Glossary Flashcards

1
Q

EC2

A

elastic cloud compute

virtual computer, secure, resizable compute capacity in the cloud

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

ECS

A

elastic container service - highly scalable, high-performance container orchestration service that supports Docker containers and allows you to easily run and scale containerized applications on AWS

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Fargate

A

serverless container service - provision and manage servers
only supports container images hosted on ECS or docker hub
task storage is ephemeral

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

AMI

A

Amazon machine image - create new EC2 with root volume

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

S3

A

simple storage service - flat files, static websites, multi AZ, scalability, durability

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

EBS

A

elastic block storage - hard drive in the cloud, designed for use with EC2

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

EFS

A

elastic file system linux based

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

NFS

A

network file system - database backup for EFS

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

RDS

A

relational database service - managed service, set up operate and scale a relational database in the cloud
provides metrics in real time for the operating system (OS) that your DB instance runs on

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Aurora

A

MySQL and PostreSQL database, 5x faster, for infrequent intermittent unpredictable workloads

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

DynamoDB

A

non relational database service for any scale
NoSQL key-value database, single-digit millisecond
streams function

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Redshift

A

datawarehouse

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Elasticache

A

edge location frequent caching
redis
memcached

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Redis

A

fast, opensource, in-memory data store and cache

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Memcache

A

widely adopted memory object caching system

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Neptune

A

graph database

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

EMR

A

big data, hadoop

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

Athena

A

analyse S3 using SQL, serverless

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

DocumentDB

A

mongoDB compatible

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

DMS

A

database migration service

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

Kendra

A

highly accurate and easy to use enterprise search service, powered by machine learning

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

Kinesis

A

streaming data

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

Lambda

A

event driven run code without servers

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

Codebuild

A

fully managed continuous integration service compiles code, runs tests and produces software packages

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
Q

Codedeploy

A

fully managed deployment, on prem

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
26
Q

Codepipeline

A

fully managed end-to-end

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
27
Q

Codecommit

A

source control service that hosts secure Git-based repositories

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
28
Q

Codestar

A

unified UI, enabling you to easily manage your software development activities in one place

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
29
Q

Xray

A

distributed tracing system, debug, useful for lambdas

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
30
Q

Opsworks

A

chef and puppet platform to automate server processes on prem

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
31
Q

Cloudwatch

A

monitors applications, logs and metrics

multi-platform CloudWatch agent which can be installed on both Linux and Windows-based instances

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
32
Q

Cloudtrail

A

API calls monitory, auditable

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
33
Q

Config

A

AWS resource inventory, config history

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
34
Q

Shield

A

DDoS, standard or advance

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
35
Q

Trusted Advisor

A

infrastructure, security, performance, costs

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
36
Q

Inspector

A

assesses security of AWS resources, automated security and compliance source control service that hosts secure Git-based repositories

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
37
Q

GuardDuty

A

threat detection

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
38
Q

Macie

A

AI security to identify PII personally identifiable information
S3, cloudtrail logs, dashboards, reports alerting

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
39
Q

Rekognition

A

video image analysis security

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
40
Q

IAM

A

identity and access management

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
41
Q

Identities

A

IAM resource objects

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
42
Q

Resources

A

identity provider objects

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
43
Q

Entities

A

IAM users, federated users

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
44
Q

Principals

A

root account

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
45
Q

Cognito

A

simple and secure user sign up and in for 3rd party
sign-up, sign-in, and access control to your web and mobile apps
quickly and easily. With Amazon Cognito, you also have the option to authenticate users through social
identity providers such as Facebook, Twitter, or Amazon, with SAML identity solutions, or by using your
own identity system. In addition, Amazon Cognito enables you to save data locally on users’ devices,
allowing your applications to work even when the devices are offline. You can then synchronize data
across users’ devices so that their app experience remains consistent regardless of the device they use.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
46
Q

AWS organisations

A

consolidated billing

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
47
Q

Objects ACLs

A

access to individual objects

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
48
Q

Bucket ACLs

A

write permissions ot bucket

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
49
Q

Bucket policies

A

cross-account bucket ACLs

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
50
Q

IAM policies

A

create users and groups attach policies

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
51
Q

KMS

A

key management service, server side encryption

52
Q

MQ

A

different software systems communication in different languages

53
Q

SQS

A

simple queue service, integrated and decouple software systems and components

54
Q

SNS

A

simple notification service, decouple microservices
highly available, durable, secure, fully managed
pub/sub messaging service that enables you to decouple microservices, distributed systems, and
serverless applications

55
Q

SES

A

simple email service, send mail from applications, marketers

56
Q

NACL

A

network access control list, stateless, subnet level

57
Q

Security group

A

stateful instance level, allow rules only

58
Q

AWS artifact

A

central compliance reports

59
Q

SOC

A

service organisation control

60
Q

PCI

A

payment card industry

61
Q

ISO

A

international organisation for standardisation

62
Q

CSA

A

cloud security alliance

63
Q

HIPAA

A

medication record storage US

64
Q

CloudFront

A

content delivery network using edge locations, distribute your users (including illegitimate requests) across multiple regions
CDN - system of distributed servers that delivers webpages and other web content
improves latency

65
Q

Global accelerator

A

improves global availability, two global static customer facing IPs

66
Q

ELB

A

elastic load balancer

67
Q

NLB

A

network load balancer - static IP, TCP layer 4, route requests to one or more targets using the TCP protocol and specified port numbetr

68
Q

ALB

A

application load balancer - http/https layer 7

69
Q

Route tables

A

subnet private/public

70
Q

WAF

A

web application firewall

71
Q

Route53

A

DNS, route internet traffic to the resources fro your domain, check health of resources
TTL - length DNS is cached

72
Q

Internet gateway

A

VPC to the internet

73
Q

Virtual private gateway

A

VPC to on prem

74
Q

Direct connect

A

on prem to AWS, physical line

75
Q

NAT gateway

A

network address translation gateway, public IP instance to internet or AWS service

76
Q

Peering

A

VPC to VPC

77
Q

transit gateway

A

VPC and on prem to gateway

78
Q

Elastic beanstalk

A

no servers, code to web servers

79
Q

Cloud9

A

integrated development environment, code editor

80
Q

Durability

A

region replication

81
Q

Amazon Appstream

A

an agreement between major Linux vendors to create an infrastructure for application installers on Linux and sharing of metadata

82
Q

Kinesis Data Firehouse

A

fully managed service that automatically provisions, manages and scales compute, memory, and network resources required to process and load your streaming data

83
Q

Kinesis Data analytics

A

analyse streaming data

84
Q

Kinesis Data stream

A

massively scalable and durable real-time data streaming service, records in real time

85
Q

AWS Glue

A

a serverless ETL service that crawls your data, builds a data catalog, performs data preparation, data transformation, and data ingestion

86
Q

Amazon FSx for lustre

A

delivers the performance to satisfy a wide variety of high-performance workloads
works natively with S3 making it easy to access data to run processing workloads

87
Q

ECR

A

managed docker container registry, highly available

88
Q

VPC

A

virtual private cloud - logically isolated from other virtual networks in the cloud

89
Q

Datasync

A

move large amounts of data to AWS
agent is deployed as an agent on a server
automatically encrypts data and accelerates transfer over the WAN
copy data and metadata to AWS
NFS and SMB compatible systems

90
Q

Storage gateway

A

connects on prem software appliance with cloud based storage
can download as VMware
file (flat files), tape (magnetic drive) or volume (stored or cached)
supports the Amazon S3 Standard, Amazon S3 Standard-Infrequent Access, Amazon S3 One Zone-Infrequent Access and Amazon Glacier storage classes. When you create or update a file share, you have the option to select a storage class for your objects. You can either choose the Amazon S3 Standard or any of the infrequent access storage classes such as S3 Standard IA or S3 One Zone IA. Objects stored in any of these storage classes can be transitioned to Amazon Glacier using a Lifecycle Policy.

91
Q

ENI

A

elastic network interface - virtual network card

92
Q

EN

A

enhanced networking - uses single root I/O virtualisation (SR-IOV) to provide high-performance networking capabilities on supported instance types

93
Q

EFA

A

elastic fabric adapter - a network device that you can attach to your EC2 instance to accelerate HPC and machine learning applications
provides lower and more consistent latency and higher throughput than TCP transport traditionally

94
Q

DAX

A

dynamodb accelerator - fully managed, highly availabile, in-memory cache
10x performance improvement

95
Q

ARN

A

amazon reference number

96
Q

Transfer accelerator

A

speed up content transfers to and from Amazon S3 by as much as 50-500% for long-distance transfer of larger objects

97
Q

Amazon DynamoDB Stream

A

ordered flow of information about changes to items in DynamoDB

98
Q

AWS secrets manager

A

easily rotate, manage, and retrieve database credentials, API keys, and other secrets throughout their lifecycle

99
Q

systems manager parameter store

A

keep the database credentials and then encrypt them using AWS KMS

100
Q

CORS

A

cross origin resource sharing - a way for client web applications that are loaded in one domain to interact with resources in a different domain. With CORS support, you can build rich client-side web applications with Amazon S3 and selectively allow cross-origin access to your Amazon S3 resources.

101
Q

CRR

A

cross region replication - bucket-level configuration that enables automatic, asynchronous copying of objects across buckets in different AWS Regions.

102
Q

IAM DB authentication

A

MySQL and PostgreSQL
authentication token is a unique string of characters that Amazon RDS generates on request. Authentication tokens are generated using AWS Signature Version 4. Each token has a lifetime of 15 minutes. You don’t need to store user credentials in the database, because authentication is managed externally using IAM. You can also still use standard database authentication

103
Q

throttling limits

A

API Gateway provides throttling at multiple levels including global and by service call. Throttling limits can be set for standard rates and bursts. For example, API owners can set a rate limit of 1,000 requests per second for a specific method in their REST APIs, and also configure Amazon API Gateway to handle a burst of 2,000 requests per second for a few seconds. Amazon API Gateway tracks the number of requests per second. Any request over the limit will receive a 429 HTTP response. The client SDKs generated by Amazon API Gateway retry calls automatically when met with this response.
backend help

104
Q

RAM

A

resource access manager - enables you to easily and securely share AWS resources with any AWS account or within your AWS Organization. You can share AWS Transit Gateways, Subnets, AWS License Manager configurations, and Amazon Route 53 Resolver rules resources with RAM
RAM eliminates the need to create duplicate resources in multiple accounts, reducing the operational overhead of managing those resources in every single account you own

105
Q

Control tower

A

easiest way to set up and govern a new, secure, multi-account AWS environment.

106
Q

parallel cluster

A

AWS-supported open-source cluster management tool that makes it easy for you to deploy and manage HPC clusters on AWS

107
Q

VPN

A

virtual private network - customer gateway, internet gateway

108
Q

API gateway

A

application programming interface

109
Q

Hypervisor

A

computer software, firmware, or hardware that creates and runs virtual machines
EC2

110
Q

bastion

A

host computer or a “jump server” used to allow SSH access to your EC2 instances from an outside network

111
Q

signed cookies/signed urls

A

: they allow you to control who can access your content

112
Q

Matched viewer

A

an Origin Protocol Policy which configures CloudFront to communicate with your origin using HTTP or HTTPS, depending on the protocol of the viewer request. CloudFront caches the object only once even if viewers make requests using both HTTP and HTTPS protocols

113
Q

OAI

A

origin access identity
When you create or update a distribution in CloudFront set up OAI and automatically update the bucket policy to give the origin access identity permission to access your bucket. Alternatively, you can choose to manually change the bucket policy or change ACLs, which control permissions on individual objects in your bucket.

114
Q

SNI

A

server name indication
custom SSL relies on the SNI extension of the Transport Layer Security protocol, which allows multiple domains to serve SSL traffic over the same IP address by including the hostname which the viewers are trying to connect to
not supported by classic load balancers

115
Q

Perfect Forward Secrecy

A

provides additional safeguards against the eavesdropping of encrypted data, through the use of a unique random session key. This prevents the decoding of captured data, even if the secret long-term key is compromised
cloudfront and ELB

116
Q

OLTP

A

online transactional processing
EC2 with ELB and autoscaling
RDS also suitable

117
Q

Quicksight

A

cloud-powered business intelligence (BI) service that makes it easy for you to deliver insights to everyone in your organization

118
Q

step function

A

design and run workflows that stitch together

services such as AWS Lambda and Amazon ECS into feature-rich applications

119
Q

MQ

A

managed message broker - apache activeMQ

120
Q

Budgets

A

alert when your costs and usage exceed expectations

121
Q

lightsail

A

easiest way to launch and manage a virtual private server with AWS. Lightsail plans include everything you need to jumpstart your project – a virtual machine, SSDbased
storage, data transfer, DNS management, and a static IP address – for a low, predictable price

122
Q

Sagemaker

A

machine learning
fully-managed platform that enables developers and data scientists to quickly and easily
build, train, and deploy machine learning models at any scale. SageMaker removes all the barriers that
typically slow down developers who want to use machine learning

123
Q

transfer for SFTP

A

fully managed service that enables the transfer of files directly into and out
of Amazon S3 using the Secure File Transfer Protocol (SFTP)—also known as Secure Shell (SSH) File
Transfer Protocol

124
Q

amplify

A

create, configure, and implement scalable mobile applications powered by AWS. Amplify seamlessly provisions and manages your mobile backend and provides a simple framework
to easily integrate your backend with your iOS, Android, Web, and React Native frontends. Amplify also
automates the application release process of both your frontend and backend allowing you to deliver
features faster.

125
Q

app mesh

A

monitor and control microservices running on AWS. App Mesh standardizes how your microservices communicate, giving you end-to-end visibility and helping to ensure high-availability for your applications

126
Q

CloudHSM

A

cloud-based hardware security module (HSM) that enables you to easily generate and use your own encryption keys on the AWS Cloud

127
Q

LDAP

A

light weight directory access protocol