Glossary Flashcards

1
Q

EC2

A

elastic cloud compute

virtual computer, secure, resizable compute capacity in the cloud

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

ECS

A

elastic container service - highly scalable, high-performance container orchestration service that supports Docker containers and allows you to easily run and scale containerized applications on AWS

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Fargate

A

serverless container service - provision and manage servers
only supports container images hosted on ECS or docker hub
task storage is ephemeral

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

AMI

A

Amazon machine image - create new EC2 with root volume

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

S3

A

simple storage service - flat files, static websites, multi AZ, scalability, durability

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

EBS

A

elastic block storage - hard drive in the cloud, designed for use with EC2

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

EFS

A

elastic file system linux based

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

NFS

A

network file system - database backup for EFS

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

RDS

A

relational database service - managed service, set up operate and scale a relational database in the cloud
provides metrics in real time for the operating system (OS) that your DB instance runs on

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Aurora

A

MySQL and PostreSQL database, 5x faster, for infrequent intermittent unpredictable workloads

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

DynamoDB

A

non relational database service for any scale
NoSQL key-value database, single-digit millisecond
streams function

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Redshift

A

datawarehouse

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Elasticache

A

edge location frequent caching
redis
memcached

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Redis

A

fast, opensource, in-memory data store and cache

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Memcache

A

widely adopted memory object caching system

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Neptune

A

graph database

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

EMR

A

big data, hadoop

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

Athena

A

analyse S3 using SQL, serverless

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

DocumentDB

A

mongoDB compatible

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

DMS

A

database migration service

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

Kendra

A

highly accurate and easy to use enterprise search service, powered by machine learning

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

Kinesis

A

streaming data

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

Lambda

A

event driven run code without servers

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

Codebuild

A

fully managed continuous integration service compiles code, runs tests and produces software packages

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
Codedeploy
fully managed deployment, on prem
26
Codepipeline
fully managed end-to-end
27
Codecommit
source control service that hosts secure Git-based repositories
28
Codestar
unified UI, enabling you to easily manage your software development activities in one place
29
Xray
distributed tracing system, debug, useful for lambdas
30
Opsworks
chef and puppet platform to automate server processes on prem
31
Cloudwatch
monitors applications, logs and metrics | multi-platform CloudWatch agent which can be installed on both Linux and Windows-based instances
32
Cloudtrail
API calls monitory, auditable
33
Config
AWS resource inventory, config history
34
Shield
DDoS, standard or advance
35
Trusted Advisor
infrastructure, security, performance, costs
36
Inspector
assesses security of AWS resources, automated security and compliance source control service that hosts secure Git-based repositories
37
GuardDuty
threat detection
38
Macie
AI security to identify PII personally identifiable information S3, cloudtrail logs, dashboards, reports alerting
39
Rekognition
video image analysis security
40
IAM
identity and access management
41
Identities
IAM resource objects
42
Resources
identity provider objects
43
Entities
IAM users, federated users
44
Principals
root account
45
Cognito
simple and secure user sign up and in for 3rd party sign-up, sign-in, and access control to your web and mobile apps quickly and easily. With Amazon Cognito, you also have the option to authenticate users through social identity providers such as Facebook, Twitter, or Amazon, with SAML identity solutions, or by using your own identity system. In addition, Amazon Cognito enables you to save data locally on users’ devices, allowing your applications to work even when the devices are offline. You can then synchronize data across users’ devices so that their app experience remains consistent regardless of the device they use.
46
AWS organisations
consolidated billing
47
Objects ACLs
access to individual objects
48
Bucket ACLs
write permissions ot bucket
49
Bucket policies
cross-account bucket ACLs
50
IAM policies
create users and groups attach policies
51
KMS
key management service, server side encryption
52
MQ
different software systems communication in different languages
53
SQS
simple queue service, integrated and decouple software systems and components
54
SNS
simple notification service, decouple microservices highly available, durable, secure, fully managed pub/sub messaging service that enables you to decouple microservices, distributed systems, and serverless applications
55
SES
simple email service, send mail from applications, marketers
56
NACL
network access control list, stateless, subnet level
57
Security group
stateful instance level, allow rules only
58
AWS artifact
central compliance reports
59
SOC
service organisation control
60
PCI
payment card industry
61
ISO
international organisation for standardisation
62
CSA
cloud security alliance
63
HIPAA
medication record storage US
64
CloudFront
content delivery network using edge locations, distribute your users (including illegitimate requests) across multiple regions CDN - system of distributed servers that delivers webpages and other web content improves latency
65
Global accelerator
improves global availability, two global static customer facing IPs
66
ELB
elastic load balancer
67
NLB
network load balancer - static IP, TCP layer 4, route requests to one or more targets using the TCP protocol and specified port numbetr
68
ALB
application load balancer - http/https layer 7
69
Route tables
subnet private/public
70
WAF
web application firewall
71
Route53
DNS, route internet traffic to the resources fro your domain, check health of resources TTL - length DNS is cached
72
Internet gateway
VPC to the internet
73
Virtual private gateway
VPC to on prem
74
Direct connect
on prem to AWS, physical line
75
NAT gateway
network address translation gateway, public IP instance to internet or AWS service
76
Peering
VPC to VPC
77
transit gateway
VPC and on prem to gateway
78
Elastic beanstalk
no servers, code to web servers
79
Cloud9
integrated development environment, code editor
80
Durability
region replication
81
Amazon Appstream
an agreement between major Linux vendors to create an infrastructure for application installers on Linux and sharing of metadata
82
Kinesis Data Firehouse
fully managed service that automatically provisions, manages and scales compute, memory, and network resources required to process and load your streaming data
83
Kinesis Data analytics
analyse streaming data
84
Kinesis Data stream
massively scalable and durable real-time data streaming service, records in real time
85
AWS Glue
a serverless ETL service that crawls your data, builds a data catalog, performs data preparation, data transformation, and data ingestion
86
Amazon FSx for lustre
delivers the performance to satisfy a wide variety of high-performance workloads works natively with S3 making it easy to access data to run processing workloads
87
ECR
managed docker container registry, highly available
88
VPC
virtual private cloud - logically isolated from other virtual networks in the cloud
89
Datasync
move large amounts of data to AWS agent is deployed as an agent on a server automatically encrypts data and accelerates transfer over the WAN copy data and metadata to AWS NFS and SMB compatible systems
90
Storage gateway
connects on prem software appliance with cloud based storage can download as VMware file (flat files), tape (magnetic drive) or volume (stored or cached) supports the Amazon S3 Standard, Amazon S3 Standard-Infrequent Access, Amazon S3 One Zone-Infrequent Access and Amazon Glacier storage classes. When you create or update a file share, you have the option to select a storage class for your objects. You can either choose the Amazon S3 Standard or any of the infrequent access storage classes such as S3 Standard IA or S3 One Zone IA. Objects stored in any of these storage classes can be transitioned to Amazon Glacier using a Lifecycle Policy.
91
ENI
elastic network interface - virtual network card
92
EN
enhanced networking - uses single root I/O virtualisation (SR-IOV) to provide high-performance networking capabilities on supported instance types
93
EFA
elastic fabric adapter - a network device that you can attach to your EC2 instance to accelerate HPC and machine learning applications provides lower and more consistent latency and higher throughput than TCP transport traditionally
94
DAX
dynamodb accelerator - fully managed, highly availabile, in-memory cache 10x performance improvement
95
ARN
amazon reference number
96
Transfer accelerator
speed up content transfers to and from Amazon S3 by as much as 50-500% for long-distance transfer of larger objects
97
Amazon DynamoDB Stream
ordered flow of information about changes to items in DynamoDB
98
AWS secrets manager
easily rotate, manage, and retrieve database credentials, API keys, and other secrets throughout their lifecycle
99
systems manager parameter store
keep the database credentials and then encrypt them using AWS KMS
100
CORS
cross origin resource sharing - a way for client web applications that are loaded in one domain to interact with resources in a different domain. With CORS support, you can build rich client-side web applications with Amazon S3 and selectively allow cross-origin access to your Amazon S3 resources.
101
CRR
cross region replication - bucket-level configuration that enables automatic, asynchronous copying of objects across buckets in different AWS Regions.
102
IAM DB authentication
MySQL and PostgreSQL authentication token is a unique string of characters that Amazon RDS generates on request. Authentication tokens are generated using AWS Signature Version 4. Each token has a lifetime of 15 minutes. You don’t need to store user credentials in the database, because authentication is managed externally using IAM. You can also still use standard database authentication
103
throttling limits
API Gateway provides throttling at multiple levels including global and by service call. Throttling limits can be set for standard rates and bursts. For example, API owners can set a rate limit of 1,000 requests per second for a specific method in their REST APIs, and also configure Amazon API Gateway to handle a burst of 2,000 requests per second for a few seconds. Amazon API Gateway tracks the number of requests per second. Any request over the limit will receive a 429 HTTP response. The client SDKs generated by Amazon API Gateway retry calls automatically when met with this response. backend help
104
RAM
resource access manager - enables you to easily and securely share AWS resources with any AWS account or within your AWS Organization. You can share AWS Transit Gateways, Subnets, AWS License Manager configurations, and Amazon Route 53 Resolver rules resources with RAM RAM eliminates the need to create duplicate resources in multiple accounts, reducing the operational overhead of managing those resources in every single account you own
105
Control tower
easiest way to set up and govern a new, secure, multi-account AWS environment.
106
parallel cluster
AWS-supported open-source cluster management tool that makes it easy for you to deploy and manage HPC clusters on AWS
107
VPN
virtual private network - customer gateway, internet gateway
108
API gateway
application programming interface
109
Hypervisor
computer software, firmware, or hardware that creates and runs virtual machines EC2
110
bastion
host computer or a “jump server” used to allow SSH access to your EC2 instances from an outside network
111
signed cookies/signed urls
: they allow you to control who can access your content
112
Matched viewer
an Origin Protocol Policy which configures CloudFront to communicate with your origin using HTTP or HTTPS, depending on the protocol of the viewer request. CloudFront caches the object only once even if viewers make requests using both HTTP and HTTPS protocols
113
OAI
origin access identity When you create or update a distribution in CloudFront set up OAI and automatically update the bucket policy to give the origin access identity permission to access your bucket. Alternatively, you can choose to manually change the bucket policy or change ACLs, which control permissions on individual objects in your bucket.
114
SNI
server name indication custom SSL relies on the SNI extension of the Transport Layer Security protocol, which allows multiple domains to serve SSL traffic over the same IP address by including the hostname which the viewers are trying to connect to not supported by classic load balancers
115
Perfect Forward Secrecy
provides additional safeguards against the eavesdropping of encrypted data, through the use of a unique random session key. This prevents the decoding of captured data, even if the secret long-term key is compromised cloudfront and ELB
116
OLTP
online transactional processing EC2 with ELB and autoscaling RDS also suitable
117
Quicksight
cloud-powered business intelligence (BI) service that makes it easy for you to deliver insights to everyone in your organization
118
step function
design and run workflows that stitch together | services such as AWS Lambda and Amazon ECS into feature-rich applications
119
MQ
managed message broker - apache activeMQ
120
Budgets
alert when your costs and usage exceed expectations
121
lightsail
easiest way to launch and manage a virtual private server with AWS. Lightsail plans include everything you need to jumpstart your project – a virtual machine, SSDbased storage, data transfer, DNS management, and a static IP address – for a low, predictable price
122
Sagemaker
machine learning fully-managed platform that enables developers and data scientists to quickly and easily build, train, and deploy machine learning models at any scale. SageMaker removes all the barriers that typically slow down developers who want to use machine learning
123
transfer for SFTP
fully managed service that enables the transfer of files directly into and out of Amazon S3 using the Secure File Transfer Protocol (SFTP)—also known as Secure Shell (SSH) File Transfer Protocol
124
amplify
create, configure, and implement scalable mobile applications powered by AWS. Amplify seamlessly provisions and manages your mobile backend and provides a simple framework to easily integrate your backend with your iOS, Android, Web, and React Native frontends. Amplify also automates the application release process of both your frontend and backend allowing you to deliver features faster.
125
app mesh
monitor and control microservices running on AWS. App Mesh standardizes how your microservices communicate, giving you end-to-end visibility and helping to ensure high-availability for your applications
126
CloudHSM
cloud-based hardware security module (HSM) that enables you to easily generate and use your own encryption keys on the AWS Cloud
127
LDAP
light weight directory access protocol