Definitions Flashcards
The data center of your AWS resources
AZ (Availability Zone)
a logically isolated section of the AWS cloud where you can launch AWS resources
VPC (Virtual Private Cloud)
Enable access to the internet
Internet Gateway
Determine where network traffic from your subnets are directed
Route Tables
Acts as a firewall at the subnet level
NACLs
Act as firewalls at the instance level
Security Groups
A logical partition of an IP network into multiple, smaller network segments
Subnet
NoSQL key/value database
DynamoDB
NoSQL Document database
Document DB
database service that supports multiple engines
RDS Relational Database Service
a fully managed database
Aurora
database that only runs when you need it
Aurora serverless
Managed graph database
Neptune
columnar database, petabyte warehouse
Redshift
Redis or Memcached database
Elasticache
service for deploying and scaling web apps and services
Elastic Beanstalk
configuration management service that provides managed instances of Chef and Puppet
OpsWorks
infrastructure as code, JSON or YAML
Cloud Formation
pre-made packages that can launch and configure your AWS compute, network, storage, and other services required to deploy a workload on AWS
AWS Quickstart
a digital catalogue of thousands of software listings
AWS Marketplace
highly configurable server, CPU, Memory, Network, or OS
EC2 Elastic Cloud Compute
Docker as a service, highly scalable high-performance container orchestration service
ECS Elastic Container Services
Microservices where you don’t think about the infrastructure, pay per task
Fargate
easy to deploy, manage and scale containerized applications using Kubernetes
EKS
serverless functions run code without provisioning or managing servers
Lambda
orchestrates various AWS services, including EC2, S3, SNS, CloudWatch, autoscaling, and elastic load balancers
Elastic Beanstalk
plans, schedules, and executes your batch computing workloads across the full range of AWS compute services and features
AWS Batch
object storage
S3 Simple Storage Service
low cost storage for archiving and long-term backup
S3 Glacier
hybrid cloud storage with local caching
Storage Gateway
hard drive in the cloud you attach to EC2 instances
EBS Elastic Block Storage
file storage mountable to multiple EC2 instances at the same time
EFS Elastic File Storage
Physically migrate lots of data via a computer suitcase 50-80 TB
Snowball
100 TB of suitcase storage
Snowball Edge
Shipping container, pulled by a semi trailer truck 100PB
Snowmobile
cloud-based call center service
Amazon Connect
Secure managed service for provisioning either Windows or Linux desktops as Virtual remote desktops
WorkSpaces
A content creation and collaboration service
WorkDocs
online meetings, video conferencing and business calling
Chime
managed business email, contacts, and calendar service
Workmail
Marketing campaign management system for sending target email, SMS, push notifications and voice messages
Pinpoint
Cloud-based email sending service for marketers and app developers
SES Simple Email Service
A BI service to connect multiple datasources and quickly visualize data in the form of graphs
QuickSight
Dedicated gigabit network connection from your premises to AWS imagine
Direct Connect
a secure connection to your AWS network
VPN
A hybrid storage service to enable your on-prem appplications to use cloud storage (archiving, backup, etc.)
Storage Gateway
The AWS Directory service for Microsoft Active Directory
Active Directory
A management service that makes it easy to create and control encryption keys
Key Management Service (KMS)
A fully managed service that monitors S3 data access activity for anomalies and generates detailed alerts when it detects risk
Macie
Acts as a firewall at the instance level, implicitly denies all traffic
Security Groups
Acts as a firewall at the subnet level, you create allow and deny rules
NACLs (Network Access Control Lists)
Logs all api calls between AWS services (who)
Cloud Trail
logs performance data
CloudWatch
runs a network and/or host assessment on security benchmark against specific EC2 instances to detect security risks
Amazon Inspector
protects web applications from common web exploits, you set rules to allow or deny traffic, attached to cloudfront or application load balancer
AWS WAF (web application firewall)
a managed DDoS protection service that safeguards applications running on AWS, automatically runs on all Route53 or CloudFront routes
AWS Shield
Additional protection against larger and more sophisticated attacks, greater visibility into attacks
Shield Advanced
Threat detection service that continuously monitors for malicious activity using machine learning
Amazon Guard Duty