Overview Flashcards
VPN (vitual private network)
Extends on-premises network to the cloud and securly access them from anywhere
Golbal Accelerator
Improve global application availability and performance using the AWS global network
Direct Connect
links on-premise network to AWS network
API Gateway
regional service for serverless applications
CloudFront
origin data is cached at edge locations for faster user access
FSx
“launch and run file systems(works well with windows)
*lustre and windows”
WorkSpace
Desktop-as-a-Service (DaaS)
WorkDocs
cloud file sharing system in AWS
EFS
“elastic file system
NFS file system for multi EC2
*trouble with windows”
SDK (software development kit)
“Code and API for AWS integration in other languages
““Range”” header for concurrent GET”
ASG (auto scaling groups)
“manages a collection of EC2 instances
*target(metric)-simple(alarm)-step(betterSimple)”
ECS (Elastic Container Service)
“Manages containers
*IAM to each container instance”
VPC (virtual private cloud)
private cloud network in AWS
S3 OAI (origin access identity)
option to restrict bucket access to origin not bucket url
VPC peering
component to connect VPCs cross account and regional
DynamoDB
NoSQL DB
VPC endpoint
component to keep VPC AWS-AWS routes within the VPC
*VPC instance and VPC Gateway
RDS Read Replica
Cached replica of DB at edge locatoin can be promoted to standalone
Organizations
“central governance and management many accounts
*remove all members->delete old org->invite old master to be new member”
Organization share resources
option to share resources with other accounts in org
DMS (data migration service)
Schema conversion tool to S3 then upload to coorilated service
DataSync
from on-premesis to AWS service
IAM (identity and access management)
“define access to services and resources
*users-roles-groups”
CodeBuild
CI integration service
CodeDeploy
CD integration service
CloudFormation
“Ifrastructure as Code
*archive and automation”
Beanstalk
Starter service bundle
KMS key management service
create manage and use encryption keys
Certificate manager
Generates SSL certificates for traffic in transit
STS (simple token service)
Gain secure access to an EC2 instance
IAM Access Key
Long term credientials for security level in IAM users
EBS (elastic block storage)
persistant storage similar to harddrive
EBS Snapshot
Versioning control for EBS
S3 (simple storage solution)
Object based storage
Snow Family Services
Large data transfer va physical device
Cognito
Decentralized Managed Authentication
Route53
DNS (Domain name service) with AWS synergies
EC2 (Elastic compute cloud)
Rent virtual computers on which you can run applications
ELB (Elastic load balancer)
balances traffic across multiple AZ
Simple System Manager
Instead of SSH
“Not AWS
RTMP(real-time messaging protocol)”
deprecated Adobe flash media server cant use cookies
AWS Command Line Interface (CLI)
Online environment and IDE for development
Cloud9
temporary environment for development
Amazon Machine Images (AMI)
information to launch EC2 instances
Aurora
High end/low-cost version RDS for postgress and some other MySQL
Amazon Redshift
“Fully managed Petabyte-size Data Warhouse
- Analyze(run complex SQL) on massive amounts of data Columnar Store database
- single AZ”
CloudWatch
“A collection of monitoring services for logging reacting and visualizing log data
*CloudWatch Logs is the basis for all other CloudWatch services”
CloudTrail
“provides event history or your AWS account activity including action taken through the AWS infrastructure
When you need to know who to blame, either user error or system error”
Amazon Athena
A query service that makes it easier to analyze patabytes of data in S3 with no data warehouse or cluster to manage.
AWS Lambda
“Run code without provisioning or managing servers. automatically start and stop when needed. Serverless Functions. Pay per invocation.
*Triggered from SDK or other AWS service”
Simple Queue Service (SQS)
“Fully managed queing service that enables you to decouple and scale microservices distribute systems and serverless applications
*ususally used for simple communications. not real-time. have to pull. Not reactive. usually for connecting applications together”
Simple notification service (SNS)
“Subscribe and send notifications via text message email webhooks lambdas SQS and mobile notifications
*Pub/Sub: publisher sends to event bus->subscriber get from bus”
ElastiCache
Managed caching service which either runs Redis or Memchached
Amazon Kinesis
“Scalable and durable real-time data streaming service to ingest and analyze data in rea-time from multiple sources.
*Real-time sreams (data streams - data firehose - video stream - data analytics)”
Storage Gateway
“on-premises software with cloud-based storage integration into AWS
File gateway - NFS protocol to S3
Volume gateway - cached forfrequently accessed. Stored for entire
Tape gateway”
SES (simple email service)
AWS email
VPC Link
create private integrations that connect your HTTP API routes to private resources in a VPC
ARN
amazon resource name
Fargate
“A serverless compute engine for containers that works with both:
Elastic Container Service
Elastic Kubernetes Service”
EKS(Elastic Kubernetes Service)
Fully managed Kubernetes service
ECR(Elastic Container Registry)
Docker container regisrty that stores built docker images
CodeCommit
Host private Git repos for code colaberations
Config
Record and evaluate configurations of your AWS resources
IoT
Internet of Things services and software
Lex
Chatbot interface using voice and text
Alexa
Cloud based voice service
Step Functions
“A serverless function orchestrator using ASL (Amazon States Language)
You build workflows called state machines each step is called a state each process performed in a state is called a Task”
NAT(network address Translation)
a method of re-mapping one IP address space into another
EIP(Elastic IP address)
a static IPv4 address connected with AWS services
*HPC
High performance computing
Flow Logs
“capture info about the IP traffic going to and from network interfaces in your VPC
set up at VPC, subnet or network interface level. additionally logs all traffic in lower levels”
Trusted Advisor
“Tool that provides real time guidance to help provision resources following best practices
makes checks on your AWS services and offers recomendations for optimizing cost security and performance”
VM Import
“Tools that help import/export images from your environment to an EC2 instance
also tools to bring outisde images in compliance with AWS EC2”
SageMaker
Managed service for quick Machine Learning building, training an deploying
ParallelCluster
cluster managment tool for HPC clusters
ParallelClusters EFA
“Elastic Fabric Adapter
enableable feature of ParallelCluster that guarentees one of the fastest and most scalable settings for HPC Clusters
provides OS-bypass capabilities (kernal-bypass networking) which is only in specific instance types and limited to a single ssubnet
Can only attach to a new instance of an EC2 not a running one”
*ML
Machine learning
*Redis
“Remote Dictonary Server
NoSQL db or Key-Value store”
*Memcached
“Very fast in-memory cache
Key-value Set get and delete”
ALB
“Application load balancer
can route based on the content of the URL to non-homogeneous servers”
Savings plans
“a flexable pricing model where you commit to a consistant amount of usage (exp $10/hr)
recieve discounts up to 72% on that usage (flexable version of RI)
any additional usage will be billed at the regual on-demand rates”
Dedicated host
dedicated hardware to support existing software licenses and improve compliance on AWS
*RDP
Remote desktop protocol
*Latency
“In networking this is a combination of the time it takes to:
- send a request
- process that request
- return a response”
*What is IPsec?
“a group of networking protocols used for setting up secure encrypted connections, such as VPNs, across publicly shared networks
Commonly from on premise data center to AWS”
Data Pipeline
cloud-based data workflow and orchestration service
*HSM
“hardware security module
HSMs are devices that provide direct control of key generation and management
separating key management from the application and database layers”
AWS SMS
“Server Migration Service
agentless service for migrating thousands of on-premises workloads to AWS”
*OIDC
“OpenID connect
auth identity provider supported by Cognito”
