AWS OpsWorks
Chef and Puppet: automation platforms that allow you to use code to automate the configurations of your servers
First fully managed delivery service for container and serverless applications. Connect and coordinate all the different tools needed for infrastructure provisioning, code deployments, monitoring, and updates.
AWS Proton
USE CASE: giving platform teams the tools they need to manage this complexity and enforce consistent standards while making it easy for developers to deploy their code using containers and serverless technologies
Allows organizations to create and manage catalogs of IT services that are approved for use on AWS. Centrally manage commonly deployed IT services and helps you achieve consistent governance and meet your compliance requirements, while enabling users to quickly deploy only the approved IT services they need.
AWS Service Catalog
Gives you visibility and control of your infrastructure on AWS
AWS Systems Manager
USE CASE: you can group resources, like Amazon EC2 instances, Amazon S3 buckets, or Amazon RDS instances, by application, view operational data for monitoring and troubleshooting, and take action on your groups of resources.
AWS Systems Manager tool:
Lets you create a logical group of resources associated with a particular workload such as different layers of an application stack, or production versus development environments.
Resource groups
AWS Systems Manager tool:
Displays operational data that the AWS Systems Manager automatically aggregates for each resource group
Insights Dashboard
AWS Systems Manager tool:
Provides a simple way of automating common administrative tasks like remotely executing shell scripts or PowerShell commands, installing software updates, or making changes to the configuration of OS, software, EC2 and instances and servers in your on-premises data center
Run Command
AWS Systems Manager tool:
Helps you define and maintain consistent OS configurations such as firewall settings and anti-malware definitions to comply with your policies
State Manager
AWS Systems Manager tool:
Helps you collect and query configuration and inventory information about your instances and the software installed on them
Inventory
AWS Systems Manager tool:
Lets you define a recurring window of time to run administrative and maintenance tasks across your instances.
Maintenance Window
AWS Systems Manager tool:
Helps you select and deploy operating system and software patches automatically across large groups of instances.
Patch Manager
AWS Systems Manager tool:
Simplifies common maintenance and deployment tasks, such as updating Amazon Machine Images (AMIs). Use the tool to apply patches, update drivers and agents, or bake applications into your AMI using a streamlined, repeatable, and auditable process.
Automation
AWS Systems Manager tool:
Provides an encrypted location to store important administrative information such as passwords and database strings.
Parameter Store
AWS Systems Manager tool:
Helps you securely distribute and install software packages, such as software agents. Allows you to centrally store and systematically distribute software packages while you maintain control over versioning
Distributor
AWS Systems Manager tool:
Provides a browser-based interactive shell and CLI for managing Windows and Linux EC2 instances, without the need to open inbound ports, manage SSH keys, or use bastion hosts.
Session Manager
An online resource to help you reduce cost, increase performance, and improve security by optimizing your AWS environment. Also provides real-time guidance to help you provision your resources following AWS best practices.
AWS Trusted Advisor
Provides alerts and remediation guidance when AWS is experiencing events that might affect you.
AWS Personal Health Dashboard
Difference between Service Health Dashboard and Personal Health Dashboard
While the Service Health Dashboard displays the general status of AWS services, Personal Health Dashboard gives you a personalized view into the performance and availability of the AWS services underlying your AWS resources.
Provides ongoing management of your AWS infrastructure so you can focus on your applications, helps to reduce your operational overhead and risk.
AWS Managed Services
Lets customers view and manage a select set of resources to support incident response while on-the-go
AWS Console Mobile Application
USE CASE: monitor resources through a dedicated dashboard and view configuration details, metrics, and alarms for select AWS services. The Dashboard provides permitted users with a single view a resource’s status, with real-time data on Amazon CloudWatch, Personal Health Dashboard, and AWS Billing and Cost Management.
Makes it easier to manage licenses in AWS and on-premises servers from software vendors such as Microsoft, SAP, Oracle, and IBM.
AWS License Manager
USE CASE: create customized licensing rules that emulate the terms of their licensing agreements, and then enforce these rules when an instance of Amazon EC2 gets launched.
Review the state of your workloads and compares them to the latest AWS architectural best practices.
AWS Well-Architected Tool
Media transcoding in the cloud. It is designed to be a highly scalable, easyto-use, and cost-effective way for developers and businesses to convert (or transcode) media files from their source format into versions that will play back on devices like smartphones, tablets, and PCs.
Amazon Elastic Transcoder
Managed live streaming solution that is quick and easy to set up, and ideal for creating interactive video experiences.
Amazon Interactive Video Service
Empowers creative studios to produce visual effects, animation, and interactive content entirely in the cloud, from storyboard sketch to final deliverable. Rapidly onboard and collaborate with artists globally and create content faster with access to virtual workstations, high-speed
storage, and scalable rendering across AWS’s global infrastructure
Amazon Nimble Studio
Advanced video processing and delivery technologies into your data center, co-location space, or on-premises facility. You can deploy it to encode, package, and deliver video assets on-premises and seamlessly connect with cloud-based video infrastructure.
AWS Elemental Appliances & Software
A compact hardware device that sends live video to the cloud for encoding and delivery to viewers
AWS Elemental Link
A high-quality transport service for live video, enables you to build mission-critical live video workflows in a fraction of the time and cost of satellite or fiber services
AWS Elemental MediaConnect
USE CASE: ingest live video from a remote event site (like a stadium), share video with a partner (like a cable TV distributor), or replicate a video stream for processing (like an over-the-top service).
Difference between AWS Elastic Transcoder and Elemental MediaConvert
Elastic Transcoder uses pipelines to manage jobs tied to a single S3 bucket, whereas Elemental MediaConvert uses queues that can be tied to multiple S3 buckets.
Difference between Elastic Transcoder and Elemental Media
Elastic Transcoder could not handle 4K video, and only worked with static files stored in S3 - it wasn’t designed for streaming content.
AWS purchased Elemental in 2015. There is some overlap but Elemental Media* services are more flexible and provide JIT encoding and dynamic ad insertion, to serve a broader market than ET did.
Input video into multiple output formats to support viewing from a broad array of devices at varying resolution
AWS Elemental MediaConvert
Broadcast-grade live video processing service. It lets you create high-quality video streams for delivery to broadcast televisions and internet-connected multiscreen devices, like connected TVs, tablets, smartphones, and set-top boxes.
AWS Elemental MediaLive
USE CASE: easily set up streams for both live events and 24x7 channels with advanced broadcasting features, high availability, and pay-as-you-go pricing.
Reliably prepares and protects your video for delivery over the Internet. Creates video streams formatted to play on connected TVs, mobile phones, computers, tablets, and game consoles
AWS Elemental MediaPackage
AWS storage service optimized for media. It gives you the performance, consistency, and low latency required to deliver live streaming video content. Acts as the origin store in your video workflow.
AWS Elemental MediaStore
Lets video providers insert individually targeted advertising into their video streams without sacrificing broadcast-level quality-of-service
AWS Elemental MediaTailor
USE CASE: viewers of your live or on-demand video each receive a stream that combines your content with ads personalized to them.
Allows you to quickly realize the benefits of migrating applications to the cloud without changes and with minimal downtime
AWS Application Migration Service
USE CASE: minimizes time-intensive, error-prone manual processes by automatically converting your source servers from physical, virtual, or cloud infrastructure to run natively on AWS. It further simplifies your migration by enabling you to use the same automated process for a wide range of applications.
Provides a single location to track the progress of application migrations across multiple AWS and partner solutions.
AWS Migration Hub
Helps enterprise customers plan migration projects by gathering information about their on-premises data centers. Collects and presents configuration, usage, and behavior data from your servers to help you better understand your workloads
AWS Application Discovery Service
Helps you migrate databases to AWS easily and securely. The source database remains fully operational during the migration, minimizing downtime to applications that rely on the database. It can migrate your data to and from most widely used commercial and open-source databases
AWS Database Migration Service
An agentless service that makes it easier and faster for you to migrate thousands of on-premises workloads to AWS. Allows you to automate, schedule, and track incremental replications of live server volumes, making it easier for you to coordinate large-scale server migrations
AWS Server Migration Service
Helps customers that need to run operations in austere, non-data center environments, and in locations where there’s a lack of consistent network connectivity. It also offers a number of physical devices and capacity points, most with built-in computing capabilities
AWS Snow Family
Types of AWS SNOW Family
AWS Snowcone, AWS Snowball, and AWS Snowmobile
Smallest member of the AWS Snow Family of edge computing edge storage, and data transfer devices, weighing in at 4.5 pounds (2.1 kg) with 8 terabytes of usable storage.
AWS Snowcone
USE CASE: run edge computing workloads, or to collect, process, and transfer data to AWS. Snowcone is designed for data migration needs up to 8 terabytes per device and from space-constrained environments where AWS Snowball devices will not fit
Edge computing, data migration, and edge storage device. Provide 52 vCPUs, block and object storage, and an optional GPU for use cases like advanced machine learning and full-motion video analysis in disconnected environments.
AWS Snowball
Snowball Edge Storage Optimized devices provide both block storage and Amazon S3-compatible object storage, and 40 vCPUs.
Exabyte-scale data transfer service used to move extremely large amounts of data to AWS. You can transfer up to 100 PB, a 45-foot long ruggedized shipping container, pulled by a semi-trailer truck
AWS Snowmobile
Data transfer service that makes it easy for you to automate moving data between on-premises storage and Amazon S3 or Amazon Elastic File System (Amazon EFS). It automatically handles many of the tasks related to data transfers that can slow down migrations or burden your IT operations, including running your own instances, handling encryption, managing scripts, network optimization, and data integrity validation.
AWS DataSync
USE CASE: You can use DataSync to transfer data at speeds up to 10 times faster than open-source tools. enables one-time data migrations, recurring data processing workflows, and automated replication for data protection and recovery.
Provides fully managed support for file transfers directly into and out of Amazon S3 or Amazon EFS.
AWS Transfer Family
USE CASE: Seamlessly migrate your file transfer workflows to AWS by integrating with existing authentication systems, and providing DNS routing with Amazon Route 53 so nothing changes for your customers and partners, or their applications.
Fully managed service that makes it easy for developers to create, publish, maintain, monitor, and secure APIs at any scale.
Amazon API Gateway
USE CASE: handles all the tasks involved in accepting and processing up to hundreds of thousands of concurrent API calls, including traffic management,
authorization and access control, monitoring, and API version management
Fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds, all within a developer-friendly environment
Amazon CloudFront
Highly available and scalable cloud Domain Name System (DNS) web service.
Amazon Route 53
USE CASE: reliable and cost-effective way to route end users to Internet applications by translating human-readable names, such as www.example.com, into the numeric IP addresses, such as 192.0.2.1, that computers use to connect to each other. Amazon Route 53 is fully compliant with IPv6 as well.
Let’s you provision a logically isolated section of the AWS Cloud where you can launch AWS resources in a virtual network that you define.
Amazon VPC
Makes it easy to monitor and control microservices running on AWS and tandardizes how your microservices communicate, giving you end-to-end visibility and helping to ensure high-availability for your applications
AWS App Mesh
USE CASE: removes the need to update application code to change how monitoring data is collected or traffic is routed between microservices.
Cloud resource discovery service, you can define custom names for your application resources, and it maintains the updated location of these dynamically changing resources.
AWS Cloud Map
USE CASE: allows you to register any application resources such as databases, queues, microservices, and other cloud resources with custom names.
Establish a dedicated network connection from your premises to AWS.
AWS Direct Connect
Networking service that improves the availability and performance of the applications that you offer to your global users.
AWS Global Accelerator
Simplifies the security of data shared with cloud-based applications by eliminating the exposure of data to the public Internet.
AWS PrivateLink
Connect their Amazon Virtual Private Clouds (VPCs) and their on-premises networks to a single gateway
AWS Transit Gateway
USE CASE: You only have to create and manage a single connection from the central gateway into each Amazon VPC, on-premises data center, or remote office across your network. Transit Gateway acts as a hub that controls how traffic is routed among all the connected networks which act like spokes.
Establish secure connections between your on-premises networks, remote offices, client devices, and the AWS global network
AWS VPN
Kinds of AWS VPN. Differentiate them.
AWS Site-to-Site VPN: creates encrypted tunnels between your network and your Amazon Virtual Private Clouds or AWS Transit Gateways.
AWS Client VPN: for managing remote access, connects your users to
AWS or on-premises resources using a VPN software client
Automatically distributes incoming application traffic across multiple targets, such as Amazon EC2 instances, containers, and IP addresses
Elastic Load Balancing
Types of Elastic Load Balancing. Differentiate them
Application Load Balancer: best suited for load balancing of HTTP and HTTPS traffic. Operating at the individual request level (Layer 7)
Network Load Balancer: best suited for load balancing of TCP traffic where extreme performance is required. Operating at the connection level (Layer 4). Optimized to handle sudden and volatile traffic pattern
Gateway Load Balancer: makes it easy to deploy, scale, and run third-party virtual networking appliances
Classic Load Balancer: provides basic load balancing across multiple Amazon EC2 instances and operates at both the request level and connection level. Classic Load Balancer is intended for
applications that were built within the EC2-Classic network
Fully managed quantum computing service that helps researchers and developers get started with the technology to accelerate research and discovery.
Amazon Braket
USE CASE: provides a development environment for you to explore and build quantum algorithms, design and build your own quantum algorithms from scratch or choose from a set of prebuilt algorithms.
Service that makes it easy to develop, test, and deploy intelligent robotics applications at scale.
AWS RoboMaker
Fully managed service that lets you control satellite communications, downlink and process satellite data, and scale your satellite operations quickly, easily and cost-effectively without having to worry about building or managing your own ground station infrastructure.
AWS Ground Station
Global Ground Station as a Service.
Lets you add user sign-up, sign-in, and access control to your web and mobile apps quickly and easily. Authenticate users through social identity providers such as Facebook, Twitter, or Amazon and save data locally on users’ devices, allowing your applications to work even when the devices are offline
Amazon Cognito
Enables you to build flexible, cloud-native directories for organizing hierarchies of data along multiple dimensions
Amazon Cloud Directory
Makes it easy to analyze, investigate, and quickly identify the root cause of potential security issues or suspicious activities. Automatically collects log data from your AWS resources and uses machine learning, statistical analysis, and graph theory to build a linked set of data that enables you to easily conduct faster and more efficient security investigation
Amazon Detective
USE CASE: Can analyze trillions of events from multiple data sources such as Virtual Private Cloud (VPC) Flow Logs, AWS CloudTrail, and Amazon GuardDuty, and automatically creates a unified, interactive view of your resources, users, and the interactions between them over time
Threat detection service that continuously monitors for malicious or unauthorized behavior to help you protect your AWS accounts and workloads
Amazon GuardDuty
USE CASE: It monitors for activity such as unusual API calls or potentially unauthorized deployments that indicate a possible account compromise. GuardDuty also detects potentially compromised instances or reconnaissance by attackers. It identifies suspected attackers through integrated threat intelligence feeds and uses machine learning to detect anomalies in account and workload activity.
An automated security assessment service that helps improve the security and compliance of applications deployed on AWS. Automatically assesses applications for exposure, vulnerabilities, and deviations from best practices
Amazon Inspector
Security service that uses machine learning to automatically discover, classify, and protect sensitive data in AWS.
Amazon Macie
USE CASE: Recognizes sensitive data such as personally identifiable information (PII) or intellectual property, and provides you with dashboards and alerts that give visibility into how this data is being accessed or moved.
Central resource for compliance-related information that matters to you. It provides on-demand access to AWS’ security and compliance reports and select online agreements.
AWS Artifact
Helps you continuously audit your AWS usage to simplify how you assess risk and compliance with regulations and industry standards
AWS Audit Manager
USE CASE: automates evidence collection to reduce the “all hands on deck” manual effort that often happens for audits and enable you to scale your audit capability in the cloud as your business grows. With Audit Manager, it is easy to assess if your policies, procedures, and activities – also known as controls – are operating effectively.
Service that lets you easily provision, manage, and deploy Secure Sockets Layer/Transport Layer Security (SSL/TLS) certificates for use with AWS services and your internal connected resources.
AWS Certificate Manager
Cloud-based hardware security module (HSM) that enables you to easily generate and use your own encryption keys on the AWS Cloud
AWS CloudHSM
Microsoft Active Directory, enables your directory-aware workloads and AWS resources to use managed Active Directory in the AWS Cloud
AWS Directory Service
A security management service that makes it easier to centrally configure and manage AWS WAF rules across your accounts and applications.
AWS Firewall Manager
USE CASE: you can easily roll out AWS WAF rules for your Application Load Balancers and Amazon CloudFront
IAM allows you to do the following:
- Manage IAM users and their access
- Manage IAM roles and their permissions
- Manage federated users and their permissions
Makes it easy for you to create and manage keys and control the use of encryption across a wide range of AWS services and in your applications.
AWS Key Management Service
Managed service that makes it easy to deploy essential network protections for all of your Amazon Virtual Private Clouds (VPCs)
AWS Network Firewall
USE CASE: lets you define firewall rules that give you fine-grained control over network traffic, such as blocking outbound Server Message Block
(SMB) requests to prevent the spread of malicious activity. You can also import rules
Helps you securely share your resources across AWS accounts, within your organization or organizational units (OUs) in AWS Organizations, and with IAM roles and IAM users for supported resource types.
AWS Resource Access Manager
Helps you protect secrets needed to access your applications, services, and IT resources. The service enables you to easily rotate, manage, and retrieve database credentials, API keys, and other secrets throughout their lifecycle
AWS Secrets Manager
Gives you a comprehensive view of your high-priority security alerts and compliance status across AWS accounts.
AWS Security Hub
USE CASE: single place that aggregates, organizes, and prioritizes your security alerts, or findings, from multiple AWS services, such as Amazon GuardDuty, Amazon Inspector, and Amazon Macie, as well as from AWS Partner solutions
SSO service that makes it easy to centrally manage SSO access to multiple AWS accounts and business applications
AWS Single Sign-On
- you can easily manage SSO access and user permissions to all of your accounts in AWS Organizations centrally.
Web application firewall that helps protect your web applications from common web exploits that could affect application availability, compromise security, or consume excessive resources
AWS WAF
USE CASE: gives you control over which traffic to allow or block, includes a full-featured API that you can use to automate the creation, deployment, and maintenance of web security rules
Provides persistent block storage volumes for use with Amazon EC2 instances in the AWS Cloud.
Amazon Elastic Block Store
Provides a simple, scalable, elastic file system for Linux-based workloads for use with AWS Cloud services and on-premises resources
Amazon Elastic File System
Fully managed file system that is optimized for compute-intensive workloads, such as high performance computing, machine learning, and media data processing workflows
Amazon FSx for Lustre
USE CASE: launch and run a Lustre file system
Provides a fully managed native Microsoft Windows file system so you can easily move your Windows-based applications that require file storage to AWS.
Amazon FSx for Windows File Server
USE CASE: you can launch highly durable and available Windows file systems that can be accessed from up to thousands of compute instances using the industry-standard SMB protocol
An object storage service that offers industry-leading scalability, data availability, security, and performance.
Amazon Simple Storage Service
Designed for 99.999999999% (11 9’s) of durability
Secure, durable, and extremely low-cost storage service for data archiving and long-term backup. Option for access to archives is from a few minutes to several hours
Amazon S3 Glacier
Secure, durable, and extremely low-cost storage service for data archiving and long-term backup. Access to archives but ranging from 12 to 48 hours
S3 Glacier Deep Archive
Enables you to centralize and automate data protection across AWS services. Offers a cost-effective, fully managed, policy-based service that further simplifies data protection at scale
AWS Backup
USE CASE: centrally deploy data protection policies to configure, manage, and govern your backup activity across your organization’s
AWS accounts and resources,
Hybrid storage service that enables your on-premises applications to seamlessly use AWS cloud storage. You can use the service for backup and archiving, disaster recovery, cloud data processing, storage tiering, and migration.
AWS Storage Gateway
