Terminology Flashcards
High Availability
Concept of something being accessible when you attempt to access it (and/or the ability to access something via multiple platforms).
Fault Tolerant
The ability to withstand a certain amount of failure and still remain functional (and/or be self-healing and return to full capacity).
Scalable
The ability to easily grow in size, capacity, and/or scope when required (usually based on demand)
Elastic
The ability to not only grow (scale) when required, but also reduce in size when required.
AWS Certificate Manager (ACM)
To enable HTTPS connections to your website or application in AWS, you need an SSL/TLS server certificate. You can use a server certificate provided by AWS Certificate Manager (ACM) or one that you obtained from an external provider. You can use ACM or IAM to store and deploy server certificates. Use IAM as a certificate manager only when you must support HTTPS connections in a region that is not supported by ACM.
Amazon Managed Services (AMS)
Provides support to companies to migrate to the cloud faster.
Artifact
Provides on-demand access to AWS compliance reports and AWS customer agreements. You can use AWS Artifact Agreements to review, accept, and track the status of AWS agreements such as the Business Associate Addendum (BAA).
Aurora
Relational database that can be configured as MySQL or PostgreSQL but much faster than either. Fully managed by RDS to automate provisioning, set ups, patching, backups. Includes serverless feature to allow on-demand usage and scaling.
AWS Shield
Managed DDOS protection.
Budgets
Will send alert when cost or usage exceeds or are forecasted to exceed a budget you set.
Cloud Formation
Model AWS resources and it will configure them for you. Free to use.
Cloud9
Integrated Development Environment (IDE) for writing, running and debugging code.
CloudFront
Distribute content globally with low latency. Uses edge locations. Includes Content Delivery Network (CDN) and provides security through DDOS protection.
Pay per use. Integrates with several other AWS services.
CloudTrail
Enables governance, monitoring and auditing of actions taken in your AWS account. User activity and API usage.
CloudWatch
Monitoring service that gives view of cloud resources and applications. Set billing alarm triggers based on AWS usage. Can be configured to trigger an SNS notification.
Stores logs of IP traffic on VPC, subnet, etc.
Centralize logs from other AWS services such as: EC2, CloudTrail, Route 53
CodePipeline
AWS CodePipeline is a fully managed continuous delivery service that helps you automate your release pipelines for fast and reliable application and infrastructure updates.
Cognito
Use to enable identity federation with Internet identity providers. Ex: allow temporary access via FB/Amazon/Google without creating an IAM user for the person.
Config
Evaluates your AWS set up. Fully managed service that provides you with an AWS resource inventory, configuration history, and configuration change notifications to enable security and governance.
Amazon Connect
Self-service contact center service.
Cost Explorer
View past usage, forecast future usage, get recommendations.
Data Pipeline
AWS Data Pipeline is a web service that helps you reliably process and move data between different AWS compute and storage services, as well as on-premises data sources.
DirectConnect
Establish a dedicated network connection from on-premise to AWS.
Directory Service
AWS Directory Service is a managed Microsoft Active Directory in the AWS Cloud.
Data Migration Service (DMS)
Migrates data from one database to another.
DynamoDB
NoSQL database service. No server setup needed.
JSON, key-value pairs, or documents. Fully managed.
Native multi-zone fault tolerance. Global tables provide automatic multi-master replication to AWS Regions world-wide.
Elastic Block Storage (EBS)
Block level storage. For use with EC2 and RDS.
Storage device is called volumes. Has a feature that allows you to take snapshots of volumes.
Uses multiple servers, automatically replicated within a single Availability Zone.
Elastic Cloud Compute (EC2)
Provision servers. Configure for server type and size.
Runs continuously. Use key pairs to connect.
During the creation process of EC2 instances you can create and download your key pair. This key pair is required when you want to connect to your Amazon EC2 instances.
Note: You can’t connect to your EC2 instance unless you attach a security group that allows SSH access from your IP.
Elastic Container Registry (ECR)
Amazon EC2 Container Registry (ECR) is a fully managed Docker container registry that makes it easy for developers to store, manage, and deploy Docker container images. Amazon ECR is integrated with Amazon EC2 Container Service (ECS), simplifying your development to production workflow.
Elastic File System (EFS)
Storage service that is scalable. Allows for file sharing. Uses multiple Availability Zones. Designed to support EC2.
Elastic Beanstalk
AWS Elastic Beanstalk is used to simplify the process of deploying an application on AWS.
Elasticache
Caches data for databases, keeping most used data in memory. ElastiCache is a web service that makes it easy to set up, manage, and scale a distributed in-memory data store or cache environment in the cloud.
Elastic Load Balancer (ELB)
Performs health checks and distributes traffic only to healthy instances.
Elastic Load Balancing automatically distributes incoming application traffic across multiple targets, such as Amazon EC2 instances, containers, IP addresses, and Lambda functions. Elastic Load Balancing offers three types of load balancers: 1- Application Load Balancer. 2- Network Load Balancer. 3- Classic Load Balancer.
Elastic Map Reduce (EMR)
Runs big data frameworks. Hadoop framework for processing large amounts of data across scalable EC2 instances.
GuardDuty
Amazon GuardDuty is a threat detection service that continuously monitors for smalicious activity and unauthorized behavior to protect your AWS accounts and workloads. GuardDuty analyzes tens of billions of events across multiple AWS data sources, such as AWS CloudTrail, Amazon VPC Flow Logs, and DNS logs.
Identity and Access Management (IAM)
A web service that helps you control who is authenticated (signed in) and authorized (has permissions) to the AWS resources in your account.
Infrastructure Event Management (IEM)
A service available to enterprise customers (or business level for a fee). Short term support for a specific event. AWS team provides architectural and scaling advice.
Inspector
Check your applications for vulnerabilities. Automated security assessment service.
Instance Store
Block level storage.
Kinesis
Used to collect, process and analyze video and data streams in real time.
Key Management & Storage (KMS)
Used for data encryption.
Lambda
Compute service that runs code without needing to provision servers. Runs only when triggered. Scales automatically.
Lightsail
Creates Virtual Private Server on the cloud.
Limit Monitor
You can configure the AWS Limit Monitor to send email notification when usage approaches a service limit. (Is this for SES only?)
Migration Acceleration Program (MAP)
MAP has been created to provide consulting support, training and services credits to reduce the risk of migrating to the cloud, build a strong operational foundation and help offset the initial cost of migrations. Includes migration methodology, tools, Partners and Professional Services.
Marketplace
Online store for buying third-party software or services that run on AWS.
Migration Hub
AWS Migration Hub provides a single location to track the progress of application migrations across multiple AWS and partner solutions.
Neptune
Fully managed graph database that works with highly connected datasets.
OpsWorks
AWS OpsWorks is a configuration management service that provides managed instances of Chef and Puppet. Chef and Puppet are automation platforms that allow you to use code to automate the configurations of your servers. OpsWorks lets you use Chef and Puppet to automate how servers are configured, deployed, and managed across your Amazon EC2 instances or on-premises compute environments.
Personal Health Dashboard
Provides alerts and remediation guidance when AWS events may impact you. Gives a personalized view of the performance and availability of the services you are using.
Relational Database Service (RDS)
Configure a database instance as Aurora, PostgreSQL, MySQL, Oracle, MS SQL Server, MariaDB. Structured data.
Runs on EC2 in the background, but no need to configure the compute capacity. Amazon handles patching and backups.
- Uses multiple AZs. - Uses EBS storage.
Rekognition
AWS Rekognition is a service that lets developers working with Amazon Web Services add image analysis to their applications. With AWS Rekognition your apps can detect, remember and recognize objects, scenes, and faces in images
Redshift
Data warehouse for large data. Based on but NOT the same as PostgreSQL. Standard SQL and BI tools. Single zone use.
Route 53
Domain Name System (DNS) provider. Registration and health checks.
Simple Storage Service (S3)
- Object level storage
- 11x9 durability
- Any amount of data
- Infinitely scalable
- Only limitation is object size: max of 5 terabytes
- Native multi-zone fault tolerance.
Serverless Application Repository
AWS Serverless Application Repository is used to share solutions with developers or to help your customers quickly understand the value of products and services you sell and support.
Service Catalog
AWS Service Catalog allows organizations to create and manage catalogs of IT services that are approved for use on AWS.
Service Health Dashboard
Displays general status of AWS services.
Simple Email Service (SES)
Use to send marketing, notification or transactional emails. Cannot be used to send billing notifications from CloudWatch.
Simple Monthly Calculator
The AWS Simple Monthly Calculator helps customers and prospects estimate their monthly AWS bill more efficiently. The calculator can be used to determine your best and worst case scenarios and identify areas of development to reduce your monthly costs and even compare it with other service providers who do not offer utility-style of billing (pay-as-you-go).
SimpleDB
Just another AWS database.
Snowball
Secure transfer of large amounts (petabyte) of data in and out of AWS cloud. Much cheaper than standard data costs.
Snowmobile
Exabyte-scale data transfer service used to move extremely large amounts of data to AWS.
Simple Notification Service (SNS)
Messaging service. Automate messages based on AWS events such as CloudWatch events.
Storage Gateway
AWS Storage Gateway is a hybrid cloud storage service.
You can use the service for backup and archiving, disaster recovery, cloud data processing, storage tiering, and migration. The gateway connects to AWS storage services, such as Amazon S3, Amazon S3 Glacier, Amazon S3 Glacier Deep Archive, Amazon EBS, and AWS Backup, providing storage for files, volumes, snapshots, and virtual tapes in AWS.
Security Token Service (STS)
A web service that enables you to request temporary, limited privilege credentials for IAM users or federated users. Tracked in CloudTrail.
Can enable single sign-on without creating new IAM user. Can also allow users from one AWS account to access another.
Simple Workflow Service (SWF)
Amazon Simple Workflow Service (SWF) is a web service that makes it easy to coordinate work across distributed application components.
Total Cost of Ownership Calculator (AKA TCO Tool)
The AWS TCO tool only asks you about server and storage configuration details, but if you are going to perform the TCO analysis yourself, you should consider other factors such as cooling and power consumption, data center space, IT labor cost and so on.
Trusted Advisor
Get (automated) cost optimization recommendations. Optimize for cost, performance, security, fault tolerance, service limits.
Virtual Private Cloud (VPC)
Provision a section of the cloud for your virtual network. Add whatever you want. Not a resource, but a place to deploy resources.
Spans all AZ in region. A default VPC comes with each new account.
Virtual Private Network (VPN)
Establish a secure private tunnel from your network or device to AWS.
Has Gateways at either end (Virtual Private Gateway = Amazon, Customer = customer). Serves as the connection between your computer and your Amazon VPC cloud-based network.
Web Application Firewall (WAF)
Protects web applications on AWS.
X-Ray
Analyzes and de-bugs distributed applications. Applications in production or under development, including those using microservices architecture.
Availability Zones
Geo isolated locations within a region where data is replicated. Each AZ has one or more data centers.
Currently 61 AZs. AZ names are mapped to different data centers for different users.
AWS Regions
Each region has 2 or more AZs. Each region has a name, ex: us-east.
There are 21 Regions and 61 Availability Zones currently. Always growing. Supports distributed infrastructure.
Edge Cache
Regional Edge Caches sit between CloudFront servers and Edge Locations.
Edge Locations
Amazon data centers that do not host apps, just cache content delivered by CloudFront.
Edge locations are Content Delivery Network (CDN) endpoints for CloudFront. Currently > 100.
Endpoint
An endpoint is a URL that is the entry point for a web service.
SPOF
Single Point of Failure – eliminated with well-built cloud system. High availability.
Well-Architected Framework
1-Operational Excellence: run, monitor, continually improve
2-Security: protect through risk assessment and mitigation
3-Reliability: recover from disruption, scale
4-Performance Efficiency: use compute resources efficiently, scale
5-Cost Optimization: avoid or eliminate unneeded cost or sub-optimal resources
CDN
Content Delivery Network
DDOS
Distributed Denial of Service – type of web attack.
Subnet
A range of IP addresses in your VPC.
VPN vs VPC
VPN is the connection between your PC and your cloud network.
VPC is your cloud-based network of resources.
IaaS
Infrastructure as a Service – provides access to networking, computers, data storage. Allows most flexibility and user control.
PaaS
Platform as a Service – manages infrastructure hardware and operating systems.
SaaS
Software as a Service – provides completed product. Offers end user application.
APN Consulting Partners
APN Consulting Partners are professional services firms that help customers design, architect, build, migrate, and manage their workloads and applications on AWS. Consulting Partners include System Integrators, Strategic Consultancies, Agencies, Managed Service Providers, and Value-Added Resellers.
APN Technology Partners
APN Technology Partners provide software solutions that are either hosted on, or integrated with, the AWS platform.
AWS Customer Service team
Help customers understand cloud computing and if it can help their business.
AWS Professional Services
AWS Professional Services shares a collection of offerings to help you achieve specific outcomes related to enterprise cloud adoption. AWS Professional Services also trains your team with specialized skills and provides global specialty practices to support your efforts in focused areas of enterprise cloud computing.
Organizations
A service available to enterprise customers that allows for consolidated billing of several accounts to share some resources (Reserved Instances) and benefit from volume discounts.
Also, Organizations APIs can create new accounts automatically and add them to groups.
Service Limits
AWS maintains service limits for each account to help guarantee the availability of AWS resources, as well as to minimize billing risks for new customers. Some service limits are raised automatically over time as you use AWS, though most AWS services require that you request limit increases manually. Most service limit increases can be requested through the AWS Support Center.
Support Concierge Team
AWS billing and account experts for enterprise customers. Help with best practices for cost efficiency. Can increase service limits.
Support Plans
1-Developer: 7 core checks in Trusted Advisor; business hours email to Cloud Support Associates; general architectural guidance.
2-Business: All Trusted Advisor checks; 24x7 phone, email and chat with Cloud Support Engineers; more detailed support and guidance.
3-Enterprise: All Trusted Advisor checks; 24x7 phone, email and chat with Cloud Support Engineers; faster response (15 min) for critical system outages; well-architected reviews, etc.
TAM
Technical Account Manager – primary contact for enterprise customers. Very high-level support.
Performance Efficiency
1- Democratize advanced technologies: Rather than having your IT team learns how to host and run a new technology, they can simply consume it as a service.
2- Go global in minutes: provide lower latency and a better experience for your customers at minimal cost.
3- Use serverless architectures: In the cloud, serverless architectures remove the need for you to run and maintain servers to carry out traditional compute activities.
4- Experiment more often: test using different types of instances, storage, or configurations.
5- Mechanical sympathy: Use the technology approach that aligns best to what you are trying to achieve.
Bootstrapping
When you launch an AWS resource like an Amazon EC2 instance or Amazon Relational Database (Amazon RDS) DB instance, you start with a default configuration. You can then execute automated bootstrapping actions. That is, scripts that install software or copy data to bring that resource to a particular state. You can parameterize configuration details that vary between different environments (e.g.,production, test, etc.) so that the same scripts can be reused without modifications.
Golden Images
Certain AWS resource types like Amazon EC2 instances, Amazon RDS DB instances, Amazon Elastic Block Store (Amazon EBS) volumes, etc., can be launched from a golden image: a snapshot of a particular state of that resource. When compared to the bootstrapping approach, a golden image results in faster start times and removes dependencies to configuration services or third-party repositories. This is important in auto-scaled environments where you want to be able to quickly and reliably launch additional resources as a response to demand changes.
Software Development Kit (SDK)
Helps take the complexity out of coding by providing Java APIs for many AWS services including Amazon S3, Amazon EC2, DynamoDB, and more
