Services, Tools And Terminology Flashcards
Access Control List (ACL)
A document that defines who can access a particular bucket or object. Each bucket and object in Amazon S3 has an ACL. This document defines what each type of user can do, such as write and read permissions.
AWS Account Management
AWS Account Management is a tool that you can use to update the contact info for each of your AWS accounts.
AWS Certificate Manager (ACM)
AWS Certificate Manager is a web service for provisioning, managing, and deploying Secure Sockets Layer / Transport Layer Security (SSL/TLS) certificates for use with AWS services.
Amazon Machine Image (AMI)
An Amazon Machine Image (AMI) is an encrypted machine image stored in Amazon EBS or Amazon S3.
AMIs function similarly to a template of a computer’s root drive. The contain the OS and can also include software and layers of your application, such as database servers, middleware, and web servers.
API Gateway
Amazon API Gateway is a fully managed service that developers can use to create, publish, maintain, monitor, and secure APIs at any scale.
AWS App2Container
A transformation tool that modernizes .NET and Java applications by migrating them into containerized applications.
AWS AppConfig
A serviced used to update software at runtime without deploying new code. With AWS AppConfig, you can configure, validate, and deploy feature flags and application configurations.
Amazon AppFlow
A fully managed integration service that you can use to transfer data securely between software as a service (SaaS) applications and AWS services.
Application Auto Scaling
A web service that you can use to configure automatic scaling for AWS resources beyond Amazon EC2, such as Amazon ECS services, Amazon EMR clusters, and DynamoDB tables.
Application Cost Profiler
AWS Application Cost Profiler is a solution to track the consumption of shared AWS resources used by software applications and report granular cost breakdown across tenant base.
Application Discovery Service
A web service that helps you plan to migrate to AWS by identifying IT assets in a data center (DC) - including servers, virtual machines (VMs), applications, application dependencies, and network infrastructure.
Application Revision
Skipped. (see “CodeDeploy”)
AppStream 2.0
Amazon AppStream 2.0 is a fully managed, secure service for streaming desktop apps to users without rewriting those apps.
AWS AppSync
An enterprise level, fully managed GraphQL service with real-time data synchronization and offline programming features.
Asynchronous Bounce
A type of “bounce” (failed email delivery attempt) that occurs when a receiver initially accepts an email message for delivery and then subsequently fails to deliver it.
Athena
Amazon Athena is an interactive query service that you can use to analyze data in Amazon S3 using ANSI SQL. Athena is serverless, so there’s no infrastructure to manage. Athena scales automatically and is simple to use, so you can start analyzing your datasets within seconds.
AUC
Area Under a Curve. An industry-standard metric to evaluate the quality of a binary classification machine learning model. AUC measures the ability of the model to predict a higher score for positive examples, those that are “correct,” than for negative examples, those that are “incorrect.”
The AUC metric returns a decimal value from 0 to 1.
AUC values near 1 indicate an ML model that’s highly accurate.
Aurora
Amazon Aurora is a fully managed MySQL-compatible relational database engine that combines the speed and availability of commercial databases with the simplicity and cost-effectiveness of open-source databases.
AWS Auto Scaling
A fully managed service that you can use to quickly discover the scalable AWS resources that are part of your application and to configure dynamic scaling.
Auto Scaling Group
A representation of multiple EC2 instances that share similar characteristics, and that are treated as a logical grouping for the purposes of instance scaling and management.
Availability Zone (AZ)
A distinct location with a Region that’s insulated from failures in other AZs, and provides inexpensive, low-latency network connectivity to other AZs in the same Region.
batch prediction
“Amazon Machine Learning” - An operation that processes multiple input data observations at one time (asynchronously).
Unlike real-time predictions, batch predictions aren’t available until all predictions have been processed.
BGP ASN = Border Gateway Protocol Autonomous system Number
Border Gateway Protocol Autonomous System Number is a unique identifier for a network, for use in BGP routing.
Amazon EC2 supports all 2-byte ASN numbers in the range of 1 - 65335, with the exception of 7224, which is reserved.
Binary Attribute
Amazon Machine Learning: An attribute for which one of two possible values is possible.
Valid positive values are 1, y, yes, t, and true answers.
Valid negative values are 0, n, no, f, and false.
Amazon Machine Learning outputs 1 for positive values and 0 for negative values.
Block
A dataset.
Amazon EMR breaks large amounts of data into subsets; each subset is called a data block.
Amazon EMR assigns an ID to each block and uses a hash table to keep track of block processing.
Block Device
A block device is a storage device that supports reading and (optionally) writing data in fixed-size blocks, sectors, or clusters.
Block Device Mapping
A mapping structure for every AMI and instance that specifies the block devices attached to the instance.
bootstrap action
A user-specified default or custom action that runs a script or an application on all nodes of a job flow before Hadoop starts.
Bracket
Amazon Bracket is a fully managed quantum computing service that helps you run quantum algorithms to accelerate your research and discovery,
breach
(In relation to) Amazon EC2 Auto Scaling: The condition where a user-set threshold (upper or lower boundary) is passed. If the duration of the breach is significant, as set by a breach duration parameter, it can possibly start a “scaling activity”.
A scaling activity is a process that changes the size, configuration, or makeup of an Auto Scaling group by launching or terminating instances.
bucket
A bucket is a container for objects. To store your data in Amazon S3, you first create a bucket and specify a bucket name and AWS Region. Then, you upload your data to that bucket as objects in Amazon S3. Each object has a key (or key name), which is the unique identifier for the object within the bucket.
bundling
A commonly used term for creating an Amazon Machine Image (AMI). It specifically refers to creating “instance store-backed AMIs”; A type of AMI whose instances use an instance store volume as the root device.
cache cluster and cache cluster identifier
A logical cache distributed over multiple cache nodes. A cache cluster can be set up with a specific number of cache nodes.
The identifier for the cache cluster is supplied by the customer and MUST be unique for that customer in an AWS Region.
cache node and cache node type
A cache node is a fixed-size chunk of secure, network-attached RAM that each run an instance of the Memcached service, and has its own DNS name and port. Multiple types of cache nodes are supported, each with varying amounts of associated memory.
A cache node type is an EC2 instance type used to run the cache node.
cache parameter group
A container for cache engine parameter values that can be applied to one or more cache clusters.
cache security group
A group maintained by ElastiCache that combines inbound authorizations to cache nodes for hosts belonging to Amazon EC2 security groups that are specified through the console or the API or command like tools.
campaign
Amazon Personalize: A deployed solution version (trained model) with provisioned dedicated transaction capacity for creating real-time recommendations for your application users.
After you create a campaign, you use the getRecommendations or getPersonalizedRanking personalization operations to get recommendations.
canned access policy
A standard access control policy that you can apply to a bucket or object. Options include: private, public-read, public-read-write, and authenticated-read.
canonicalization
The process of converting data into a standard format that a service such as Amazon S3 can recognize.
capacity
The amount of available compute size at a given time.
Each Auto Scaling group is defined with a min and max compute size.
A scaling activity increases or decreases the capacity within the defined minimum and maximum values.
Cartesian product
A mathematical operation that returns a product from multiple sets.
In mathematics, the Cartesian Product of sets A and B is defined as the set of all ordered pairs (x, y) such that x belongs to A and y belongs to B. For example, if A = {1, 2} and B = {3, 4, 5}, then the Cartesian Product of A and B is {(1, 3), (1, 4), (1, 5), (2, 3), (2, 4), (2, 5)}.
AWS CDK
AWS Cloud Development Kit (AWS CDK) is an open-source software development framework for defining your cloud infrastructure in code and provisioning it through AWS CloudFormation.
chargeable resources
Features or services whose use incurs fees.
For example, in a CloudFormation stack, AWS resources that have been created incur charges and the amount charged depends on the usage load.
It is recommended that you use the AWS Simple Monthly Calculator to estimate your cost prior to creating instances, stacks, or other resources.
AWS Chatbot
An interactive agent that makes it easier to monitor, troubleshoot, and operate AWS resources in your Slack channels and Amazon Chine chatrooms.
Amazon Chime
A secure, real-time, unified communications service that transforms meetings by making them more efficient and easier to conduct.
CIDR block
Classless Inter-Domain Routing (CIDR).
A CIDR block is an internet protocol address allocation and route aggregation methodology.
ciphertext
info that has been encrypted, as opposed to plaintext, which the info has not been encrypted.
Client VPN
AWS Client VPN is a client-based, managed VPN service that remote clients can use to securely access your AWS resources using an Open VPN-based software client.
AWS Cloud Control API
AWS Cloud Control API is a set of standardized application programming interfaces (APIs) that developers can use to create, read, update, delete, and list supported cloud infrastruture.
Cloud Directory
Amazon Cloud Directory is a service that provides a highly scalable directory store for your application’s multi-hierarchical data.
AWS Cloud Map
A service that you use to create and maintain a map of the backend services and resources that your applications depend on.
With AWS Cloud Map, you can name and discover your AWS Cloud resources.
cloud service provider (CSP)
A cloud service provider is a company that provides subscribers with access to internet-hosted computing, storage, and software services.
AWS Cloud WAN
(WAN = wide-area networking)
AWS Cloud WAN is a managed wide-area networking service used to build, manage, and monitor a unified global network.
AWS Cloud9
A cloud-based integrated development environment (IDE) that you use to write, run and debug code.
CloudFormation
AWS CloudFormation is a service for writing or changing templates that create and delete related AWS resources together as a unit.
CloudFront
Amazon CloudFront is an AWS content delivery service that helps you improve the performance, reliability, and availability of your websites and applications.
CloudHSM
AWS CloudHSM is a web service that helps you meet corporate, contractual, and regulatory compliance requirements for data security by using dedicated hardware security module (HSM) appliances within the AWS Cloud.
CloudSearch
Amazon CloudSearch is a fully managed service in the AWS Cloud that you can use to set up, manage, and scale a search solution for your website or application.
CloudTrail
AWS CloudTrail is a web service that records AWS API calls for your account and delivers log files to you.
The recorded info includes the identity of the API caller, the time of the API call, the source IP address of the API caller, the request parameters, and the response elements that the AWS service returns.
CloudWatch
Amazon CloudWatch is a web service that you can use to monitor and manage various metrics, and configure alarm actions based on data from those metrics.
CloudWatch Events
Amazon CloudWatch Events is a web service that you can use to deliver a timely stream of system events that describe changes in AWS resources to Lambda functions, streams in Kinesis Data Streams, Amazon SNS topics, or built-in targets.
CloudWatch Logs
Amazon CloudWatch Logs is a web service for monitoring and troubleshooting your systems and applications from your existing system, app, and custom log files.
You can send your existing log files to CloudWatch Logs and monitor these logs in near-real time.
cluster
A logical grouping of container instances that you can place tasks on.
OpenSearch Service: A logical grouping of one or more data nodes, optional dedicated master nodes, and storage required to run Amazon OpenSearch Service and operate your OpenSearch Service domain.
cluster compute instance
A type of instance that provides a great amount of CPU power coupled with increased networking performance, making it well suited for High Performance Compute (HPC) applications and other demanding network-bound applications.
cluster placement group
A logical cluster compute instance grouping to provide lower latency and high-bandwidth connectivity between the instances.
cluster status
OpenSearch Service:
An indicator of the health of a cluster.
A status can be green, yellow, or red.
At the shard level,
green means that all shards are allocated to nodes in a cluster,
yellow means the primary shard is allocated but the replica shards aren’t,
red means the primary and replica shards of at least one index aren’t allocated.
The shard status determines the index status, and the index status determines the cluster status.
CNAME
Canonical Name Record - A type of resource record in the Domain Name System (DNS) that specifies that the domain name is an alias of another, canonical domain name. Specifically, it’s an entry in a DNS table that you can use to alias one fully qualified domain name to another.
NOTE: “Canonical” is the standard state or behavior of an attribute.
CodeBuild
AWS CodeBuild is a fully managed continuous integration service that compiles source code, runs tests, and produces software packages that are ready to deploy.
CodeCommit
AWS CodeCommit is a fully managed source control service that companies can use to host secure and highly scalable private Git repositories.
CodeDeploy
AWS CodeDeploy is a service that automates code deployments to any instance, including EC2 instances and instances running on-premises.
AWS CodeDeploy agent
A software package that, when installed and configured on an instance, enables that instance to be used in CodeDeploy deployments.
CodeGuru
Amazon CodeGuru is a collection of developer tools that automate code reviews and provide intelligent recommendations to optimize application performance.
CodePipeline
AWS CodePipeline is a continuous deliver service for fast and reliable application updates.
Amazon Cognito
Amazon Cognito is a web service that you can use to save mobile user data in the AWS Cloud without writing any backend code or managing any infrastructure.
Examples of mobile user data that you can save include app preferences and game states.
Amazon Cognito offers mobile identity management and data synchronization across devices.
AWS CLI
AWS Command Line Interface is a unified downloadable and configurable tool for managing AWS services.
It allows you to control multiple AWS services from the command line and automate them through sripts.
compound query
CloudSearch: A search request that specifies multiple search criteria using the Amazon CloudSearch structured search syntax.
Amazon Comprehend
A natural language processing (NLP) service that uses machine learning to find insights and relationships in text.
Amazon Comprehend Medical
A HIPAA-eligible NLP service that uses ML and has been pre-trained to understand and extract health data from medical text, such as prescriptions, procedures, or diagnoses.
AW Config
A fully managed service that provides an AWS resource inventory, configuration history, and configuration change notifications for better security and governance.
You can create rules that automatically check the config of AWS resources that AWS config records.
Amazon Connect
A service solution that offers self-service configuration and provides dynamic, personal, and natural customer engagement at any scale.
Consistency Model
The method a service uses to achieve high availability.
For example, it could involve replicating data across multiple servers in a data center.
Console Mobile Application
AWS Console Mobile Application lets AWS customers monitor and manage a select set of resources to stay informed and connect with their AWS resources while on the go.
consolidated billing
A feature of the AWS Organizations service for consolidating payment for multiple AWS accounts. Can see a combined view of costs by all accounts and get detailed reports for each account.
container
A container is a standard unit of software that contains application code and all relevant dependencies.
container definition
A container definition specifies the details that are associated with running a container on Amazon Elastic Container Service (Amazon ECS). More specifically, a container definition specifies details such as the container image to use and how much CPU and memory the container is allocated.
The container definition is included as part of an Amazon ECS task definition.
container instance
A container instance is a self-managed EC2 instance or an on-premises server or virtual machine (VM) that’s running the Amazon Elastic Container Service (Amazon ECS) container agent and has been registered into a cluster.
A container instance serves as the infrastructure that your Amazon ECS workloads are run on.
container registry
A container registry is a collection of repositories that store container images.
One example is Amazon Elastic Container Registry (Amazon ECR).
content delivery network (CDN)
A web service that speeds up distribution of your static and dynamic web content - such as .html, .css, .js, media files, and image files - to your users by using a worldwide network of data centers.
When a user requests your content, the request is routed to the DC that provides the lowest latency (time delay).
If the content is already in the location with the lowest latency, the CDN delivers it immediately. If not, the CDN retrieves it from an origin that you specify (for example, a web server or an Amazon S3 bucket).
With some CDNs, you can secure your content by configuring an HTTPS connection between users and data centers, and between data centers and your origin.
Amazon CloudFront is an example of a CDN.
AWS Control Tower
A service used to set up and govern a secure, multi-account AWS environment.
core node
An EC2 instance that runs Hadoop map and reduce tasks and stores data using the Hadoop Distributed File System (HDFS).
Core nodes are managed by the master node, which assigns Hadoop tasks to nodes and monitors their status.
The EC2 instance you assign as core nodes must have allotted capacity for entire job flow run.
Because core nodes store data, you can’t remove them from a job flow. However, you can add more core nodes to a running job flow.
Corretto
Amazon Corretto is a no-cost, multiplatform, production-ready distribution of the Open Java Development Kit (OpenJDK)
cross-Region replication
A solution for replicating data across different AWS Regions, in near-real time.
customer gateway
A router or software application on your side of a VPN tunnel that’s managed by Amazon VPC. The internal interfaces of the customer gateway are attached to one or more devices in your home network.
The external interface is attached to the virtual private gateway (VGW) across the VPN tunnel.
AWS Data Exchange
A service that helps you find, subscribe to, and use third-party data in the cloud.
Amazon Data Lifecycle Manager
An Amazon service that automates and manages the lifecycle of Amazon EBS snapshots and EBS-backed AMIs.
Data Pipeline
AWS Data Pipeline is a web service for processing and moving data between different AWS compute and storage services, as well as on-premises data sources, at specified intervals.
DataSync
AWS DataSync is an online data transfer service that simplifies, automates, and accelerates moving data between storage systems and services.
AWS DeepComposer
A web service designed specifically to educate developers through tutorials, sample code, and training data.
AWS DeepLens
AWS DeepLens is a tool that provides AWS customers with a centralized place to search, discover, and connect with trusted AWS Partner Network (APN) Technology and Consulting Partners, based on customers’ business needs.
Detective
Amazon Detective is a service that collects log data from your AWS resources to analyze and identify the root cause of security findings or suspicious activities.
The Detective behavior graph provides visualizations to help you determine the nature and extent of possible security issues and conduct an efficient investigation.
Device Farm
AWS Device Farm is an app testing service that allows developers to test Android, iOS, and Fire OS devices on real, physical phones and tablets that are hosted by AWS.
Amazon DevOps Guru
A fully managed operations service powered by ML, designed to improve an app’s operational performance and availability.
Direct Connect
AWS Direct Connect is a web service that simplifies establishing a dedicated network connection from your premises to AWS.
Using AWS Direct Connect, you can establish private connectivity between AWS and your data center, office, or co-location environment.
Directory Service
AWS Directory Service is a managed service for connecting your AWS resources to an existing on-premises Microsoft Active Directory or to set up and operate a new, standalone directory in the AWS Cloud.
distribution
A link between an origin server (such as an Amazon S3 bucket) and a domain name, which CloudFront automatically assigns.
Through this link, CloudFront identifies the object you have stored in your origin server.
DKIM
DomainKeys Identified Mail is a standard that email senders use to sign their messages. ISPs use those signatures to verify that messages are legitimate.
AWS DMS
AWS Database Migration Service is a web service that can help you migrate data to and from many widely used commercial and open-source databases.
Docker image
A layered file system template that’s the basis of a Docker container. Docker images can comprise specific operating systems or applications.
Amazon DocumentDB
Amazon DocumentDB (with MongoDB compatibility) is a managed database service that you can use to set up, operate, and scale MongoDB-compatible databases in the cloud.
Domain Name System (DNS)
Domain Name System is a service that routes internet traffic to websites by translating human-readable domain names (i.e., www.example.com) into the numeric IP address, such as 192.0.2.1, which computers use to connect to each other.
DynamoDB
Amazon DynamoDB is a fully managed NoSQL database service that provides fast and predictable performance with seamless scalability.
Amazon DynamoDB Encryption Client
A software library that helps you protect your table data before you send it to DynamoDB
Amazon DynamoDB Storage Backend for Titan
A graph database implemented on top of Amazon DynamoDB. Titan is a scalable graph database optimized for storing and querying graphs.
DynamoDB Streams
An AWS service that captures a time-ordered sequence of item-level modifications in any Amazon DynamoDB table.
This service also stores this info in a log for up to 24 hours.
Apps can access this log and view the data items as they appeared before and after they were modified, in near-real time.
Amazon EBS
Amazon Elastic Block Storage is a service that provides block level storage volumes or (not sure if “or” is a typo in documentation - could be “for”) use with EC2 instances.
Amazon EBS-backed AMI
Type of AMI whose instances use an Amazon EBS volume as their root device.
Amazon EC2
Amazon Elastic Compute Cloud is a web service for launching and managing Linus/UNIX and Windows Server instances in Amazon data centers.
Amazon EC2 Auto Scaling
A web service that launches or terminates instances automatically based on user-defined policies, schedules, and health checks.
Amazon ECR
Amazon Elastic Container Registry (Amazon ECR) is a fully managed Docker container registry that you can use to store, manage, and deploy Docker container images. Amazon ECR is integrated with Amazon ECS and IAM.
Amazon ECS
Amazon Elastic Container Service (Amazon ECS) is a highly scalable, fast, container management service that you can use to run, stop, and manage Docker containers on a cluster of EC2 instances.
edge location
An edge location is a data center that an AWS service uses to perform service-specific operations.
For example, CloudFront uses edge locations to cache copies of your content, so the content is closer to your users and can be delivered faster regardless of their locations.
Route 53 uses edge locations to speed up the response to public DNS queries.
Amazon EFS
Amazon Elastic File System is a file storage service for EC2 instances.
Amazon EFS provides an interface that you can use to create and configure file systems.
Amazon EFS storage capacity grows and shrinks automatically as you add and remove files.
Amazon EKS
Amazon Elastic Kubernetes Service is a managed service that you can use to run Kubernetes on AWS without needing to stand up or maintain your own Kubernetes control plane.
Elastic Beanstalk
AWS Elastic Beanstalk is a web service for deploying and managing applications in the AWS Cloud without worrying about the infrastructure that runs those applications.
Elastic Inference
Amazon Elastic Inference is a resource that customers can use to attach low-cost GPU-powered acceleration to Amazon EC2 and SageMaker instances, or Amazon ECS tasks, to reduce the cost of running deep learning inference by up to 75%.
Elastic IP address
A fixed (static) IP address that you have allocated in Amazon EC2 or Amazon VPC and then attached to an instance.
Elastic IP addresses are associated with your account, not a specific instance.
They are ELASTIC because you can easily allocate, attach, detach, and free them as your needs change.
Unlike traditional static IP addresses, Elastic IP addresses allow you to mask instance or AZ failures by rapidly remapping your public IP addresses to another instance.
Elastic Load Balancing (ELB)
A web service that improves an application’s availability by distributing incoming traffic between two or more EC2 instances.
elastic network interface
An additional network interface that can be attached to an instance. Elastic Network Interfaces include a primary private IP address, one or more secondary private IP addresses, an Elastic IP address (optional), a MAC address, membership in specified security groups, a description, and a source/destination check flag.
You can create an elastic network interface, attach it to an instance, detach it from an instance, and attach it to another interface.
Elastic Transcoder
Amazon Elastic Transcoder is a cloud-based media transcoding service.
It is a highly scalable tool for converting (or transcoding) media files from their source format into versions that play on devices such as smartphones, tablets, and PCs.
ElastiCache
Amazon ElastiCache is a web service that simplifies deploying, operating, and scaling an in-memory cache in the cloud. The service improves the performance of web apps by providing info retrieval from fast, managed, in-memory caches, instead of relying entirely on slower disk-based databases.
ElasticSearch
An open-source, real-time distributed search an analytics engine used for full-text search, structured search, and analytics.
OpenSearch was developed by the Elastic company.
(SKIP THIS - IT’S NOT ON CCP EXAM)
AWS Elemental MediaConnect
AWS Elemental MediaConnect is a fully-managed live video distribution service that reliably and securely ingests video into the AWS Cloud and transports it to multiple destinations within the AWS network and the internet.
NOTE THAT THE FOLLOWING WERE SKIPPED:
MediaConvert, MediaLive, MediaPackage, MediaStore, and MediaTailor
…
EMP
The AWS End-of-Support Migration Program (EMP) for Windows Server provides the technology and guidance to migrate your apps running on Windows server 2003, 2008, and Windows Server 2008 R2 to the latest, supported versions of Windows Server running on AWS.
Amazon EMR
Amazon Elastic Map Reduce is a web service that you can use to process large amounts of data efficiently.
Amazon EMR uses Hadoop processing combined with several AWS products to do such tasks as web indexing, data mining, log file analysis, machine learning, scientific simulation, and data warehousing.
AWS Encryption SDK
A client-side encryption library that you can use to encrypt and decrypt data using industry standards and best practices.
EventBridge
Amazon EventBridge is a serverless event bus service that you can use to connect your apps with data form a variety of sources and routes that data targets, such as AWS Lambda.
You can set up routing rules to determine where to send your data to build app architectures that react in real-time to all of your data sources.
eventual consistency
The method that AWS services use to achieve high availability.
This involves replicating data across multiple servers in Amazon data centers. When data is written or updated and Success is returned, all copies of the data are updated. However, it takes time for the data to propagate to all storage locations.
The data will eventually be consistent, but an immediate read might not show the change. Consistency is usually reached within seconds.
extract, transform, and load (ETL)
A process that’s used to integrate data from multiple sources. Data is collected from sources (extract), converted to an appropriate format (transform), and written to a target data store (load) for purposes of analysis and querying.
ETL tools combine these three functions to consolidate and move data from one environment to another.
AWS Glue is a fully managed ETL service for discovering and organizing data, transforming it, and making it available for search and analytics.
Fault Injection Simulator
or (AWS FIS)
AWS Fault Injection Simulator is a managed service that you can use to perform fault injection experiments on your AWS workloads.
feature transformation
Amazon Machine Learning:
The ML process of constructing more predictive input representations or “features” from the raw input variables to optimize a machine learning model’s ability to learn and generalize. Also known as “data transformation or feature engineering”.
federated identity management (FIM)
Allows individuals to sing in to different networks or services, using the same group or personal credentials to access data across all networks.
With identity federation in AWS, external identities (federated users) are granted secure access to resources in an AWS account without having to create IAM users.
These external identities can come from a corporate identity store (such as LDAP or Windows Active Directory) to form a third party (such as Login with Amazon, Facebook, or Google). AWS federation also supports SAML 2.0.
FinSpace
Amazon FinSpace is a data management and analytics service purpose-built for the financial services industry (FSI).
Firewall Manager
AWS Firewall Manager is a service that you use with AWS WAF to simplify your AWS WAF administration and maintenance tasks across multiple accounts and resources. With AWS Firewall Manager, you set up your firewall rules only once.
The service automatically applies your rules across your accounts and resources, even as you add new resources.
Forecast
Amazon Forecast is a fully managed service that uses statistical and machine learning algorithms to produce highly accurate time-series forecasts.
Skipping the following:
GameKit, GameLift, GameSparks
don’t need to know these for CCP
Global Accelerator
AWS Global Accelerator is a network layer service that you use to create accelerators that direct traffic to optimal endpoints over the AWS global network. This improves the availability and performance of your internet applications that are used by a global audience.
AWS Glue
AWS Glue is a fully managed extract, transform, and load (ETL) service that you can use to catalog data and load it for analytics.
With AWS Glue, you can discover your data, develop scripts to transform sources into targets, and schedule and run ETL jobs in a serverless environment.
AWS GovCloud (US)
An isolated AWS Region that hosts sensitive workloads in the cloud, ensuring that this work meets the US government’s regulatory and compliance requirements.
GuardDuty
Amazon GuardDuty is a continuous security monitoring service that can help to identify unexpected and potentially unauthorized or malicious activity in your AWS environment.
Hadoop
Software that enables distributed processing for big data by using clusters and simple programming models.
AWS Health
A service that provides ongoing visibility into AWS customers’ accounts and the availability of their AWS services and resources.
health check
A system call to check on the health status of each instance in an Amazon EC2 Auto Scaling group.
HealthLake
Amazon HealthLake is a HIPPA-eligible service that helps customers store, query, and generate artificial intelligence (AI) and machine learning (ML) insights from healthcare data and enables healthcare data interoperability.
HMAC
Hash-based Message Authentication Code is a specific construction for calculating a message authentication code (MAC) involving a cryptographic has function in combination with a secret key.
You can use it to verify both the data integrity and the authenticity of a message at the same time.
AWS calculates the HMAC using a standard, cryptographic hash algorithm, such as SHA-256.
hosted zone
A collection of resource record sets that Route 53 hosts.
Similar to a traditional DNS zone file, a hosted zone represents a collection of records that are managed together under a single domain name.
HVM virtualization
Hardware Virtual Machine virtualization.
Allows the guest VM to run as though it’s on a native hardware platform, except that it still uses paravirtual (PV) network and storage drivers for improved performance.
IAM
AWS Identity and Access Management is a web service that AWS customers can use to manage users and user permissions within AWS.
IAM Access Analyzer
Access Management Access Analyzer is a feature of IAM that you can use to identify the resources in your organization and accounts that are shared with an external entity.
Example resources include Amazon S3 buckets or IAM roles.
IAM Identity Center
A cloud-based service that brings together administration of users and their access to AWS accounts and cloud applications.
You can control single sign-on access and user permissions across all your AWS accounts in AWS Organizations.
Identity provider (IdP)
An IAM entity that holds metadata about external identity providers.
Image Builder
EC2 Image Builder is a service that facilitates building, maintaining, and distributing customized server images that launch EC2 instances, or that run in Docker containers.
AWS Import/Export
A service for transferring large amounts of data between AWS and portable storage devices.
An Import/Export Station is the machine that uploads or downloads your data to or from Amazon S3.
inline policy
An IAM policy that’s embedded in a single IAM user, group, or role.
Amazon Inspector
Amazon Inspector is an automated security assessment service that helps improve the security and compliance of applications deployed on AWS.
It automatically assesses apps for vulnerabilities or deviations from best practices.
After performing an assessment, Amazon Inspector produces a detailed report with prioritized steps for remediation.
instance store
Disk storage that’s physically attached to the host computer for an EC2 instance, and therefor has the same lifespan as the instance. When the instance is terminated, you lose any data in the instance store.
instance store-backed AMI
A type of AMI whose instances use an instance store volume as the root device.
Compare this with instances launced from Amazon EBS-backed AMIs, which use an Amazon EBS volume as the root device.
Internet Gateway
Connects a network to the internet.
You can route traffic for IP addresses outside your Amazon VPC to the internet gateway.
Skipping the following AWS services and/or platforms:
IoT (1-Click, Analytics, Core, Device Defender, Device Management, Events, FleetWise, Greengrass, RoboRunner, SiteWise, Things Graph)
It doesn’t seem like any of these IoT services are on the CCP. Will double back and confirm after further review.
AWS IQ
AWS IQ is a cloud service that AWS customers can use to find, engage, and pay AWS Certified third-party experts for on-demand project work.
Amazon Kendra
Amazon Kendra is a search service powered by ML that developers can use to add search capabilities to their applications so their end users can discover info stored within the vast amounts of content spread across their company.
Amazon Keyspaces
Amazon Keyspaces (for Apache Cassandra) is a scalable, highly available, and managed Apache Cassandra-compatible database service.
Kinesis
Amazon Kinesis is a platform for streaming data on AWS.
Kinesis offers services that simplify the loading and analysis of streaming data.
Kinesis Data Firehose
Amazon Kinesis Data Firehose is a fully managed service for loading streaming data into AWS.
It can capture and automatically load streaming data into Amazon S3 and Amazon Redshift, enabling near real-time analytics with existing business intelligence tools and dashboards.
It automatically scales to match the throughput of your data and requires no ongoing administration.
It can also batch, compress, and encrypt the data before loading it.
Kinesis Data Streams
Amazon Kinesis Data Streams is a web service for building custom apps that process or analyze streaming data for specialized needs
It can continuously capture and store terabytes of data per hour from hundreds of thousands of stores.
AWS KMS
AWS Key Management Service is a managed service that simplifies the creation and control of encryption keys that are used to encrypt data.
KMS key
The primary resource in AWS Key Management Service.
In general, KMS keys are created, used, and deleted entirely within KMS.
It supports symmetric and asymmetric KMS keys for encryption and signing.
KMS keys can be either customer managed, AWS managed, or AWS owned.
Lake Formation
AWS Lake Formation is a managed service that makes it easy to set up, secure, and manage your data lakes. Lake formation helps you discover your data sources and then catalog, cleanse, and transform the data.
Lambda
AWS Lambda is a web service that you can use to run code without provisioning or managing servers.
You can run code for virtually any type of application or backend service with zero administration.
You can set up your code to automatically start from other AWS services or call it directly from any web or mobile app.
Launch Wizard
AWS Launch Wizard is a cloud solution that offers a guided way of sizing, configuring, and deploying AWS resources for third-party apps, such as Microsoft SQL Server Always On and HANA based SAP systems, without the need to manually identify and provision individual AWS resources.
Amazon Lex
Amazon Lex is a fully managed artificial intelligence (AI) service with advanced natural language models to design, build, test, and deploy conversational interfaces in applications.
Lightsail
Amazon Lightsail is a service used to launch and manage a virtual private server with AWS.
Lightsail offers bundled plans that include everything you need to deploy a virtual private server, for a low monthly rate.
load balancer
A DNS name combined with a set of ports, which together provide a destination for all requests intended for your application.
A load balancer can distribute traffic to multiple app instances across every AZ within a Region. So, the span multiple AZs within an AWS Region into which an Amazon EC2 instance was launched, but load balancers can NOT span multiple Regions.
Amazon Location
Amazon Location Service is a fully managed service that makes it easy for a developer to add location functionality, such as maps, points of interest, geocoding, routing, tracking, and geofencing, to their apps, without sacrificing data security, user privacy, data quality, or cost.
Skipping the following ML services:
“Lookout for” Equipment, Metrics, Vision
Those 3 ML services don’t appear to be on the CCP. Will circle back and add them if necessary.
Also skipped “Amazon Lumberyard”
Macie
Amazon Macie is a security service that uses machine learning to automatically discover, classify, and protect sensitive data in AWS.
Mail Transfer Agent (MTA)
Software that transports email messages from one computer to another by using a client-server architecture.
AWS Mainframe Modernization
AWS Mainframe Modernization service is a cloud native platform for migration, modernization, execution, and operation of mainframe applications.
Managed Blockchain
Amazon Managed Blockchain is a fully managed service for creating and managing scalable blockchain networks using popular open source frameworks.
Amazon Managed Grafana
A fully managed and secure data visualization service that you can use to instantly query, correlate, and visualize operational metrics, logs, and traces from multiple data sources.
Amazon Managed Service for Prometheus
A service that provides highly available, secure, and managed monitoring for your containers.
AWS Management Console
A graphical interface to manage compute, storage, and other cloud resources.
management portal
AWS Management Portal for vCenter is a web service for managing your AWS resources using VMware vCenter (specifically).
AWS Marketplace
A web portal where qualified partners market and sell their software to AWS customers.
It is an online software store that helps customers find, buy and immediately start using the software and services that run on AWS.
MemoryDB
Amazon MemoryDB for Redis is a Redis-compatible, durable, in-memory database service that’s purpose-built for modern applications with microservices architectures.
Migration Hub
AWS Migration Hub is a service that provides a single location to track migration tasks across multiple AWS tools and partner solutions
Amazon ML
Amazon Machine Learning is a cloud-based service that creates ML models by finding patterns in your data, and uses these models to process new data and generate predictions.
Mobile Analytics
Amazon Mobile Analytics is a service for collecting, visualizing, understanding, and extracting mobile app usage data at scale.
Mobile Hub
AWS Mobile Hub is an integrated console for building, testing, and monitoring mobile apps.
AWS Mobile SDK
AWS Mobile SDK is a software development kit whose libraries, code examples, and documentation help you build high-quality mobile apps for the iOS, Android, Fire OS, Unity, and Xamarin platforms.
Amazon Monitron
Amazon Monitron is an end-to-end system that uses ML to detect abnormal behavior in industrial machinery.
Use Amazon Monitron to implement predictive maintenance and reduce unplanned downtime.
Amazon MQ
Amazon MQ is a managed message broker service for Apache ActiveMQ that you can use to set up and operate message brokers in the cloud.
Multi-AZ deployment
A primary DB instance that has a synchronous standby replica in a different AZ.
The primary DB instance is synchronously replicated across AZs to the standby replica.
Multipurpose Internet Mail Extension (MIME)
An internet standard that extends the email protocol to include non-ASCII text and nontext elements, such as attachments.
Multitool
A cascading application that provides a simple command line interface for managing large datasets.
Amazon MWAA
Amazon Managed Workflows for Apache Airflow is a managed orchestration service for Apache Airflow to assist in setting up and operating end-to-end data pipelines in the cloud at scale.
NAT
Network Address Translation.
A strategy of mapping one or more IP addresses to another while data packets are in transit across traffic routing devices.
This is commonly used to restrict internet communications to private instances while allowing outgoing traffic.
NAT gateway
A NAT device, managed by AWS, that performs network address translation in a private subnet, to secure inbound internet traffic.
A NAT gateway uses both NAT and port address translation.
NAT instance
A NAT device, configured by a user, that performs network address translation in an Amazon VPC public subnet to secure inbound internet traffic.
Neptune
Amazon Neptune is a managed graph database service that you can use to build and run applications that work with highly connected databases.
Neptune supports the popular graph query languages Apache TinkerPop Gremlin and W3C’s SPARQL, enabling you to build queries that efficiently navigate highly connected datasets.
Network ACL
An optional layer of security that acts as a firewall for controlling traffic in and out of a subnet.
You can associate multiple subnets with a single network ACL, but a subnet can be associated with ONLY ONE network ACL at a time.
Network Firewall
AWS Network Firewall is a managed service that deploys essential network protections for all Amazon Virtual Private Clouds (Amazon VPCs).
NoSQL
Non-relational database systems (non-RDSs) that are highly available, scalable, and optimized for high performance.
Instead of the relational model, NoSQL databases (for example, DynamoDB) use alternate models for data management, such as key-value pairs or document storage.
object
Amazon S3: The fundamental entity type stored in Amazon S3. Objects consist of object data and metadata. The data portion is opaque to Amazon S3.
CloudFront: Any entity that can be served either over HTTP or a version of RTMP.
OpenSearch Service
Amazon OpenSearch Service is an open-source search and analytics engine that offers security options, high availability, data durability, and direct access to the OpenSearch API.
It is an AWS managed service for deploying, operating, and scaling OpenSearch in the AWS Cloud.
OpsWorks
AWS OpsWorks is a Configuration management service that helps you use Chef to configure and operate groups of instances and applications.
You can define the app’s architecture and the specification of each component including package installation, software config, and resources such as storage.
You can automate tasks based on time, load, or lifecycle events.
AWS Organizations
An account management service that you can use. to consolidate multiple AWS accounts into an organization that. you create and centrally manage.
origin access identity (OIA)
When using Amazon CloudFront to serve content with an Amazon S3 bucket as the origin, a virtual identity that you use to require users to access your content through CloudFront URLs instead of Amazon S3 URLs.
Usually used with CloudFront private content.
Outposts
AWS Outposts is a fully managed service by AWS that extends AWS infrastructure, services, APIs, and tools to on-premises data centers and edge locations.
Use AWS Outposts for workloads and devices requiring low latency access to on-premises systems, local data processing, data residency, and application migration with local system interdependencies.
AWS ParallelCluster
An AWS supported open-source cluster management tool that helps you to deploy and manage high performance computing (HPC) clusters in the AWS cloud.
Amazon Personalize
An artificial intelligence service for creating individualized product and content recommendations.
Amazon Pinpoint
Amazon Pinpoint is a multichannel communications service that helps organizations send timely, targeted content through SMS, email, mobile push notifications, voice messages, and in-application channels.
Amazon Polly
a text-to-speech (TTS) service that turns text into natural-sounding human speech.
Premium Support
A one-on-one, fast-response support channel that AWS customers can subscribe to for support for AWS infrastructure services.
AWS Private CA
AWS Private Certificate Authority is a hosted private certificate authority service for issuing and revoking private digital certificates.
private subnet
An Amazon VPC subnet whose instances can’t be reached from the internet.
Provisioned IOPS
A storage option that delivers fast, predictable, and consistent I/O performance.
When you specify an IOPS rate while creating a DB instance, Amazon RDS provisions that IOPSS rate for the lifetime of the DB instance.
PV Virtualization
Paravirtual Virtualization allows guest VMs to run on host systems that don’t have special support extensions for full hardware and CPU virtualization.
Because PV guests run a modified OS that doesn’t use hardware emulation, they can’t provide hardware-related features, such as enhanced networking or GPU support.
Amazon QLDB
Amazon Quantum Ledger Database is a fully managed ledger database that provides a transparent, immutable, and cryptographically verifiable transaction log owned by a central trusted authority.
QuickSight
Amazon QuickSight is a fast, cloud-powered business analytics service that you. can use to build visualizations, perform analysis, and quickly get business insights from your data.
AWS RAM
AWS Resource Access Manager is a web service that AWS customers can use to securely share AWS resources with any AWS account or within your organization.
Amazon RDS
Amazon Relational Database Service is a web service that makes it easier to set up, operate, and scale a relational database in the cloud.
It provides cost-efficient, resizable capacity for an industry-standard relational database and manages common DB administrations tasks.
Redis
A fast, open-source, in-memory key-value data structure store.
Redis comes with a set of versatile in-memory data structures with which you can easily create a variety of custom applications.
Amazon Redshift
Amazon Redshift is a fully managed, petabyte-scaled data warehouse service in the cloud.
With Amazon Redshift, you can analyze your data using your existing business intelligence tools.
Amazon Rekognition
Amazon Rekognition is a machine learning service that identifies objects, people, text, scenes, and activities, including inappropriate content, in either image or video files.
With Amazon Rekognition Custom Labels, you can create a customized ML model that detects objects and scenes specific to your business in images.
Resource Groups
AWS Resource Groups is a web service that AWS customers can use to manage and automate tasks on large numbers of resources at one time.
Amazon Resource Name (ARN)
A standardized way to refer to an AWS resource (for example, arn:aws:iam::123456789012:user/division_abc/subdivision_xyz/Bob).
REST
Representational state transfer.
A simple stateless architecture that generally runs over HTTPS/TLS.
REST Emphasizes that resources have unique and hierarchical identifiers (URIs), are represented by common media types (such as HTML, XML, or JSON), and that operations on the resources are either predefined or discoverable within the media type.
In practice, this generally results in a limited number of operations.
root device volume
A volume that ocntains the image used to boot the instance (aka root device).
If you launched the instance from an AMI backed by instance store, this is an instance store volume created from a template stored in Amazon S3.
Or, by Amazon EBS, its an EBS volume created from an EBS snapshot.
route table
A set of routing rules that controls the traffic leaving and subnet that’s associated with the route table. You can associate multiple subnets with a single route table, but a subnet can only be associated with one route table at a time.
Route 53
Amazon Route 53 is a web service that you can use to create a new DNS service or to migrate your existing DNS service to the cloud.
Amazon S3
Amazon S3 is storage for the internet. You can use it to store and retrieve any amount of data at any time, from anywhere on the web.
Amazon S3 Glacier
S3 Glacier is a secure, durable, and low-cost storage service for data archiving and long-term backup. You can reliably store large or small amounts of data for significantly less than on-premises solutions.
S3 Glacier is optimized for infrequently accessed data, where a retrieval time of several hours is suitable.
Amazon SageMaker
Amazon SageMaker is a fully managed cloud service that builds, trains, and deploys machine learning (ML) models by using AWS infrastructure, tools, and workflows.
AWS SAM
AWS Serverless Application Model is an open-source framework for building and running serverless applications.
It provides a command line interface tool and a shorthand syntax template specification that you can use to quickly iterate through your serverless application lifecycle.
“scale in” vs “scale out”
To scale in is to remove EC2 instances from an Auto Scaling group.
To scale OUT is to add instances.
AWS SCT
AWS Schema Conversion Tool is a desktop application that automates heterogenous database migrations.
You can use AWS SCT to convert DB schemas and code objects, SQL code in your apps, and ETL scripts to a format compatible with the target database.
Then, you can use AWS SCT data extraction agents to migrate data to your target DB.
Secrets Manager
AWS Secrets Manager is a service for securely encrypting, storing, and rotating credentials for databases and other services.
security group
A named set of allowed inbound network connections for an instance.
(Security groups in Amazon VPC also include support for outbound connections).
Each security group consists of a list of protocols, ports, and IP address ranges.
A security group can apply to multiple instances, and multiple groups can regulate a single instance.
Security Hub
AWS Security Hub is a service that provides a comprehensive view of the security state of your AWS resources.
It collects security data from AWS accounts and services and helps you analyze your security trends to identify and prioritize the security issues from your AWS environment.
AWS Serverless Application Repository
A managed repo that teams, orgs, and individual devs can use to store and share reusable apps, and assemble and deploy serverless architectures in powerful ways.
server-side encryption (SSE)
The encrypting of data at the server level. Amazon S3 supports three modes of server-side encryption: SSE-S3, where Amazon S3 manages the keys; SSE-C, where the customer manages the keys; and SSE-KMS, where AWS KMS manages the keys.
AWS Service Catalog
Web service that helps orgs create and manage catalogs of IT services that are approved for use on AWS. These IT services can include everything from virtual machine images, servers, software, and databases to complete multi-tier application arhitectures.
AWS Service Management Connector
Enables customers to provision, manage, and operate AWS resources and capabilities in familiar IT Service Management (ITSM) tooling.
Service Quotas
A service for viewing and managing your quotas easily and at scale as your AWS workloads grow.
Quotas, also referred to as limits, are the maximum number of resources that you can create in an AWS account.
Amazon SES
Amazon Simple Email Service is a simple and cost-effective email solution for applications.
SHA
Secure Hash Algorithm.
SHA1 is an earlier version of the algorithm, which AWS has replaced with SHA256.
Shield
AWS Shield is a service that helps to protect your resources against DDoS attacks. (Resources like Amazon EC2 instances, Elastic Load Balancing load balancers, Amazon CloudFront distributions, and Route 53 hosted zones).
AWS Shield is automatically included at no extra cost beyond what you already pay for AWS WAF and your other AWS services.
For added protection against DDoS attacks, AWS offers AWS Shield Advanced.
AWS SMS
AWS Server Migration Service is a service that combines data collection tools with automated server replication to speed the migration of on-premises servers to AWS.
Snowball
AWS Snowball is a petabyte-scaled data transport solution that uses devices that are secure to transfer large amounts of data into and out of the AWS Cloud.
Amazon SNS
Amazon Simple Notification Service is a web service that applications, users, and devices can use to instantly send and receive notifications from the cloud.
SOAP
Simple Object Access Protocol.
An XML-based protocol that you can use to exchange info over a particular protocol between applications.
(protocols like HTTP or SMTP).
Spot instance
A type of EC2 instance that you can bid on to use unused Amazon Ec2 capacity.
Amazon SQS
Amazon Simple Queue Service is a reliable and scalable hosted queues for storing messages as they travel between computers. (this definition seems poorly worded in their documentation.)
Amazon SWF
Amazon Simple Workflow Service is a fully managed service that helps devs build, run, and scale background jobs that have parallel or sequential steps.
SWF functions similar to a state tracker and task coordinator in the AWS Cloud.
Step Functions
AWS Step Functions. isa web service that coordinates the components of distributed applications as a series of steps in a visual workflow.
Storage Gateway
AWS Storage Gateway is a web service that connects an on-premises software appliance with cloud-based storage.
Storage Gateway provides seamless and secure integration between an org’s on-premises IT environment and AWS storage infrastructure.
AWS STS
AWS Security Token Service is a web service for requesting temporary, limited-privilege credentials for IAM users or for users that you authenticate (federated users).
subnet
A segment of. theIP address range of an Amazon VPC that an EC2 instance can be attached to.
You can create subnets to group instances according to security and operational needs.
Systems Manager
AWS Systems Manager is the operations hub for AWS and hybrid cloud environments that can help achieve secure operations at scale.
It provides a unified user interface for users to view operations data from multiple AWS services and automate tasks across their AWS resources.
Timestream
Amazon Timestream is a scalable and serverless time series database service for real-time analytics, DevOps, and IoT applications that you can use to store and analyze trillions of events per day.
Traffic Mirroring
An Amazon VPC feature that you can use to copy network traffic from an elastic network interface of Amazon EC2 instances.
You can send this network traffic to out-of-band security and monitoring appliances for content inspection, threat monitoring, and troubleshooting.
Transfer Family
AWS Transfer Family offers fully managed support for transferring files over SFTP, FTPS, and FTP into and out of Amazon S3 or Amazon EFS, as well as support for the Applicability Statement 2 (AS2) protocol for business-to-business (B2B) transfers.
NOTE: SFTP builds on secure shell protocol (SSH) and adds on file transfer capabilities. FTPS builds on file transfer protocol (FTP) and adds on a security and encryption layer. It uses a single connection through only one port, making it easier to install firewall solutions.
Transport Layer Security (TLS)
A cryptographic protocol that provides security for communication over the internet. Its predecessor is Secure Sockets Layer (SSL).
trust policy
An IAM policy that’s an inherent part of an IAM role.
The trust policy specifies which principals are allowed to use the role.
Trusted Advisor
AWS Trusted Advisor is a web service that inspects your AWS environment and makes recommendations for saving money, improving system availability and performance, and helping to close security gaps.
trusted key groups
Amazon CloudFront key groups whose public keys CloudFront can use to verify the signatures of CloudFront signed URLs and signed cookies.
tunnel
A route for transmission of private network traffic that uses the internet to connect nodes in the private network.
The tunnel uses encryption and secure protocols such as PPTP to prevent the traffic from being intercepted as it passes through public routing nodes.
PPTP
The Point to Point Tunneling Protocol (PPTP) is a network protocol used to create VPN tunnels between public networks. PPTP servers are also known as Virtual Private Dialup Network (VPDN) servers. PPTP is preferred over other VPN protocols because it is faster and it has the ability to work on mobile devices.
virtual private gateway (VGW)
The Amazon side of a VPN connection that maintains connectivity.
The internal interfaces of the virtual private gateway connect to your Amazon VPC through the VPN attachment.
The external interfaces connect to the VPN connection, which leads to the customer gateway.
VM Import/Export
VM Import/Export is a service for importing virtual machine (VM) images from your existing virtualization environment to Amazon EC2 and then exporting them back.
Amazon VPC
Amazon Virtual Private Cloud is a web service for provisioning a logically isolated section of the AWS Cloud virtual network that you define.
You control your virtual networking environment by selecting your own IP address range, creating subnets and configuring route tables and network gateways.
VPC Endpoint
A feature that you can use to create a private connection between your Amazon VPC and another AWS service without requiring access over the internet, through. aNAT instance, a VPN connection, or Direct Connect.
AWS VPN
AWS Virtual Private Network provides functionality that establishes encrypted connections between your network or device, and AWS.
AWS VPN is comprised of two services:
AWS Client VPN, and
AWS Site-to-Site VPN
AWS VPN CloudHub
AWS VPN CloudHub is a feature that enables secure communication between branch offices using a simple hub-and-spoke model, with or without a VPN
AWS WAF
AWS WAF is a web application firewall service that controls access to content by allowing or blocking web requests based on criteria that. you specify.
For example, you can filter access based on the header values or the IP addresses that the requests originate from.
AWS WAF helps protect web applications from common web exploits that could affect application availability, compromise security, or consume excessive resources.
Amazon WAM
Amazon WorkSpaces Application Manager (WAM) is a web service for deploying and managing applications for WorkSpaces.
It accelerates software deployment, upgrades, patching, and retirement by packaging Windows desktop apps into virtualized application containers.
AWS Wavelength
AWS Wavelength is a service by AWS that embeds AWS compute and storage services within 5G networks to provide mobile edge computing infrastructure.
Use AWS Wavelength to develop, deploy, and scale ultra-low-latency apps to mobile devices and end users.
WorkDocs
Amazon WorkDocs is a managed, secure enterprise document storage and sharing service with administrative controls and feedback capabilities.
Amazon WorkLink
Amazon WorkLink is a cloud-based service that provides secure access to internal websites and web apps from mobile devices.
Amazon WorkSpaces
Amazon WorkSpaces is a managed, secure desktop computing service for provisioning cloud-based desktops and providing users access to documents, applications, and resources from supported devices.
WSDL
Web Services Description Language.
A language that’s used to describe the actions that a web service can perform, along with the syntax of action requests and responses.
X.509 certificate
A digital document that uses the X.509 public key infrastructure (PKI) standard to verify that a public key belongs to the entity that’s described in the certificate.
X-Ray
AWS X-Ray is a web service that collects data about requests that your application serves.
X-Ray provides tools that you can use to view, filter, and gain insights into that data to identify issues and opportunities for optimization.
