AWS Key Value Notes
- Get link
- Other Apps
AWS Global Infrastructure |
Core Services Overview: Compute |
Core Services Overview: Storage |
Core Services Overview: Databases |
Core Services Overview: Networking |
Core Services Overview: Security |
Core Services Overview: Pricing |
AWS Infrastructure | |
Amazon AppStream 2.0 | Amazon AppStream 2.0 is a fully managed application streaming service that allows you to stream desktop applications from AWS to any device with a web browser. It's suitable for providing access to applications without the need to manage full desktop environments. |
Amazon AppStream 2.0 | Amazon AppStream 2.0 is a fully managed application streaming service that allows you to stream desktop applications from AWS to any device with a web browser. It's suitable for providing access to applications without the need to manage full desktop environments. |
Amazon Athena | Query, Serverless, Interactive, Analysis |
Amazon Athena | Amazon Athena is a serverless, interactive analytics service built on open-source frameworks, supporting open-table and file formats. Athena provides a simplified, flexible way to analyze petabytes of data where it lives. Analyze data or build applications from an Amazon Simple Storage Service (S3) data lake and 30 data sources, including on-premises data sources or other cloud systems using SQL or Python. Athena is built on open-source Trino and Presto engines and Apache Spark frameworks, with no provisioning or configuration effort required. |
Amazon Athena | Amazon Athena is a serverless, interactive analytics service built on open-source frameworks, supporting open-table and file formats. Athena provides a simplified, flexible way to analyze petabytes of data where it lives. Analyze data or build applications from an Amazon Simple Storage Service (S3) data lake and 30 data sources, including on-premises data sources or other cloud systems using SQL or Python. Athena is built on open-source Trino and Presto engines and Apache Spark frameworks, with no provisioning or configuration effort required. |
Amazon Aurora | Database, Relational, MySQL, PostgreSQL |
Amazon Aurora | Amazon Aurora is a modern relational database service. It offers unparalleled high performance and high availability at global scale with fully open-source MySQL- and PostgreSQL-compatible editions and a range of developer tools for building serverless and machine learning (ML)-driven applications. |
Amazon Aurora | Amazon Aurora is a MySQL and PostgreSQL-compatible relational database built for the cloud. It combines the performance and availability of high-end commercial databases with the simplicity and cost-effectiveness of open source databases. Aurora offers compatibility with PostgreSQL, making it a suitable choice for migration. |
Amazon Aurora | Amazon Aurora is a managed relational database service, and AWS handles the database engine and underlying infrastructure, including patching and updates of the database engine, but not the guest operating system. |
Amazon Aurora | Amazon Aurora is a modern relational database service. It offers unparalleled high performance and high availability at global scale with fully open-source MySQL- and PostgreSQL-compatible editions and a range of developer tools for building serverless and machine learning (ML)-driven applications. |
Amazon Aurora | Amazon Aurora is a MySQL and PostgreSQL-compatible relational database built for the cloud. It combines the performance and availability of high-end commercial databases with the simplicity and cost-effectiveness of open source databases. Aurora offers compatibility with PostgreSQL, making it a suitable choice for migration. |
Amazon Aurora | Amazon Aurora is a managed relational database service, and AWS handles the database engine and underlying infrastructure, including patching and updates of the database engine, but not the guest operating system. |
Amazon Aurora Serverless | For a company looking to migrate its PostgreSQL database to AWS with minimal management overhead and infrequent usage, "Amazon Aurora Serverless" would be the best fit. Amazon Aurora Serverless is an on-demand, auto-scaling configuration for Amazon Aurora (PostgreSQL-Compatible Edition) that automatically starts up, shuts down, and scales capacity up or down based on your application's needs. It's ideal for applications with infrequent, intermittent, or unpredictable workloads, and it reduces the need to manage database capacity. |
Amazon Aurora Serverless | For a company looking to migrate its PostgreSQL database to AWS with minimal management overhead and infrequent usage, "Amazon Aurora Serverless" would be the best fit. Amazon Aurora Serverless is an on-demand, auto-scaling configuration for Amazon Aurora (PostgreSQL-Compatible Edition) that automatically starts up, shuts down, and scales capacity up or down based on your application's needs. It's ideal for applications with infrequent, intermittent, or unpredictable workloads, and it reduces the need to manage database capacity. |
Amazon Braket | Quantum Computing, Service, Development |
Amazon Chime | Communication, Meetings, Chat, Video |
Amazon CloudFront | CDN, Content Delivery, Web, Secure |
Amazon CloudFront | deliver images and videos globally with minimal latency |
Amazon CloudFront | "Amazon CloudFront speeds up distribution of your static and dynamic web content, such as .html, .css, .php, image, and media files. When users request your content, CloudFront delivers it through a worldwide network of edge locations that provide low latency and high performance." Reference: https://docs.aws.amazon.com/cloudfront/ |
Amazon CloudFront | This is AWS's content delivery network service. It integrates with other AWS services to securely deliver data, videos, applications, and APIs to customers globally with low latency and high transfer speeds. CloudFront is designed to work with AWS Shield for DDoS protection and AWS Web Application Firewall (WAF) for protecting against web exploits. It's an ideal solution for distributing content with high data transfer speeds and low latency. |
Amazon CloudFront | deliver images and videos globally with minimal latency |
Amazon CloudFront | "Amazon CloudFront speeds up distribution of your static and dynamic web content, such as .html, .css, .php, image, and media files. When users request your content, CloudFront delivers it through a worldwide network of edge locations that provide low latency and high performance." Reference: https://docs.aws.amazon.com/cloudfront/ |
Amazon CloudFront | This is AWS's content delivery network service. It integrates with other AWS services to securely deliver data, videos, applications, and APIs to customers globally with low latency and high transfer speeds. CloudFront is designed to work with AWS Shield for DDoS protection and AWS Web Application Firewall (WAF) for protecting against web exploits. It's an ideal solution for distributing content with high data transfer speeds and low latency. |
Amazon CloudWatch | D. Amazon CloudWatch: Amazon CloudWatch is a monitoring service that can be used to collect and track metrics, logs, and events from various AWS resources. It supports setting up alarms based on cost metrics, so you can create an alarm for a specific cost threshold and configure it to send notifications when the threshold is breached. |
Amazon CloudWatch | CloudWatch is a monitoring service for AWS cloud resources and applications. It collects and tracks metrics, collects and monitors log files, but it does not specialize in identifying sensitive data. |
Amazon CloudWatch | D. Amazon CloudWatch: Amazon CloudWatch is a monitoring service that can be used to collect and track metrics, logs, and events from various AWS resources. It supports setting up alarms based on cost metrics, so you can create an alarm for a specific cost threshold and configure it to send notifications when the threshold is breached. |
Amazon CloudWatch | CloudWatch is a monitoring service for AWS cloud resources and applications. It collects and tracks metrics, collects and monitors log files, but it does not specialize in identifying sensitive data. |
Amazon CloudWatch | Amazon CloudWatch is the AWS service that allows you to monitor and collect data from various AWS resources and services. It provides the capability to create custom alarms and dashboards to monitor specific events and metrics. In the context of the scenario described, CloudWatch is the most suitable choice for monitoring misconfigured security groups that allow unrestricted access to specific ports. |
Amazon CloudWatch | Amazon CloudWatch is the AWS service that allows you to monitor and collect data from various AWS resources and services. It provides the capability to create custom alarms and dashboards to monitor specific events and metrics. In the context of the scenario described, CloudWatch is the most suitable choice for monitoring misconfigured security groups that allow unrestricted access to specific ports. |
Amazon Cognito | This service provides user identity and data synchronization, enabling users to authenticate with a user identity system, and then access AWS resources or application features. It supports sign-in with social identity providers such as Facebook, Google, and Amazon, along with other standards-based identity providers. Amazon Cognito is ideal for integrating social media login capabilities into web and mobile applications. |
Amazon Cognito | This service provides user identity and data synchronization, enabling users to authenticate with a user identity system, and then access AWS resources or application features. It supports sign-in with social identity providers such as Facebook, Google, and Amazon, along with other standards-based identity providers. Amazon Cognito is ideal for integrating social media login capabilities into web and mobile applications. |
Amazon Cognito | Identity, Authentication, User Management, Secure |
Amazon Comprehend | Natural Language Processing, Text Analysis, Machine Learning |
Amazon Connect | Customer Contact, Cloud, Service, Call Center |
Amazon Detective | Security, Investigation, Analysis, Logs |
Amazon Detective | This service analyzes and visualizes security data to quickly get to the root cause of potential security issues. Amazon Detective does not offer management capabilities for security groups, focusing instead on investigation and analysis of security-related data. |
Amazon Detective | This service analyzes and visualizes security data to quickly get to the root cause of potential security issues. Amazon Detective does not offer management capabilities for security groups, focusing instead on investigation and analysis of security-related data. |
Amazon DocumentDB | Database, MongoDB Compatibility, Scalable, Managed |
Amazon DynamoDB | Amazon DynamoDB is a fully managed NoSQL database service that provides fast and predictable performance with seamless scalability. https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/Introduction.html |
Amazon DynamoDB | Fully Managed Highly available with replication across 3 AZ • NoSQL database - not a relational database • Scales to massive workloads, distributed “serverless” database • Millions of requests per seconds, trillions of row, 100s of TB of storage • Fast and consistent in performance • Single-digit millisecond latency – low latency retrieval • Integrated with IAM for security, authorization and administration • Low cost and auto scaling capabilities |
Amazon DynamoDB | Amazon DynamoDB is a fully managed NoSQL database service that provides fast and predictable performance with seamless scalability. It allows users to offload the administrative burdens of operating and scaling a distributed database, so they don't have to worry about hardware provisioning, setup and configuration, replication, software patching, or cluster scaling. |
Amazon DynamoDB | DynamoDB is a managed NoSQL database service, and AWS takes care of the underlying infrastructure, including the operating system. |
Amazon DynamoDB | DynamoDB is a managed NoSQL database service, and AWS manages the infrastructure, including the operating system. |
Amazon DynamoDB | Amazon DynamoDB is a fully managed NoSQL database service that provides fast and predictable performance with seamless scalability. https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/Introduction.html |
Amazon DynamoDB | Fully Managed Highly available with replication across 3 AZ • NoSQL database - not a relational database • Scales to massive workloads, distributed “serverless” database • Millions of requests per seconds, trillions of row, 100s of TB of storage • Fast and consistent in performance • Single-digit millisecond latency – low latency retrieval • Integrated with IAM for security, authorization and administration • Low cost and auto scaling capabilities |
Amazon DynamoDB | Amazon DynamoDB is a fully managed NoSQL database service that provides fast and predictable performance with seamless scalability. It allows users to offload the administrative burdens of operating and scaling a distributed database, so they don't have to worry about hardware provisioning, setup and configuration, replication, software patching, or cluster scaling. |
Amazon DynamoDB | DynamoDB is a managed NoSQL database service, and AWS takes care of the underlying infrastructure, including the operating system. |
Amazon DynamoDB | DynamoDB is a managed NoSQL database service, and AWS manages the infrastructure, including the operating system. |
Amazon EC2 | Amazon EC2 is a scalable computing service that provides instances with varying capabilities and pricing options. You can choose an EC2 instance that is right for your data processing job and then terminate the instance when the job is complete. This will help you to save money on your AWS bill. |
Amazon EC2 | Amazon EC2 (Elastic Compute Cloud) provides virtual machines (EC2 instances) that allow you to have full control over the compute resources. When you deploy containers on EC2 instances, you have the flexibility to configure the instances according to your specific requirements, including the type of instance, storage, networking, and other parameters. |
Amazon EC2 | Amazon EC2 is a scalable computing service that provides instances with varying capabilities and pricing options. You can choose an EC2 instance that is right for your data processing job and then terminate the instance when the job is complete. This will help you to save money on your AWS bill. |
Amazon EC2 | Amazon EC2 (Elastic Compute Cloud) provides virtual machines (EC2 instances) that allow you to have full control over the compute resources. When you deploy containers on EC2 instances, you have the flexibility to configure the instances according to your specific requirements, including the type of instance, storage, networking, and other parameters. |
Amazon EC2 (Elastic Compute Cloud) | Amazon EC2 provides virtual machines (instances) that run within a customer's AWS account. Customers are responsible for managing and maintaining the guest operating system running on these EC2 instances, including updating and patching it to ensure security and performance. |
Amazon EC2 (Elastic Compute Cloud) | Amazon EC2 provides virtual machines (instances) that run within a customer's AWS account. Customers are responsible for managing and maintaining the guest operating system running on these EC2 instances, including updating and patching it to ensure security and performance. |
Amazon EC2 Auto Scaling | Amazon EC2 Auto Scaling is a service provided by Amazon Web Services (AWS) designed to automatically adjust the number of Elastic Compute Cloud (EC2) instances in your application to handle the load efficiently. It ensures that you have the right number of EC2 instances available to handle the load for your application. |
Amazon EC2 Auto Scaling | 1. **Dynamic Scaling**: Adjusts instance numbers based on needs, using factors like CPU and network use. 2. **Scheduled Scaling**: Pre-plans instance changes for expected load shifts. 3. **Health Checks**: Replaces unhealthy instances automatically. 4. **Cost-Efficient**: Pay for only used instances, reducing waste. 5. **Load Balancing**: Distributes traffic across instances evenly. 6. **AWS Integration**: Works with other AWS tools for monitoring, security, and setup. |
Amazon EC2 Auto Scaling | Amazon EC2 Auto Scaling is a service provided by Amazon Web Services (AWS) designed to automatically adjust the number of Elastic Compute Cloud (EC2) instances in your application to handle the load efficiently. It ensures that you have the right number of EC2 instances available to handle the load for your application. |
Amazon EC2 Auto Scaling | 1. **Dynamic Scaling**: Adjusts instance numbers based on needs, using factors like CPU and network use. 2. **Scheduled Scaling**: Pre-plans instance changes for expected load shifts. 3. **Health Checks**: Replaces unhealthy instances automatically. 4. **Cost-Efficient**: Pay for only used instances, reducing waste. 5. **Load Balancing**: Distributes traffic across instances evenly. 6. **AWS Integration**: Works with other AWS tools for monitoring, security, and setup. |
Amazon EC2 Auto Scaling groups to scale capacity | Scale the number of EC2 instances in or out automatically, based on demand. |
Amazon EC2 Auto Scaling groups to scale capacity | Scale the number of EC2 instances in or out automatically, based on demand. |
Amazon EC2 instances | Use EC2 instances in multiple AWS Regions. |
Amazon EC2 instances | AWS bills per second, with a minimum of 60 seconds. However, for On-Demand Linux instances, there is no minimum charge beyond the first minute. Therefore, the customer will be billed exactly for the time the instance was running. So, in this case, the customer runs an On-Demand Amazon Linux EC2 instance for 3 hours, 5 minutes, and 6 seconds. They will be billed for: B. 3 hours, 5 minutes, and 6 seconds |
Amazon EC2 instances | Use EC2 instances in multiple AWS Regions. |
Amazon EC2 instances | AWS bills per second, with a minimum of 60 seconds. However, for On-Demand Linux instances, there is no minimum charge beyond the first minute. Therefore, the customer will be billed exactly for the time the instance was running. So, in this case, the customer runs an On-Demand Amazon Linux EC2 instance for 3 hours, 5 minutes, and 6 seconds. They will be billed for: B. 3 hours, 5 minutes, and 6 seconds |
Amazon EC2 Reserved Instances | Amazon EC2 Reserved Instances (RI) provide a significant discount (up to 72%) compared to On-Demand pricing and provide a capacity reservation when used in a specific Availability Zone. Terms (avg. discount off On-Demand) - 1yr (40%), 3yr (60%) |
Amazon EC2 Reserved Instances | Amazon EC2 Reserved Instances (RI) provide a significant discount (up to 72%) compared to On-Demand pricing and provide a capacity reservation when used in a specific Availability Zone. Terms (avg. discount off On-Demand) - 1yr (40%), 3yr (60%) |
Amazon EC2 updates and security patches | According to the AWS shared responsibility model, the maintenance task that is the customer's responsibility is "D. Amazon EC2 updates and security patches." When using Amazon EC2 (Elastic Compute Cloud), the customer is responsible for managing the guest operating system, including the installation and maintenance of updates and security patches. AWS, on the other hand, is responsible for the physical infrastructure, network, and hardware that support the EC2 service. |
Amazon EC2 updates and security patches | According to the AWS shared responsibility model, the maintenance task that is the customer's responsibility is "D. Amazon EC2 updates and security patches." When using Amazon EC2 (Elastic Compute Cloud), the customer is responsible for managing the guest operating system, including the installation and maintenance of updates and security patches. AWS, on the other hand, is responsible for the physical infrastructure, network, and hardware that support the EC2 service. |
Amazon Elastic Block Store (Amazon EBS) | Amazon EBS provides block-level storage volumes for use with Amazon EC2 instances. EBS volumes behave like raw, unformatted block devices that can be attached to EC2 instances. They are not file servers and don't natively support file protocols like SMB. |
Amazon Elastic Block Store (Amazon EBS) | Amazon EBS provides block-level storage volumes for use with Amazon EC2 instances. EBS volumes behave like raw, unformatted block devices that can be attached to EC2 instances. They are not file servers and don't natively support file protocols like SMB. |
Amazon Elastic Block Store (Amazon EBS) snapshots | Amazon Elastic Block Store (Amazon EBS) snapshots: EBS snapshots allow you to create point-in-time backups of your EBS volumes. These snapshots can be used to restore data or create new EBS volumes, making them a key component of disaster recovery for EC2 instances. |
Amazon Elastic Block Store (Amazon EBS) snapshots | Amazon Elastic Block Store (Amazon EBS) snapshots: EBS snapshots allow you to create point-in-time backups of your EBS volumes. These snapshots can be used to restore data or create new EBS volumes, making them a key component of disaster recovery for EC2 instances. |
Amazon Elastic Container Service (ECS) | Containers, Orchestration, Scalable, Docker |
Amazon Elastic File System (Amazon EFS) | Amazon EFS provides a simple, scalable, fully managed elastic NFS file system for use with AWS Cloud services and on-premises resources. While it is scalable and reliable, it primarily supports the NFS protocol and not SMB. |
Amazon Elastic File System (Amazon EFS) | This is a cloud-native and scalable file storage service for use with AWS Cloud services and on-premises resources. It's not primarily designed for data backup with local caching. |
Amazon Elastic File System (Amazon EFS) | Amazon EFS provides a simple, scalable, fully managed elastic NFS file system for use with AWS Cloud services and on-premises resources. While it is scalable and reliable, it primarily supports the NFS protocol and not SMB. |
Amazon Elastic File System (Amazon EFS) | This is a cloud-native and scalable file storage service for use with AWS Cloud services and on-premises resources. It's not primarily designed for data backup with local caching. |
Amazon Elastic Inference | Machine Learning, Inference, Cost-effective, Acceleration |
Amazon Elastic Transcoder | This service is used to convert media files from their original source format into different formats that will play on smartphones, tablets, and PCs. It's not a CDN and doesn't provide content delivery services. |
Amazon Elastic Transcoder | This service is used to convert media files from their original source format into different formats that will play on smartphones, tablets, and PCs. It's not a CDN and doesn't provide content delivery services. |
Amazon EMR | Big Data, Cloud, Hadoop, Spark |
Amazon Forecast | Machine Learning, Predictions, Time Series, Service |
Amazon FSx | Amazon FSx lets you easily and securely backup, archive, or replicate your on-premises file storage to AWS in order to meet regulatory, data retention, or disaster recovery requirements. Learn how to get started. Choosing an Amazon FSx File System. |
Amazon FSx | Amazon FSx lets you easily and securely backup, archive, or replicate your on-premises file storage to AWS in order to meet regulatory, data retention, or disaster recovery requirements. Learn how to get started. Choosing an Amazon FSx File System. |
Amazon FSx for Windows File Server | This service provides fully managed Microsoft Windows file servers, backed by a fully native Windows file system. It supports the SMB protocol, making it an ideal choice for applications that require Windows-native file system features. It offers highly reliable and scalable file storage. |
Amazon FSx for Windows File Server | This service provides fully managed Microsoft Windows file servers, backed by a fully native Windows file system. It supports the SMB protocol, making it an ideal choice for applications that require Windows-native file system features. It offers highly reliable and scalable file storage. |
Amazon GameLift | Game Servers, Multiplayer, Scalable, Managed |
Amazon GuardDuty | Amazon GuardDuty is an AWS service that is designed to monitor and detect potential security threats in your AWS environment. It helps to identify unusual and unauthorized activities, including misconfigured security groups that may be allowing unrestricted access to specific ports. GuardDuty uses machine learning and threat intelligence to analyze data and generate alerts, making it an effective tool for enhancing the security of your AWS infrastructure. While options like AWS Trusted Advisor and Amazon CloudWatch offer valuable monitoring capabilities, they do not specifically focus on detecting security group misconfigurations. Therefore, in this scenario, Amazon GuardDuty is the most appropriate choice. |
Amazon GuardDuty | This is a threat detection service that continuously monitors for malicious or unauthorized behavior to help you protect your AWS accounts and workloads. Like AWS Security Hub, it's focused on security monitoring and does not manage access permissions to AWS services. |
Amazon GuardDuty | GuardDuty is a threat detection service that continuously monitors for malicious or unauthorized behavior to help protect AWS accounts. While it's a critical tool for security monitoring, it does not provide capabilities for configuring and managing security groups. |
Amazon GuardDuty | GuardDuty is a threat detection service that continuously monitors for malicious activity and unauthorized behavior, but it is more focused on internal security monitoring rather than DDoS protection. |
Amazon GuardDuty | Amazon GuardDuty is an AWS service that is designed to monitor and detect potential security threats in your AWS environment. It helps to identify unusual and unauthorized activities, including misconfigured security groups that may be allowing unrestricted access to specific ports. GuardDuty uses machine learning and threat intelligence to analyze data and generate alerts, making it an effective tool for enhancing the security of your AWS infrastructure. While options like AWS Trusted Advisor and Amazon CloudWatch offer valuable monitoring capabilities, they do not specifically focus on detecting security group misconfigurations. Therefore, in this scenario, Amazon GuardDuty is the most appropriate choice. |
Amazon GuardDuty | This is a threat detection service that continuously monitors for malicious or unauthorized behavior to help you protect your AWS accounts and workloads. Like AWS Security Hub, it's focused on security monitoring and does not manage access permissions to AWS services. |
Amazon GuardDuty | GuardDuty is a threat detection service that continuously monitors for malicious or unauthorized behavior to help protect AWS accounts. While it's a critical tool for security monitoring, it does not provide capabilities for configuring and managing security groups. |
Amazon GuardDuty | GuardDuty is a threat detection service that continuously monitors for malicious activity and unauthorized behavior, but it is more focused on internal security monitoring rather than DDoS protection. |
Amazon Inspector | Security, Assessment, Applications, Compliance |
Amazon Inspector | Amazon Inspector is an automated vulnerability management service that helps improve the security and compliance of applications deployed on AWS. Amazon Inspector automatically assesses applications for exposure, vulnerabilities, and deviations from best practices. After performing an assessment, Amazon Inspector produces a detailed list of security findings prioritized by level of severity. |
Amazon Inspector | "Amazon Inspector is an automated vulnerability management service that continually scans Amazon Elastic Compute Cloud (EC2), AWS Lambda functions, and container workloads for software vulnerabilities and unintended network exposure." Reference: https://aws.amazon.com/inspector/faqs/ |
Amazon Inspector | Amazon Inspector is an automated security assessment service that helps improve the security and compliance of applications deployed on AWS. It automatically assesses applications for vulnerabilities or deviations from best practices. After performing an assessment, Amazon Inspector produces a detailed list of security findings prioritized by level of severity. These findings can include vulnerabilities or a full range of issues that may impact the security of your EC2 instances. |
Amazon Inspector | This is an automated security assessment service that helps improve the security and compliance of applications deployed on AWS, but it does not specifically provide DDoS protection. |
Amazon Inspector | This service is an automated security assessment service that helps improve the security and compliance of applications deployed on AWS, but it does not provide a library of compliance documents. |
Amazon Inspector | This is an automated security assessment service that helps improve the security and compliance of applications deployed on AWS, but it does not focus on tracking configuration changes of AWS resources. |
Amazon Inspector | This is an automated security assessment service that helps improve the security and compliance of applications deployed on AWS, but it does not provide cost analysis for on-premises environments. |
Amazon Inspector | This service is used for automated security assessments, which helps to improve the security and compliance of applications deployed on AWS, but it's not specifically tailored for identifying sensitive data in the way Macie is. |
Amazon Inspector | Amazon Inspector is an automated vulnerability management service that helps improve the security and compliance of applications deployed on AWS. Amazon Inspector automatically assesses applications for exposure, vulnerabilities, and deviations from best practices. After performing an assessment, Amazon Inspector produces a detailed list of security findings prioritized by level of severity. |
Amazon Inspector | "Amazon Inspector is an automated vulnerability management service that continually scans Amazon Elastic Compute Cloud (EC2), AWS Lambda functions, and container workloads for software vulnerabilities and unintended network exposure." Reference: https://aws.amazon.com/inspector/faqs/ |
Amazon Inspector | Amazon Inspector is an automated security assessment service that helps improve the security and compliance of applications deployed on AWS. It automatically assesses applications for vulnerabilities or deviations from best practices. After performing an assessment, Amazon Inspector produces a detailed list of security findings prioritized by level of severity. These findings can include vulnerabilities or a full range of issues that may impact the security of your EC2 instances. |
Amazon Inspector | This is an automated security assessment service that helps improve the security and compliance of applications deployed on AWS, but it does not specifically provide DDoS protection. |
Amazon Inspector | This service is an automated security assessment service that helps improve the security and compliance of applications deployed on AWS, but it does not provide a library of compliance documents. |
Amazon Inspector | This is an automated security assessment service that helps improve the security and compliance of applications deployed on AWS, but it does not focus on tracking configuration changes of AWS resources. |
Amazon Inspector | This is an automated security assessment service that helps improve the security and compliance of applications deployed on AWS, but it does not provide cost analysis for on-premises environments. |
Amazon Inspector | This service is used for automated security assessments, which helps to improve the security and compliance of applications deployed on AWS, but it's not specifically tailored for identifying sensitive data in the way Macie is. |
Amazon Kendra | Enterprise Search, Machine Learning, Natural Language, Service |
Amazon Lex | Chatbots, Conversational Interfaces, AI, Service |
Amazon Lightsail | Virtual Private Server, Simple, Manageable, Cost-effective |
Amazon Lightsail | This service simplifies the process of launching and managing a virtual private server and is primarily used for simpler workloads, like running small scale applications or websites. It's not designed for edge computing or offline data processing and collection. |
Amazon Lightsail | This service simplifies the process of launching and managing a virtual private server and is primarily used for simpler workloads, like running small scale applications or websites. It's not designed for edge computing or offline data processing and collection. |
Amazon Macie | Amazon Macie - Amazon Macie is a fully managed data security and data privacy service that uses machine learning and pattern matching to discover and protect your sensitive data in AWS. Amazon Macie is a security service that uses machine learning to automatically discover, classify, and protect sensitive data in Amazon S3. It helps you identify and protect data such as personally identifiable information (PII), financial information, intellectual property, and more by monitoring data access and alerting you to potential security risks Amazon Macie is a data security service that discovers sensitive data using machine learning and pattern matching, provides visibility into data security risks, and enables you to automate protection against those risks. https://aws.amazon.com/macie/features/#:~:text=Amazon%20Macie%20is%20a%20data,automate%20protection%20against%20those%20risks. upvoted 2 times |
Amazon Macie | Amazon Macie is designed to use machine learning and pattern matching to discover and protect sensitive data stored in AWS. It helps in identifying personally identifiable information (PII), intellectual property, and other confidential data stored in Amazon S3. |
Amazon Macie | Amazon Macie is a security service that uses machine learning and pattern matching to discover and protect sensitive data stored in Amazon S3. Macie is specifically designed to identify and classify various types of sensitive data, such as personally identifiable information (PII), financial information, and other confidential data. It automatically provides alerts on risky and unusual data access and movements. |
Amazon Macie | Amazon Macie - Amazon Macie is a fully managed data security and data privacy service that uses machine learning and pattern matching to discover and protect your sensitive data in AWS. Amazon Macie is a security service that uses machine learning to automatically discover, classify, and protect sensitive data in Amazon S3. It helps you identify and protect data such as personally identifiable information (PII), financial information, intellectual property, and more by monitoring data access and alerting you to potential security risks Amazon Macie is a data security service that discovers sensitive data using machine learning and pattern matching, provides visibility into data security risks, and enables you to automate protection against those risks. https://aws.amazon.com/macie/features/#:~:text=Amazon%20Macie%20is%20a%20data,automate%20protection%20against%20those%20risks. upvoted 2 times |
Amazon Macie | Amazon Macie is designed to use machine learning and pattern matching to discover and protect sensitive data stored in AWS. It helps in identifying personally identifiable information (PII), intellectual property, and other confidential data stored in Amazon S3. |
Amazon Macie | Amazon Macie is a security service that uses machine learning and pattern matching to discover and protect sensitive data stored in Amazon S3. Macie is specifically designed to identify and classify various types of sensitive data, such as personally identifiable information (PII), financial information, and other confidential data. It automatically provides alerts on risky and unusual data access and movements. |
Amazon Managed Streaming for Kafka (MSK) | Streaming, Kafka, Scalable, Managed |
Amazon MQ | Message Broker, ActiveMQ, RabbitMQ, Managed |
Amazon Neptune | Graph Database, Fast, Reliable, Scalable |
Amazon OpenSearch Service | This service provides search and analytics capabilities, but it does not specifically focus on identifying externally shared resources. |
Amazon OpenSearch Service | This service provides search and analytics capabilities, but it does not specifically focus on identifying externally shared resources. |
Amazon Personalize | Machine Learning, Personalization, Recommendation, Service |
Amazon Personalize | "Amazon Personalize accelerates your digital transformation with ML, making it easier to integrate personalized recommendations into existing websites, applications, email marketing systems, and more." Reference: https://aws.amazon.com/personalize/ |
Amazon Personalize | "Amazon Personalize accelerates your digital transformation with ML, making it easier to integrate personalized recommendations into existing websites, applications, email marketing systems, and more." Reference: https://aws.amazon.com/personalize/ |
Amazon Polly | Text-to-Speech, Lifelike Voices, AI, Service |
Amazon QLDB | Ledger Database, Cryptographically Verifiable, Immutable, Service |
Amazon QuickSight | Business Intelligence, Visualizations, Dashboards, Analytics |
Amazon QuickSight | Amazon QuickSight powers data-driven organizations with unified business intelligence (BI) at hyperscale. With QuickSight, all users can meet varying analytic needs from the same source of truth through modern interactive dashboards, paginated reports, embedded analytics, and natural language queries. |
Amazon QuickSight | Amazon QuickSight is a scalable, serverless, embeddable, machine learning-powered business intelligence (BI) service built for the cloud. QuickSight lets you easily create and publish interactive BI dashboards that include ML insights. Users can access these dashboards from any device, and embed them into applications, websites, and portals. |
Amazon QuickSight | Amazon QuickSight powers data-driven organizations with unified business intelligence (BI) at hyperscale. With QuickSight, all users can meet varying analytic needs from the same source of truth through modern interactive dashboards, paginated reports, embedded analytics, and natural language queries. |
Amazon QuickSight | Amazon QuickSight is a scalable, serverless, embeddable, machine learning-powered business intelligence (BI) service built for the cloud. QuickSight lets you easily create and publish interactive BI dashboards that include ML insights. Users can access these dashboards from any device, and embed them into applications, websites, and portals. |
Amazon RDS (Relational Database Service) | Amazon RDS supports various database engines, including PostgreSQL, and offers a managed database service suitable for OLTP workloads. With Amazon RDS for PostgreSQL, you can easily set up, operate, and scale a PostgreSQL database without the administrative overhead of managing the infrastructure. |
Amazon RDS (Relational Database Service) | Amazon Relational Database Service (RDS) makes it easy to set up, operate, and scale a relational database in the cloud. It provides cost-efficient and resizable capacity while managing time-consuming database administration tasks. Amazon RDS supports several database engines, including PostgreSQL. |
Amazon RDS (Relational Database Service) | Amazon RDS is a managed relational database service, and AWS handles the database engine and underlying infrastructure, including patch management, but users do not have control over the guest OS. |
Amazon RDS (Relational Database Service) | Amazon RDS supports various database engines, including PostgreSQL, and offers a managed database service suitable for OLTP workloads. With Amazon RDS for PostgreSQL, you can easily set up, operate, and scale a PostgreSQL database without the administrative overhead of managing the infrastructure. |
Amazon RDS (Relational Database Service) | Amazon Relational Database Service (RDS) makes it easy to set up, operate, and scale a relational database in the cloud. It provides cost-efficient and resizable capacity while managing time-consuming database administration tasks. Amazon RDS supports several database engines, including PostgreSQL. |
Amazon RDS (Relational Database Service) | Amazon RDS is a managed relational database service, and AWS handles the database engine and underlying infrastructure, including patch management, but users do not have control over the guest OS. |
Amazon RDS on VMware | Database, On-premises, VMware, Managed |
Amazon Redshift | Data Warehouse, Fast, Scalable, Cloud |
Amazon Redshift Serverless | "Amazon Redshift Serverless makes it easy to run analytics workloads of any size without having to manage data warehouse infrastructure." Reference: https://aws.amazon.com/redshift/redshift-serverless/ |
Amazon Redshift Serverless | "Amazon Redshift Serverless makes it easy to run analytics workloads of any size without having to manage data warehouse infrastructure." Reference: https://aws.amazon.com/redshift/redshift-serverless/ |
Amazon Route 53 | This is a highly available and scalable cloud Domain Name System (DNS) web service. It is capable of routing user traffic to infrastructure in various AWS regions, thereby providing high availability and low latency. Route 53 can perform health checks and failover, helping to ensure that end-user traffic is directed to healthy endpoints. |
Amazon Route 53 | For creating a globally accessible ecommerce platform with a highly available and scalable DNS web service, the appropriate AWS service is "Amazon Route 53." Amazon Route 53 is a highly available and scalable cloud Domain Name System (DNS) web service, designed to give developers and businesses an extremely reliable and cost-effective way to route end users to internet applications. It effectively connects user requests to the infrastructure running in AWS (such as EC2 instances, Elastic Load Balancing load balancers) or outside of AWS, making it a suitable choice for the requirements of a global ecommerce platform. |
Amazon Route 53 | This is a highly available and scalable cloud Domain Name System (DNS) web service. It is capable of routing user traffic to infrastructure in various AWS regions, thereby providing high availability and low latency. Route 53 can perform health checks and failover, helping to ensure that end-user traffic is directed to healthy endpoints. |
Amazon Route 53 | For creating a globally accessible ecommerce platform with a highly available and scalable DNS web service, the appropriate AWS service is "Amazon Route 53." Amazon Route 53 is a highly available and scalable cloud Domain Name System (DNS) web service, designed to give developers and businesses an extremely reliable and cost-effective way to route end users to internet applications. It effectively connects user requests to the infrastructure running in AWS (such as EC2 instances, Elastic Load Balancing load balancers) or outside of AWS, making it a suitable choice for the requirements of a global ecommerce platform. |
Amazon S3 | "S3 Standard offers high durability, availability, and performance object storage for frequently accessed data." Reference: https://aws.amazon.com/s3/storage-classes/ |
Amazon S3 | Amazon Simple Storage Service (Amazon S3) is an object storage service that offers industry-leading scalability, data availability, security, and performance. This service is particularly well-suited for storing large volumes of unstructured data, such as server logs, at a low cost. S3 provides various storage classes designed for different use cases, including some optimized for infrequent access, which can further reduce costs. |
Amazon S3 | Amazon S3 is an object storage service that provides high-level performance, security, scalability, and data availability. |
Amazon S3 | Amazon Simple Storage Service (S3) is an object storage service that offers industry-leading scalability, data availability, security, and performance. However, it does not natively support the SMB protocol. S3 is accessed through web protocols like HTTP/S. |
Amazon S3 | Amazon S3 is an object storage service, and users interact with it at the object level; they do not manage operating systems. |
Amazon S3 | "S3 Standard offers high durability, availability, and performance object storage for frequently accessed data." Reference: https://aws.amazon.com/s3/storage-classes/ |
Amazon S3 | Amazon Simple Storage Service (Amazon S3) is an object storage service that offers industry-leading scalability, data availability, security, and performance. This service is particularly well-suited for storing large volumes of unstructured data, such as server logs, at a low cost. S3 provides various storage classes designed for different use cases, including some optimized for infrequent access, which can further reduce costs. |
Amazon S3 | Amazon S3 is an object storage service that provides high-level performance, security, scalability, and data availability. |
Amazon S3 | Amazon Simple Storage Service (S3) is an object storage service that offers industry-leading scalability, data availability, security, and performance. However, it does not natively support the SMB protocol. S3 is accessed through web protocols like HTTP/S. |
Amazon S3 | Amazon S3 is an object storage service, and users interact with it at the object level; they do not manage operating systems. |
Amazon S3 (Simple Storage Service) | S3 is an object storage service that offers industry-leading scalability, data availability, security, and performance. While it's often used to store and retrieve any amount of data, it's not a CDN and doesn't provide the same global distribution and edge caching capabilities that CloudFront offers. |
Amazon S3 (Simple Storage Service) | S3 is an object storage service that offers industry-leading scalability, data availability, security, and performance. While it's often used to store and retrieve any amount of data, it's not a CDN and doesn't provide the same global distribution and edge caching capabilities that CloudFront offers. |
Amazon S3 access control lists (ACLs) | These are used to manage access to S3 buckets and objects, but they don't provide a history of service usage. |
Amazon S3 access control lists (ACLs) | These are used to manage access to S3 buckets and objects, but they don't provide a history of service usage. |
Amazon S3 File Gateway | "Amazon S3 File Gateway provides a seamless way to connect to the cloud in order to store application data files and backup images as durable objects in Amazon S3 cloud storage. Amazon S3 File Gateway offers SMB or NFS-based access to data in Amazon S3 with local caching. It can be used for on-premises data-intensive Amazon EC2-based applications that need file protocol access to S3 object storage." |
Amazon S3 File Gateway | "Amazon S3 File Gateway provides a seamless way to connect to the cloud in order to store application data files and backup images as durable objects in Amazon S3 cloud storage. Amazon S3 File Gateway offers SMB or NFS-based access to data in Amazon S3 with local caching. It can be used for on-premises data-intensive Amazon EC2-based applications that need file protocol access to S3 object storage." |
Amazon S3 File Gateway | "Amazon S3 File Gateway provides a seamless way to connect to the cloud in order to store application data files and backup images as durable objects in Amazon S3 cloud storage. Amazon S3 File Gateway offers SMB or NFS-based access to data in Amazon S3 with local caching. It can be used for on-premises data-intensive Amazon EC2-based applications that need file protocol access to S3 object storage." |
Amazon S3 File Gateway | "Amazon S3 File Gateway provides a seamless way to connect to the cloud in order to store application data files and backup images as durable objects in Amazon S3 cloud storage. Amazon S3 File Gateway offers SMB or NFS-based access to data in Amazon S3 with local caching. It can be used for on-premises data-intensive Amazon EC2-based applications that need file protocol access to S3 object storage." |
Amazon S3 managed encryption keys (SSE-S3) | Server-side encryption with Amazon S3 managed encryption keys (SSE-S3):This method encrypts objects at rest using keys managed by Amazon S3. Each object is encrypted with a unique key and as an additional safeguard, it encrypts the key itself with a master key that it regularly rotates. |
Amazon S3 managed encryption keys (SSE-S3) | Server-side encryption with Amazon S3 managed encryption keys (SSE-S3):This method encrypts objects at rest using keys managed by Amazon S3. Each object is encrypted with a unique key and as an additional safeguard, it encrypts the key itself with a master key that it regularly rotates. |
Amazon S3 One Zone-Infrequent Access (S3 One Zone-IA) | This is for data that is less frequently accessed, but requires rapid access when needed. Unlike S3 Standard-IA or Glacier, it is stored in a single Availability Zone only. |
Amazon S3 One Zone-Infrequent Access (S3 One Zone-IA) | This is for data that is less frequently accessed, but requires rapid access when needed. Unlike S3 Standard-IA or Glacier, it is stored in a single Availability Zone only. |
Amazon S3 Standard | This is best for frequently accessed data and offers high durability, availability, and performance object storage. |
Amazon S3 Standard | This is best for frequently accessed data and offers high durability, availability, and performance object storage. |
Amazon S3 Standard-Infrequent Access (S3 Standard-IA) | Similar to S3 One Zone-IA but with higher availability as data is stored across multiple Availability Zones. It is more expensive than Glacier but offers quicker access times. |
Amazon S3 Standard-Infrequent Access (S3 Standard-IA) | Similar to S3 One Zone-IA but with higher availability as data is stored across multiple Availability Zones. It is more expensive than Glacier but offers quicker access times. |
Amazon SageMaker | Machine Learning, Models, Train, Deploy |
Amazon Simple Email Service (SES) | Email Sending, Marketing, Transactional, Scalable |
Amazon Simple Notification Service (Amazon SNS) | Amazon Simple Notification Service (Amazon SNS) sends notifications two ways, A2A and A2P. A2A provides high-throughput, push-based, manyto- many messaging between distributed systems, microservices, and event-driven serverless applications. These applications include Amazon Simple Queue Service (SQS), Amazon Kinesis Data Firehose, AWS Lambda, and other HTTPS endpoints. A2P functionality lets you send messages to your customers with SMS texts, push notifications, and email. |
Amazon Simple Notification Service (Amazon SNS) | Amazon Simple Notification Service (Amazon SNS) sends notifications two ways, A2A and A2P. A2A provides high-throughput, push-based, manyto- many messaging between distributed systems, microservices, and event-driven serverless applications. These applications include Amazon Simple Queue Service (SQS), Amazon Kinesis Data Firehose, AWS Lambda, and other HTTPS endpoints. A2P functionality lets you send messages to your customers with SMS texts, push notifications, and email. |
Amazon Simple Queue Service (Amazon SQS) | Amazon Simple Queue Service (SQS): SQS is a fully managed message queuing service that enables you to decouple and scale microservices, distributed systems, and serverless applications. It allows one application to send messages to a queue, and another application to retrieve those messages from the queue. This can be helpful in scenarios where the sender and receiver are not required to interact with each other in real-time. |
Amazon Simple Queue Service (Amazon SQS) | ** Amazon Simple Queue Service (Amazon SQS):** SQS is a fully managed message queuing service that enables decoupling of the components in a distributed system. It allows components to communicate asynchronously, promoting loose coupling. |
Amazon Simple Queue Service (Amazon SQS) | Amazon SQS FIFO queues are designed to ensure that messages are processed in the exact order they are sent. They provide the capability to send, store, and receive messages between software components without losing messages or requiring other services to be available. FIFO queues maintain the order of operations and guarantee that a message is delivered once and remains available until a consumer processes and deletes it. This makes it a suitable choice for applications where the order and exactness of operations are critical. |
Amazon Simple Queue Service (Amazon SQS) | SQS is a message queuing service used to decouple and scale microservices, distributed systems, and serverless applications. While it can be part of a solution to manage job processing, by itself, it's not a job scheduling or batch processing service. |
Amazon Simple Queue Service (Amazon SQS) | Amazon Simple Queue Service (SQS): SQS is a fully managed message queuing service that enables you to decouple and scale microservices, distributed systems, and serverless applications. It allows one application to send messages to a queue, and another application to retrieve those messages from the queue. This can be helpful in scenarios where the sender and receiver are not required to interact with each other in real-time. |
Amazon Simple Queue Service (Amazon SQS) | ** Amazon Simple Queue Service (Amazon SQS):** SQS is a fully managed message queuing service that enables decoupling of the components in a distributed system. It allows components to communicate asynchronously, promoting loose coupling. |
Amazon Simple Queue Service (Amazon SQS) | Amazon SQS FIFO queues are designed to ensure that messages are processed in the exact order they are sent. They provide the capability to send, store, and receive messages between software components without losing messages or requiring other services to be available. FIFO queues maintain the order of operations and guarantee that a message is delivered once and remains available until a consumer processes and deletes it. This makes it a suitable choice for applications where the order and exactness of operations are critical. |
Amazon Simple Queue Service (Amazon SQS) | SQS is a message queuing service used to decouple and scale microservices, distributed systems, and serverless applications. While it can be part of a solution to manage job processing, by itself, it's not a job scheduling or batch processing service. |
Amazon Snowball | Data Transfer, Large-scale, Physical, Secure, Edge Computing |
Amazon Snowball Edge | Data transfer IN to Amazon S3 is $0.00 per GB (except for small files as explained below). Data transfer OUT of Amazon S3 is priced by region. |
Amazon Snowball Edge | This is a data transfer service that provides a physical device to collect and process data in edge locations, and then transfer it into and out of the AWS Cloud. It's specifically designed to work in environments with limited connectivity, making it ideal for scenarios like collecting and processing data at sea. Snowball Edge devices can undertake local processing and storage, and once they're back in a location with internet connectivity, the data can be moved to AWS. |
Amazon Snowball Edge | Data transfer IN to Amazon S3 is $0.00 per GB (except for small files as explained below). Data transfer OUT of Amazon S3 is priced by region. |
Amazon Snowball Edge | This is a data transfer service that provides a physical device to collect and process data in edge locations, and then transfer it into and out of the AWS Cloud. It's specifically designed to work in environments with limited connectivity, making it ideal for scenarios like collecting and processing data at sea. Snowball Edge devices can undertake local processing and storage, and once they're back in a location with internet connectivity, the data can be moved to AWS. |
Amazon SNS | Notification Service, Publish/Subscribe, Messaging, Scalable |
Amazon SQS | Message Queue, Scalable, Reliable, Serverless |
Amazon Sumerian | VR, AR, 3D, Creation, Development |
Amazon Textract | Document Analysis, Text Extraction, OCR, Machine Learning |
Amazon Timestream | Time Series Database, Scalable, Serverless, Fast |
Amazon Timestream | To meet the requirement of a time-series database service that can store and analyze trillions of events each day, the most suitable AWS service is "B. Amazon Timestream." Amazon Timestream is a fast, scalable, and serverless time-series database service for IoT and operational applications that makes it easy to store and analyze trillions of events per day at 1/10th the cost of relational databases. Timestream is specifically built to handle the scale and complexity of time-series data, making it an ideal choice for this scenario. |
Amazon Timestream | Amazon Timestream is a fast, scalable, and serverless time-series database service that makes it easier to store and analyze trillions of events per day up to 1,000 times faster. Amazon Timestream automatically scales up or down to adjust capacity and performance, so that you don’t have to manage the underlying infrastructure. |
Amazon Timestream | Amazon Timestream is a fast, scalable, and serverless time series database service for IoT and operational applications that makes it easy to store and analyze trillions of events per day up to 1,000 times faster and at as little as 1/10th the cost of relational databases. |
Amazon Timestream | To meet the requirement of a time-series database service that can store and analyze trillions of events each day, the most suitable AWS service is "B. Amazon Timestream." Amazon Timestream is a fast, scalable, and serverless time-series database service for IoT and operational applications that makes it easy to store and analyze trillions of events per day at 1/10th the cost of relational databases. Timestream is specifically built to handle the scale and complexity of time-series data, making it an ideal choice for this scenario. |
Amazon Timestream | Amazon Timestream is a fast, scalable, and serverless time-series database service that makes it easier to store and analyze trillions of events per day up to 1,000 times faster. Amazon Timestream automatically scales up or down to adjust capacity and performance, so that you don’t have to manage the underlying infrastructure. |
Amazon Timestream | Amazon Timestream is a fast, scalable, and serverless time series database service for IoT and operational applications that makes it easy to store and analyze trillions of events per day up to 1,000 times faster and at as little as 1/10th the cost of relational databases. |
Amazon Transcribe | Speech Recognition, Transcription, AI, Service |
Amazon Translate | Language Translation, Real-time, AI, Service |
Amazon VPC | Networking, Isolated, Customizable, Secure |
Amazon Web Services Command Line Interface (CLI) | - **Versatile Service Support**: Manages nearly all AWS services, enabling control and script-based automation. - **Scripting for Efficiency**: Automates repetitive tasks like deployments and updates through scripts. - **Multi-Platform Use**: Available on Windows, macOS, and Linux. - **Direct AWS Access**: Provides command line access to AWS service APIs for programmatic resource management. - **IAM Integration**: Offers detailed command permissions and security through AWS Identity and Access Management. - **Batch Operations**: Enables handling multiple AWS resources simultaneously for efficiency. - **Flexible Output Options**: Supports JSON, text, and table formats for easy output interpretation. - **Customizable**: Allows setting command defaults and managing various AWS accounts with different profiles. |
Amazon Web Services Command Line Interface (CLI) | "Use Access Keys for Programmatic Access (CLI / SDK)" |
Amazon Web Services Command Line Interface (CLI) | - **Versatile Service Support**: Manages nearly all AWS services, enabling control and script-based automation. - **Scripting for Efficiency**: Automates repetitive tasks like deployments and updates through scripts. - **Multi-Platform Use**: Available on Windows, macOS, and Linux. - **Direct AWS Access**: Provides command line access to AWS service APIs for programmatic resource management. - **IAM Integration**: Offers detailed command permissions and security through AWS Identity and Access Management. - **Batch Operations**: Enables handling multiple AWS resources simultaneously for efficiency. - **Flexible Output Options**: Supports JSON, text, and table formats for easy output interpretation. - **Customizable**: Allows setting command defaults and managing various AWS accounts with different profiles. |
Amazon Web Services Command Line Interface (CLI) | "Use Access Keys for Programmatic Access (CLI / SDK)" |
Amazon WorkDocs | Content Collaboration, Secure, Storage, Enterprise |
Amazon WorkMail | Email, Calendar, Secure, Managed |
Amazon WorkSpaces | Virtual Desktop, Cloud, Secure, Managed |
Amazon WorkSpaces | Amazon WorkSpaces is a managed, secure Desktop-as-a-Service (DaaS) solution that helps you provision Windows or Linux desktops in just a few minutes. It's ideal for providing employees with a managed virtual desktop experience. |
Amazon WorkSpaces | Amazon WorkSpaces is a managed, secure Desktop-as-a-Service (DaaS) solution that helps you provision Windows or Linux desktops in just a few minutes. It's ideal for providing employees with a managed virtual desktop experience. |
Availability Zone (AZ) | Data Centers, Isolated, Reliable, Fault Tolerant |
AWS Amplify | Web, Mobile, Development, Framework, Deploy |
AWS Amplify | Amplify is a set of tools and services for building mobile and web applications on AWS, but it doesn't offer DDoS protection. |
AWS Amplify | Amplify is a set of tools and services for building mobile and web applications on AWS, but it doesn't offer DDoS protection. |
AWS Application Composer | A company can use "AWS Application Composer" to visually design and build serverless applications. AWS Application Composer provides a visual interface to design, build, and manage serverless applications, simplifying the process of creating complex serverless architectures. |
AWS Application Composer | "AWS Application Composer helps you visually compose and configure AWS services into serverless applications backed by infrastructure as code." |
AWS Application Composer | AWS Application Composer helps to streamline and accelerate the architecture, configuration, and build of serverless applications. |
AWS Application Composer | A company can use "AWS Application Composer" to visually design and build serverless applications. AWS Application Composer provides a visual interface to design, build, and manage serverless applications, simplifying the process of creating complex serverless architectures. |
AWS Application Composer | "AWS Application Composer helps you visually compose and configure AWS services into serverless applications backed by infrastructure as code." |
AWS Application Composer | AWS Application Composer helps to streamline and accelerate the architecture, configuration, and build of serverless applications. |
AWS Application Discovery Service | AWS Application Discovery Service helps enterprise customers plan migration projects by gathering information about their on-premises data centers. It collects important data about on-premises servers, including system configuration, usage, and behavior. This can include detailed information about hostnames, IP addresses, MAC addresses, and more, which are crucial for a comprehensive understanding of the existing infrastructure prior to migrating to the cloud. |
AWS Application Discovery Service | AWS Application Discovery Service helps enterprise customers plan migration projects by gathering information about their on-premises data centers. It collects important data about on-premises servers, including system configuration, usage, and behavior. This can include detailed information about hostnames, IP addresses, MAC addresses, and more, which are crucial for a comprehensive understanding of the existing infrastructure prior to migrating to the cloud. |
AWS Application Migration Service | This service is more suited for migrating entire applications to AWS, not specifically focused on databases. |
AWS Application Migration Service | This service is more suited for migrating entire applications to AWS, not specifically focused on databases. |
AWS AppSync | API, Data, Real-time, GraphQL, Serverless |
AWS Artifact | AWS Artifact is a portal that provides access to various compliance reports, including certifications, attestations, and other relevant documents. You can download these reports directly from AWS Artifact. https://docs.aws.amazon.com/artifact/latest/ug/downloading-documents.html |
AWS Artifact | AWS Artifact is your go-to, central resource for compliance-related information that matters to you. It provides on-demand access to security and compliance reports from AWS and ISVs who sell their products on AWS Marketplace. Reference: https://aws.amazon.com/artifact/ |
AWS Artifact | AWS Artifact is a service that provides on-demand access to AWS' compliance reports and select online agreements. Organizations can use AWS Artifact to download AWS security and compliance documents, such as AWS ISO certifications, Payment Card Industry (PCI) reports, and Service Organization Control (SOC) reports. |
AWS Artifact | A cloud practitioner can use C. AWS Artifact to retrieve AWS security and compliance documents and submit them as evidence to an auditor or regulator. AWS Artifact is a web service that provides on-demand access to AWS' security and compliance reports and select online agreements. It enables AWS customers to download AWS security and compliance documents, such as AWS ISO certifications, Payment Card Industry (PCI) reports, and other documents relevant to compliance, which can then be used to help meet compliance requirements for various regulatory standards. |
AWS Artifact | AWS Artifact is a portal that provides access to various compliance reports, including certifications, attestations, and other relevant documents. You can download these reports directly from AWS Artifact. https://docs.aws.amazon.com/artifact/latest/ug/downloading-documents.html |
AWS Artifact | AWS Artifact is your go-to, central resource for compliance-related information that matters to you. It provides on-demand access to security and compliance reports from AWS and ISVs who sell their products on AWS Marketplace. Reference: https://aws.amazon.com/artifact/ |
AWS Artifact | AWS Artifact is a service that provides on-demand access to AWS' compliance reports and select online agreements. Organizations can use AWS Artifact to download AWS security and compliance documents, such as AWS ISO certifications, Payment Card Industry (PCI) reports, and Service Organization Control (SOC) reports. |
AWS Artifact | A cloud practitioner can use C. AWS Artifact to retrieve AWS security and compliance documents and submit them as evidence to an auditor or regulator. AWS Artifact is a web service that provides on-demand access to AWS' security and compliance reports and select online agreements. It enables AWS customers to download AWS security and compliance documents, such as AWS ISO certifications, Payment Card Industry (PCI) reports, and other documents relevant to compliance, which can then be used to help meet compliance requirements for various regulatory standards. |
AWS Auto Scaling | Scalability, Automated, Resources, Efficient |
AWS Availability Zone (AZ) | An AWS Availability Zone (AZ) refers to one of the multiple isolated locations within a single AWS Region. Each Availability Zone is a fully isolated partition of the AWS infrastructure, including its own power, cooling, and networking, to ensure fault tolerance and stability. |
AWS Availability Zone (AZ) | - **Isolation**: Each AZ operates independently to protect against data center failures. - **Connectivity**: AZs are interconnected with fast, low-latency networks for secure data transfer. - **Redundancy and Resilience**: Using multiple AZs increases application reliability and fault tolerance. - **Proximity**: AZs are strategically located for optimal balance between low latency and reduced risk of simultaneous outages. |
AWS Availability Zone (AZ) | An AWS Availability Zone (AZ) refers to one of the multiple isolated locations within a single AWS Region. Each Availability Zone is a fully isolated partition of the AWS infrastructure, including its own power, cooling, and networking, to ensure fault tolerance and stability. |
AWS Availability Zone (AZ) | - **Isolation**: Each AZ operates independently to protect against data center failures. - **Connectivity**: AZs are interconnected with fast, low-latency networks for secure data transfer. - **Redundancy and Resilience**: Using multiple AZs increases application reliability and fault tolerance. - **Proximity**: AZs are strategically located for optimal balance between low latency and reduced risk of simultaneous outages. |
AWS Backup | Data, Backup, Automated, Recovery, Secure |
AWS Backup | This is a fully managed backup service that makes it easy to centralize and automate the backup of data across AWS services. While it's useful for backups, it doesn't offer local caching capabilities. |
AWS Backup | This is a fully managed backup service that makes it easy to centralize and automate the backup of data across AWS services. While it's useful for backups, it doesn't offer local caching capabilities. |
AWS Batch | Compute, Batch Processing, Scalable, Efficient |
AWS Batch | This service is specifically designed for efficiently running hundreds to thousands of batch computing jobs on AWS. AWS Batch dynamically provisions the optimal quantity and type of compute resources (like CPU or memory-optimized instances) based on the volume and specific requirements of the batch jobs submitted. It's ideal for jobs that can be parallelized easily and require large-scale execution. |
AWS Batch | This service is specifically designed for efficiently running hundreds to thousands of batch computing jobs on AWS. AWS Batch dynamically provisions the optimal quantity and type of compute resources (like CPU or memory-optimized instances) based on the volume and specific requirements of the batch jobs submitted. It's ideal for jobs that can be parallelized easily and require large-scale execution. |
AWS Budgets | B. AWS Budgets: AWS Budgets is a service that allows you to set custom cost and usage budgets for your AWS resources. You can configure a budget with a specific threshold and define actions, such as sending notifications, when that threshold is reached. |
AWS Budgets | "Using AWS Budgets, you can set a budget that alerts you when you exceed (or are forecasted to exceed) your budgeted cost or usage amount. You can also set alerts based on your RI or Savings Plans Utilization and Coverage using AWS Budgets." https://aws.amazon.com/aws-cost-management/aws-budgets/faqs/ |
AWS Budgets | AWS Budgets is the AWS Cloud service that allows users to set custom spending thresholds and receive alerts when those thresholds are exceeded. It helps users to keep track of their AWS spending by providing notifications based on their budget limits. |
AWS Budgets | This tool allows users to set custom budgets that alert them when their costs or usage exceed (or are forecasted to exceed) their budgeted amount. It does not directly integrate with QuickSight for dashboard creation. |
AWS Budgets | This tool allows you to set custom budgets to monitor your AWS costs and usage, but it doesn’t provide features for account creation, SCP application, or overall organizational governance. |
AWS Budgets | B. AWS Budgets: AWS Budgets is a service that allows you to set custom cost and usage budgets for your AWS resources. You can configure a budget with a specific threshold and define actions, such as sending notifications, when that threshold is reached. |
AWS Budgets | "Using AWS Budgets, you can set a budget that alerts you when you exceed (or are forecasted to exceed) your budgeted cost or usage amount. You can also set alerts based on your RI or Savings Plans Utilization and Coverage using AWS Budgets." https://aws.amazon.com/aws-cost-management/aws-budgets/faqs/ |
AWS Budgets | AWS Budgets is the AWS Cloud service that allows users to set custom spending thresholds and receive alerts when those thresholds are exceeded. It helps users to keep track of their AWS spending by providing notifications based on their budget limits. |
AWS Budgets | This tool allows users to set custom budgets that alert them when their costs or usage exceed (or are forecasted to exceed) their budgeted amount. It does not directly integrate with QuickSight for dashboard creation. |
AWS Budgets | This tool allows you to set custom budgets to monitor your AWS costs and usage, but it doesn’t provide features for account creation, SCP application, or overall organizational governance. |
AWS CAF perspectives | The 6 AWS CAF perspectives are: Business, People, Governance, Platform, Security and Operations. https://abhi0751.medium.com/aws-cloud-adoption-framework-aws-caf-a512b89dbcba |
AWS CAF perspectives | The 6 AWS CAF perspectives are: Business, People, Governance, Platform, Security and Operations. https://abhi0751.medium.com/aws-cloud-adoption-framework-aws-caf-a512b89dbcba |
AWS Certificate Manager (ACM) | This service is used for provisioning, managing, and deploying public and private SSL/TLS certificates for use with AWS services and internal connected resources. It doesn't handle permissions or access management for AWS services. |
AWS Certificate Manager (ACM) | This service is used to provision, manage, and deploy SSL/TLS certificates and doesn't track user activity across AWS services. |
AWS Certificate Manager (ACM) | This service is used to provision, manage, and deploy SSL/TLS certificates for use with AWS services. It does not provide access to AWS compliance documents. |
AWS Certificate Manager (ACM) | This service is used for provisioning, managing, and deploying public and private SSL/TLS certificates for use with AWS services and internal connected resources. It doesn't handle permissions or access management for AWS services. |
AWS Certificate Manager (ACM) | This service is used to provision, manage, and deploy SSL/TLS certificates and doesn't track user activity across AWS services. |
AWS Certificate Manager (ACM) | This service is used to provision, manage, and deploy SSL/TLS certificates for use with AWS services. It does not provide access to AWS compliance documents. |
AWS CLI | "The AWS Command Line Interface (AWS CLI) is a unified tool to manage your AWS services. With just one tool to download and configure, you can control multiple AWS services from the command line and automate them through scripts." Reference: https://aws.amazon.com/cli/ |
AWS CLI | "The AWS Command Line Interface (AWS CLI) is a unified tool to manage your AWS services. With just one tool to download and configure, you can control multiple AWS services from the command line and automate them through scripts." Reference: https://aws.amazon.com/cli/ |
AWS Client VPN | VPN, Secure, Remote, Access, Network |
AWS Cloud | Ability to quickly change required capacity: With the AWS Cloud, users can easily scale their infrastructure up or down based on demand. This flexibility allows for rapid adjustment of resources to match application needs, enabling cost optimization and efficient resource utilization. |
AWS Cloud | High economies of scale: AWS operates at a large scale, serving millions of customers globally. This scale allows AWS to achieve cost efficiencies and pass on the benefits to customers. By leveraging AWS services, users can access enterprise-grade infrastructure and services without the need for significant upfront investment in hardware or infrastructure. |
AWS Cloud | Deploy globally in minutes: AWS Cloud allows you to quickly deploy your applications in multiple regions around the world with just a few clicks. This means you can provide lower latency and better experience for your customers at minimal cost. Take advantage of economies of scale: AWS’s massive scale allows it to achieve higher economies of scale, which translates to lower pay as-you-go prices. The infrastructure is shared across a large number of AWS customers, which leads to lower costs for each customer. |
AWS Cloud | Ability to quickly change required capacity: With the AWS Cloud, users can easily scale their infrastructure up or down based on demand. This flexibility allows for rapid adjustment of resources to match application needs, enabling cost optimization and efficient resource utilization. |
AWS Cloud | High economies of scale: AWS operates at a large scale, serving millions of customers globally. This scale allows AWS to achieve cost efficiencies and pass on the benefits to customers. By leveraging AWS services, users can access enterprise-grade infrastructure and services without the need for significant upfront investment in hardware or infrastructure. |
AWS Cloud | Deploy globally in minutes: AWS Cloud allows you to quickly deploy your applications in multiple regions around the world with just a few clicks. This means you can provide lower latency and better experience for your customers at minimal cost. Take advantage of economies of scale: AWS’s massive scale allows it to achieve higher economies of scale, which translates to lower pay as-you-go prices. The infrastructure is shared across a large number of AWS customers, which leads to lower costs for each customer. |
AWS Cloud Adoption Framework | Security - For Infrastructure Protection and Data Protection https://abhi0751.medium.com/aws-cloud-adoption-framework-aws-caf-a512b89dbcba |
AWS Cloud Adoption Framework | Security - For Infrastructure Protection and Data Protection https://abhi0751.medium.com/aws-cloud-adoption-framework-aws-caf-a512b89dbcba |
AWS Cloud Adoption Framework (AWS CAF) | AWS Cloud Adoption Framework (AWS CAF): This framework helps organizations understand how cloud adoption transforms the way they work and provides a structure to identify and address gaps in skills and processes. It offers guidance that supports each business unit's cloud adoption journey, helping to create and implement an efficient and effective plan for the cloud migration. |
AWS Cloud Adoption Framework (AWS CAF) | To adopt AWS at scale and operate more efficiently and securely, the company should use the AWS Cloud Adoption Framework (AWS CAF). The AWS Cloud Adoption Framework is a comprehensive guide that helps organizations plan, strategize, and implement their cloud adoption journey effectively. It provides a structured approach for organizations to build a secure, efficient, and well-architected environment in AWS. |
AWS Cloud Adoption Framework (AWS CAF) | AWS Cloud Adoption Framework (AWS CAF): This framework helps organizations understand how cloud adoption transforms the way they work and provides a structure to identify and address gaps in skills and processes. It offers guidance that supports each business unit's cloud adoption journey, helping to create and implement an efficient and effective plan for the cloud migration. |
AWS Cloud Adoption Framework (AWS CAF) | To adopt AWS at scale and operate more efficiently and securely, the company should use the AWS Cloud Adoption Framework (AWS CAF). The AWS Cloud Adoption Framework is a comprehensive guide that helps organizations plan, strategize, and implement their cloud adoption journey effectively. It provides a structured approach for organizations to build a secure, efficient, and well-architected environment in AWS. |
AWS Cloud Adoption Framework (AWS CAF) perspective | AWS CAF Operations perspective capabilities • Observability • Event management (AIOps) • Incident and problem management • Change and release management • Performance and capacity management • Configuration management • Patch management • Availability and continuity management • Application management Reference: https://docs.aws.amazon.com/whitepapers/latest/overview-aws-cloud-adoption-framework/operations-perspective.html |
AWS Cloud Adoption Framework (AWS CAF) perspective | AWS CAF Operations perspective capabilities • Observability • Event management (AIOps) • Incident and problem management • Change and release management • Performance and capacity management • Configuration management • Patch management • Availability and continuity management • Application management Reference: https://docs.aws.amazon.com/whitepapers/latest/overview-aws-cloud-adoption-framework/operations-perspective.html |
AWS Cloud Adoption Framework (AWS CAF) platform perspective capability | AWS CAF groups its capabilities in six perspectives: Business, People, Governance, Platform, Security, and Operations. Each perspective comprises a set of capabilities that functionally related stakeholders own or manage in the cloud transformation journey. Platform perspective helps you build an enterprise-grade, scalable, hybrid cloud platform, modernize existing workloads, and implement new cloud-native solutions. This includes DATA ARCHITECTURE https://abhi0751.medium.com/aws-cloud-adoption-framework-aws-caf-a512b89dbcba |
AWS Cloud Adoption Framework (AWS CAF) platform perspective capability | AWS CAF groups its capabilities in six perspectives: Business, People, Governance, Platform, Security, and Operations. Each perspective comprises a set of capabilities that functionally related stakeholders own or manage in the cloud transformation journey. Platform perspective helps you build an enterprise-grade, scalable, hybrid cloud platform, modernize existing workloads, and implement new cloud-native solutions. This includes DATA ARCHITECTURE https://abhi0751.medium.com/aws-cloud-adoption-framework-aws-caf-a512b89dbcba |
AWS Cloud Adoption Framework focuses on demonstrating | 1. **Holistic Cloud Adoption**: Offers a comprehensive approach, addressing business, technical, and operational aspects. 2. **Business Alignment**: Ensures cloud strategies support organizational goals and deliver real benefits. 3. **Best Practices**: Provides proven guidelines for effective cloud adoption based on AWS's extensive experience. 4. **Stakeholder Collaboration**: Encourages involvement from all organizational levels for aligned cloud adoption. 5. **Readiness Assessment**: Helps evaluate and prepare for cloud adoption, identifying skill and capability gaps. 6. **Risk and Compliance Management**: Aids in managing risks and ensuring compliance in cloud adoption. 7. **Change Management**: Focuses on the human side of cloud transition, including training and communication. 8. **Continuous Improvement**: Promotes ongoing refinement and adaptation of cloud practices. |
AWS Cloud Adoption Framework focuses on demonstrating | 1. **Holistic Cloud Adoption**: Offers a comprehensive approach, addressing business, technical, and operational aspects. 2. **Business Alignment**: Ensures cloud strategies support organizational goals and deliver real benefits. 3. **Best Practices**: Provides proven guidelines for effective cloud adoption based on AWS's extensive experience. 4. **Stakeholder Collaboration**: Encourages involvement from all organizational levels for aligned cloud adoption. 5. **Readiness Assessment**: Helps evaluate and prepare for cloud adoption, identifying skill and capability gaps. 6. **Risk and Compliance Management**: Aids in managing risks and ensuring compliance in cloud adoption. 7. **Change Management**: Focuses on the human side of cloud transition, including training and communication. 8. **Continuous Improvement**: Promotes ongoing refinement and adaptation of cloud practices. |
AWS Cloud Adoption Framework Governance Perspective | The AWS Cloud Adoption Framework (AWS CAF) Governance Perspective is focused on establishing and maintaining governance structures that effectively oversee and guide cloud adoption and operations. |
AWS Cloud Adoption Framework Governance Perspective | 1. **Strategic Direction**: Establishing a clear cloud adoption strategy aligned with business goals. 2. **Portfolio Management**: Managing cloud projects to ensure value delivery and strategic alignment. 3. **Program and Project Management**: Effectively managing cloud initiatives with established methodologies and tools. 4. **Business Performance Measurement**: Measuring cloud initiative success using metrics and KPIs. 5. **Risk Management**: Identifying and mitigating risks in cloud adoption and operations. 6. **Organizational Change Management**: Handling training, communication, and engagement for smooth cloud adoption. 7. **Policies and Standards**: Setting and enforcing guidelines for consistent and secure cloud use. 8. **Stakeholder Engagement**: Collaborating with stakeholders for aligned and supported cloud initiatives. |
AWS Cloud Adoption Framework Governance Perspective | The AWS Cloud Adoption Framework (AWS CAF) Governance Perspective is focused on establishing and maintaining governance structures that effectively oversee and guide cloud adoption and operations. |
AWS Cloud Adoption Framework Governance Perspective | 1. **Strategic Direction**: Establishing a clear cloud adoption strategy aligned with business goals. 2. **Portfolio Management**: Managing cloud projects to ensure value delivery and strategic alignment. 3. **Program and Project Management**: Effectively managing cloud initiatives with established methodologies and tools. 4. **Business Performance Measurement**: Measuring cloud initiative success using metrics and KPIs. 5. **Risk Management**: Identifying and mitigating risks in cloud adoption and operations. 6. **Organizational Change Management**: Handling training, communication, and engagement for smooth cloud adoption. 7. **Policies and Standards**: Setting and enforcing guidelines for consistent and secure cloud use. 8. **Stakeholder Engagement**: Collaborating with stakeholders for aligned and supported cloud initiatives. |
AWS Cloud Adoption Framework Operations Perspective | 1. **Operating Model**: Defines cloud service usage and management, including strategic and control processes. 2. **Service Management**: Manages cloud services to align with business needs, handling service catalogs, SLAs, and incident responses. 3. **Resource Management**: Oversees cloud resources like computing and storage for optimal use and cost-effectiveness. 4. **Change and Release Management**: Manages cloud updates and changes, focusing on version control and deployment. 5. **Incident and Problem Management**: Addresses and resolves cloud issues to maintain operations and minimize disruptions. 6. **Continuous Improvement**: Regularly evaluates and enhances cloud operations for efficiency and service quality. 7. **Compliance and Security**: Ensures cloud operations adhere to legal and policy standards and secures data and resources. |
AWS Cloud Adoption Framework Operations Perspective | 1. **Operating Model**: Defines cloud service usage and management, including strategic and control processes. 2. **Service Management**: Manages cloud services to align with business needs, handling service catalogs, SLAs, and incident responses. 3. **Resource Management**: Oversees cloud resources like computing and storage for optimal use and cost-effectiveness. 4. **Change and Release Management**: Manages cloud updates and changes, focusing on version control and deployment. 5. **Incident and Problem Management**: Addresses and resolves cloud issues to maintain operations and minimize disruptions. 6. **Continuous Improvement**: Regularly evaluates and enhances cloud operations for efficiency and service quality. 7. **Compliance and Security**: Ensures cloud operations adhere to legal and policy standards and secures data and resources. |
AWS Cloud Adoption Framework Security Perspective capabilities: compliance and assurance | 1. **Security Governance**: Establish and maintain security guidelines and roles. 2. **Cloud Security Responsibility**: Recognize stakeholder responsibilities and comply with laws. 3. **Security Assurance**: Continuously monitor and enhance security programs. 4. **Identity and Access Management**: Manage access with strong identity controls and permissions. 5. **Threat Detection**: Detect and understand security threats; implement widespread monitoring. 6. **Vulnerability Management**: Regularly identify and address security weaknesses. 7. **Infrastructure Protection**: Safeguard infrastructure using multiple security layers. 8. **Data Protection**: Control and secure data access; encrypt sensitive information. 9. **Application Security**: Integrate security in software development; automate security checks. 10. **Incident Response**: Prepare for and analyze security incidents effectively. |
AWS Cloud Adoption Framework Security Perspective capabilities: compliance and assurance | 1. **Security Governance**: Establish and maintain security guidelines and roles. 2. **Cloud Security Responsibility**: Recognize stakeholder responsibilities and comply with laws. 3. **Security Assurance**: Continuously monitor and enhance security programs. 4. **Identity and Access Management**: Manage access with strong identity controls and permissions. 5. **Threat Detection**: Detect and understand security threats; implement widespread monitoring. 6. **Vulnerability Management**: Regularly identify and address security weaknesses. 7. **Infrastructure Protection**: Safeguard infrastructure using multiple security layers. 8. **Data Protection**: Control and secure data access; encrypt sensitive information. 9. **Application Security**: Integrate security in software development; automate security checks. 10. **Incident Response**: Prepare for and analyze security incidents effectively. |
AWS Cloud Development Kit | AWS CDK is a software development framework that enables developers to define infrastructure as code (IaC) using familiar programming languages like TypeScript, Python, Java, C#, and more. With AWS CDK, you can define cloud resources, their relationships, and provisioning logic in your preferred programming language. AWS CDK also generates CloudFormation templates based on your code, making it easier to manage and deploy infrastructure resources in AWS. https://aws.amazon.com/cdk/faqs/#:~:text=The%20AWS%20Cloud%20Development%20Kit,deploying%20it%20through%20AWS%20CloudFormati on. |
AWS Cloud Development Kit | AWS CDK is a software development framework that enables developers to define infrastructure as code (IaC) using familiar programming languages like TypeScript, Python, Java, C#, and more. With AWS CDK, you can define cloud resources, their relationships, and provisioning logic in your preferred programming language. AWS CDK also generates CloudFormation templates based on your code, making it easier to manage and deploy infrastructure resources in AWS. https://aws.amazon.com/cdk/faqs/#:~:text=The%20AWS%20Cloud%20Development%20Kit,deploying%20it%20through%20AWS%20CloudFormati on. |
AWS Cloud Development Kit (AWS CDK) | The AWS CDK is a software development framework for defining cloud infrastructure in code and provisioning it through AWS CloudFormation. It enables developers to define their cloud resources using familiar programming languages such as Python, Java, TypeScript, and C#. This makes it easier to model and provision AWS resources in a way that's consistent with development best practices. |
AWS Cloud Development Kit (AWS CDK) | The AWS CDK is a software development framework for defining cloud infrastructure in code and provisioning it through AWS CloudFormation. It enables developers to define their cloud resources using familiar programming languages such as Python, Java, TypeScript, and C#. This makes it easier to model and provision AWS resources in a way that's consistent with development best practices. |
AWS Cloud9 | IDE, Cloud, Code, Develop, Integrated |
AWS CloudFormation | Infrastructure, Provisioning, Management, Automation |
AWS CloudFormation | AWS CloudFormation lets you model, provision, and manage AWS and third-party resources by treating infrastructure as code. |
AWS CloudFormation | AWS CloudFormation lets you model, provision, and manage AWS and third-party resources by treating infrastructure as code. https://aws.amazon.com/cloudformation/ |
AWS CloudFormation | "AWS CloudFormation gives you an easy way to model a collection of related AWS and third-party resources, provision them quickly and consistently, and manage them throughout their lifecycles, by treating infrastructure as code. A CloudFormation template describes your desired resources and their dependencies so you can launch and configure them together as a stack. You can use a template to create, update, and delete an entire stack as a single unit, as often as you need to, instead of managing resources individually. You can manage and provision stacks across multiple AWS accounts and AWS Regions." |
AWS CloudFormation | AWS CloudFormation allows users to define and provision AWS infrastructure using a declarative text file or template. This template can be used to create, manage, and delete a collection of resources together as a single unit (referred to as a stack). CloudFormation templates enable easy replication of AWS environments and are ideal for ensuring consistency and saving time when deploying similar configurations repeatedly. |
AWS CloudFormation | This service allows users to model and provision AWS and third-party resources using a declarative JSON or YAML template. While it's a powerful tool for infrastructure as code, it doesn't inherently use common programming languages for defining resources. |
AWS CloudFormation | AWS CloudFormation lets you model, provision, and manage AWS and third-party resources by treating infrastructure as code. |
AWS CloudFormation | AWS CloudFormation lets you model, provision, and manage AWS and third-party resources by treating infrastructure as code. https://aws.amazon.com/cloudformation/ |
AWS CloudFormation | "AWS CloudFormation gives you an easy way to model a collection of related AWS and third-party resources, provision them quickly and consistently, and manage them throughout their lifecycles, by treating infrastructure as code. A CloudFormation template describes your desired resources and their dependencies so you can launch and configure them together as a stack. You can use a template to create, update, and delete an entire stack as a single unit, as often as you need to, instead of managing resources individually. You can manage and provision stacks across multiple AWS accounts and AWS Regions." |
AWS CloudFormation | AWS CloudFormation allows users to define and provision AWS infrastructure using a declarative text file or template. This template can be used to create, manage, and delete a collection of resources together as a single unit (referred to as a stack). CloudFormation templates enable easy replication of AWS environments and are ideal for ensuring consistency and saving time when deploying similar configurations repeatedly. |
AWS CloudFormation | This service allows users to model and provision AWS and third-party resources using a declarative JSON or YAML template. While it's a powerful tool for infrastructure as code, it doesn't inherently use common programming languages for defining resources. |
AWS CloudShell | Using AWS CloudShell, a browser-based shell, you can quickly run scripts with the AWS Command Line Interface (CLI), experiment with service APIs using the AWS CLI, and use other tools to increase your productivity. The CloudShell icon appears in AWS Regions where CloudShell is available. |
AWS CloudShell | AWS CloudShell is a browser-based shell that makes it easy to securely manage, explore, and interact with your AWS resources. CloudShell is pre-authenticated with your console credentials, allowing instant access to AWS CLI commands and other utilities directly from the browser, without any need for local installation or configuration. |
AWS CloudShell | Using AWS CloudShell, a browser-based shell, you can quickly run scripts with the AWS Command Line Interface (CLI), experiment with service APIs using the AWS CLI, and use other tools to increase your productivity. The CloudShell icon appears in AWS Regions where CloudShell is available. |
AWS CloudShell | AWS CloudShell is a browser-based shell that makes it easy to securely manage, explore, and interact with your AWS resources. CloudShell is pre-authenticated with your console credentials, allowing instant access to AWS CLI commands and other utilities directly from the browser, without any need for local installation or configuration. |
AWS CloudTrail | AWS CloudTrail is a service that records all API calls made on your AWS account. It provides a detailed history of events, including who made the call, what actions were performed, and from which IP address the call originated. This audit trail is valuable for security, compliance, troubleshooting, and monitoring purposes, and it helps you maintain visibility into how your AWS resources are being used. |
AWS CloudTrail | AWS CloudTrail is a service that records all API activity in your AWS account, including the termination of EC2 instances. It creates log entries for various events, providing an audit trail of actions taken on resources. By reviewing CloudTrail logs, you can identify when an EC2 instance was terminated, who initiated the termination, and other relevant details about the event. |
AWS CloudTrail | "CloudTrail enables auditing, security monitoring, and operational troubleshooting by tracking user activity and API usage. CloudTrail logs, continuously monitors, and retains account activity related to actions across your AWS infrastructure, giving you control over storage, analysis, and remediation actions." Reference: https://aws.amazon.com/cloudtrail/faqs/ |
AWS CloudTrail | AWS CloudTrail is specifically designed to log, continuously monitor, and retain account activity related to actions across your AWS infrastructure. CloudTrail provides event history of your AWS account activity, including actions taken through the AWS Management Console, AWS SDKs, command line tools, and other AWS services. This service is instrumental for auditing and reviewing historical data to understand user and resource activity across an AWS account. |
AWS CloudTrail | Record API calls made to AWS services: CloudTrail captures and records AWS API calls made by users and services in your AWS account, providing a comprehensive history of activity and allowing you to monitor, audit, and analyze these calls. |
AWS CloudTrail | To improve its security posture by reviewing user activity through API calls, a company should use "AWS CloudTrail." AWS CloudTrail is a service that provides a record of actions taken by a user, role, or an AWS service in AWS. It enables governance, compliance, operational auditing, and risk auditing of your AWS account. CloudTrail tracks and logs API calls across the AWS infrastructure, making it an ideal tool for monitoring and reviewing user activity for security purposes. |
AWS CloudTrail | AWS CloudTrail is a service that records all API calls made on your AWS account. It provides a detailed history of events, including who made the call, what actions were performed, and from which IP address the call originated. This audit trail is valuable for security, compliance, troubleshooting, and monitoring purposes, and it helps you maintain visibility into how your AWS resources are being used. |
AWS CloudTrail | AWS CloudTrail is a service that records all API activity in your AWS account, including the termination of EC2 instances. It creates log entries for various events, providing an audit trail of actions taken on resources. By reviewing CloudTrail logs, you can identify when an EC2 instance was terminated, who initiated the termination, and other relevant details about the event. |
AWS CloudTrail | "CloudTrail enables auditing, security monitoring, and operational troubleshooting by tracking user activity and API usage. CloudTrail logs, continuously monitors, and retains account activity related to actions across your AWS infrastructure, giving you control over storage, analysis, and remediation actions." Reference: https://aws.amazon.com/cloudtrail/faqs/ |
AWS CloudTrail | AWS CloudTrail is specifically designed to log, continuously monitor, and retain account activity related to actions across your AWS infrastructure. CloudTrail provides event history of your AWS account activity, including actions taken through the AWS Management Console, AWS SDKs, command line tools, and other AWS services. This service is instrumental for auditing and reviewing historical data to understand user and resource activity across an AWS account. |
AWS CloudTrail | Record API calls made to AWS services: CloudTrail captures and records AWS API calls made by users and services in your AWS account, providing a comprehensive history of activity and allowing you to monitor, audit, and analyze these calls. |
AWS CloudTrail | To improve its security posture by reviewing user activity through API calls, a company should use "AWS CloudTrail." AWS CloudTrail is a service that provides a record of actions taken by a user, role, or an AWS service in AWS. It enables governance, compliance, operational auditing, and risk auditing of your AWS account. CloudTrail tracks and logs API calls across the AWS infrastructure, making it an ideal tool for monitoring and reviewing user activity for security purposes. |
AWS CodePipeline | This is a continuous integration and continuous delivery (CI/CD) service for fast and reliable application and infrastructure updates. It automates the build, test, and deploy phases of your release process but does not focus on defining infrastructure using programming languages. |
AWS CodePipeline | This is a continuous integration and continuous delivery (CI/CD) service for fast and reliable application and infrastructure updates. It automates the build, test, and deploy phases of your release process but does not focus on defining infrastructure using programming languages. |
AWS Compute Optimizer | 1. **Resource Optimization Recommendations**: Compute Optimizer analyzes Amazon EC2 instances, Amazon EBS volumes, AWS Lambda functions, and Amazon EC2 Auto Scaling groups, providing recommendations on how to optimize these resources. 2. **Performance Improvement**: By analyzing usage patterns, it offers suggestions on instance types and configurations that could improve the performance of your applications. 3. **Cost Savings**: The service identifies opportunities to save costs by recommending changes to resources that are over-provisioned and not fully utilized. 4. **Customized Recommendations**: Recommendations are tailored to the specific needs and usage patterns of your AWS environment, taking into account your historical usage data. 5. **Machine Learning Analysis**: AWS Compute Optimizer utilizes machine learning algorithms to analyze historical utilization metrics and identify optimal AWS resource configurations. 6. **Account Level Insights**: It provides insights and recommendations across your entire AWS account, allowing for a comprehensive view of optimization opportunities. 7. **Detailed Metrics and Graphs**: Users receive detailed metrics and graphs illustrating the performance of their current resources compared to the recommended options. 8. **Usage Pattern Analysis**: It examines the workload characteristics and usage patterns of your resources to ensure that recommendations align with the actual usage. 9. **Enhanced Resource Allocation**: The service can help in determining the most effective resource allocation, such as the right mix of instances and the optimal use of features like Elastic Block Store (EBS) and Lambda. 10. **Integration with Other AWS Services**: Compute Optimizer can be used in conjunction with other AWS services and tools for a more comprehensive management strategy. |
AWS Compute Optimizer | 1. **Resource Optimization Recommendations**: Compute Optimizer analyzes Amazon EC2 instances, Amazon EBS volumes, AWS Lambda functions, and Amazon EC2 Auto Scaling groups, providing recommendations on how to optimize these resources. 2. **Performance Improvement**: By analyzing usage patterns, it offers suggestions on instance types and configurations that could improve the performance of your applications. 3. **Cost Savings**: The service identifies opportunities to save costs by recommending changes to resources that are over-provisioned and not fully utilized. 4. **Customized Recommendations**: Recommendations are tailored to the specific needs and usage patterns of your AWS environment, taking into account your historical usage data. 5. **Machine Learning Analysis**: AWS Compute Optimizer utilizes machine learning algorithms to analyze historical utilization metrics and identify optimal AWS resource configurations. 6. **Account Level Insights**: It provides insights and recommendations across your entire AWS account, allowing for a comprehensive view of optimization opportunities. 7. **Detailed Metrics and Graphs**: Users receive detailed metrics and graphs illustrating the performance of their current resources compared to the recommended options. 8. **Usage Pattern Analysis**: It examines the workload characteristics and usage patterns of your resources to ensure that recommendations align with the actual usage. 9. **Enhanced Resource Allocation**: The service can help in determining the most effective resource allocation, such as the right mix of instances and the optimal use of features like Elastic Block Store (EBS) and Lambda. 10. **Integration with Other AWS Services**: Compute Optimizer can be used in conjunction with other AWS services and tools for a more comprehensive management strategy. |
AWS Config | This service is designed to enable assessment, auditing, and evaluation of the configurations of your AWS resources. AWS Config continuously monitors and records your AWS resource configurations and allows you to automate the evaluation of recorded configurations against desired configurations. With AWS Config, you can review changes in configurations and relationships between AWS resources, dive into detailed resource configuration histories, and determine your overall compliance against the configurations specified in your internal guidelines. |
AWS Config | This service is designed to enable assessment, auditing, and evaluation of the configurations of your AWS resources. AWS Config continuously monitors and records your AWS resource configurations and allows you to automate the evaluation of recorded configurations against desired configurations. With AWS Config, you can review changes in configurations and relationships between AWS resources, dive into detailed resource configuration histories, and determine your overall compliance against the configurations specified in your internal guidelines. |
AWS Control Tower | AWS Control Tower is used for setting up and governing a secure, multi-account AWS environment, but it does not provide assessments for on-premises environments or cost projections for cloud migrations. |
AWS Control Tower | AWS Control Tower is used for setting up and governing a secure, multi-account AWS environment, but it doesn't specialize in identifying external resource sharing. |
AWS Control Tower | AWS Control Tower is used for setting up and governing a secure, multi-account AWS environment, but it does not provide assessments for on-premises environments or cost projections for cloud migrations. |
AWS Control Tower | AWS Control Tower is used for setting up and governing a secure, multi-account AWS environment, but it doesn't specialize in identifying external resource sharing. |
AWS Cost and Usage Report | This feature provides detailed information about the usage of AWS resources and associated costs. It allows users to obtain comprehensive billing data that can be used to create detailed analytics and visualizations in Amazon QuickSight. By integrating these reports with QuickSight, the company can create weekly dashboards that display their AWS spending and usage trends. |
AWS Cost and Usage Report | This feature provides detailed information about the usage of AWS resources and associated costs. It allows users to obtain comprehensive billing data that can be used to create detailed analytics and visualizations in Amazon QuickSight. By integrating these reports with QuickSight, the company can create weekly dashboards that display their AWS spending and usage trends. |
AWS Cost Anomaly Detection | This service is used to detect unusual spending patterns in your AWS account, indicating potential unintended spending. It does not support the creation of dashboards in Amazon QuickSight. |
AWS Cost Anomaly Detection | This service is used to detect unusual spending patterns in your AWS account, indicating potential unintended spending. It does not support the creation of dashboards in Amazon QuickSight. |
AWS Cost Explorer | 1. **Visualize Spending Trends**: Cost Explorer provides graphical representations of AWS spending and usage, enabling users to quickly see patterns and identify trends. 2. **Detailed Breakdowns**: Users can view detailed breakdowns of costs by various dimensions such as service, account, region, tag, etc. This helps in understanding which parts of their AWS usage are driving costs. 3. **Customizable Reports**: Cost Explorer allows users to create custom reports that can be tailored to their specific needs. Users can filter and group data in various ways to get a detailed understanding of their spending. 4. **Forecasting**: The tool can forecast future AWS spending based on historical usage patterns, aiding in budget planning and cost management. 5. **Cost Allocation Tags**: Cost Explorer supports the use of cost allocation tags to organize and track costs by project, department, application, or any other label relevant to the business. 6. **Reserved Instance (RI) and Savings Plans Recommendations**: It provides recommendations on purchasing Reserved Instances and Savings Plans to optimize costs based on the user's usage patterns. 7. **Data Export**: Users can export cost and usage data for further analysis outside of Cost Explorer. 8. **Historical Data Access**: Cost Explorer provides access to up to the last 12 months of historical data, allowing for year-over-year comparisons. 9. **Anomaly Detection**: It can help detect anomalies in spending, alerting users to unexpected changes in cost patterns. 10. **API Access**: Cost Explorer also offers an API, enabling programmatic access to cost and usage data and integration with other tools or systems. |
AWS Cost Explorer | AWS Cost Explorer has an easy-to-use interface that lets you visualize, understand, and manage your AWS costs and usage over time. Get started quickly by creating custom reports that analyze cost and usage data. Analyze your data at a high level (for example, total costs and usage across all accounts), or dive deeper into your cost and usage data to identify trends, pinpoint cost drivers, and detect anomalies. https://aws.amazon.com/aws-cost-management/aws-cost-explorer/ |
AWS Cost Explorer | AWS Cost Explorer has an easy-to-use interface that lets you visualize, understand, and manage your AWS costs and usage over time. Get started quickly by creating custom reports that analyze cost and usage data. |
AWS Cost Explorer | While Cost Explorer is useful for visualizing and understanding AWS spend, it's a standalone service within the AWS Management Console and does not directly facilitate the creation of QuickSight dashboards. |
AWS Cost Explorer | 1. **Visualize Spending Trends**: Cost Explorer provides graphical representations of AWS spending and usage, enabling users to quickly see patterns and identify trends. 2. **Detailed Breakdowns**: Users can view detailed breakdowns of costs by various dimensions such as service, account, region, tag, etc. This helps in understanding which parts of their AWS usage are driving costs. 3. **Customizable Reports**: Cost Explorer allows users to create custom reports that can be tailored to their specific needs. Users can filter and group data in various ways to get a detailed understanding of their spending. 4. **Forecasting**: The tool can forecast future AWS spending based on historical usage patterns, aiding in budget planning and cost management. 5. **Cost Allocation Tags**: Cost Explorer supports the use of cost allocation tags to organize and track costs by project, department, application, or any other label relevant to the business. 6. **Reserved Instance (RI) and Savings Plans Recommendations**: It provides recommendations on purchasing Reserved Instances and Savings Plans to optimize costs based on the user's usage patterns. 7. **Data Export**: Users can export cost and usage data for further analysis outside of Cost Explorer. 8. **Historical Data Access**: Cost Explorer provides access to up to the last 12 months of historical data, allowing for year-over-year comparisons. 9. **Anomaly Detection**: It can help detect anomalies in spending, alerting users to unexpected changes in cost patterns. 10. **API Access**: Cost Explorer also offers an API, enabling programmatic access to cost and usage data and integration with other tools or systems. |
AWS Cost Explorer | AWS Cost Explorer has an easy-to-use interface that lets you visualize, understand, and manage your AWS costs and usage over time. Get started quickly by creating custom reports that analyze cost and usage data. Analyze your data at a high level (for example, total costs and usage across all accounts), or dive deeper into your cost and usage data to identify trends, pinpoint cost drivers, and detect anomalies. https://aws.amazon.com/aws-cost-management/aws-cost-explorer/ |
AWS Cost Explorer | AWS Cost Explorer has an easy-to-use interface that lets you visualize, understand, and manage your AWS costs and usage over time. Get started quickly by creating custom reports that analyze cost and usage data. |
AWS Cost Explorer | While Cost Explorer is useful for visualizing and understanding AWS spend, it's a standalone service within the AWS Management Console and does not directly facilitate the creation of QuickSight dashboards. |
AWS Cost Optimization | AWS Cost Optimization involves strategies and tools to manage and reduce your AWS spending while maximizing resource efficiency. It includes selecting cost-effective resources, monitoring usage, and utilizing pricing models like Reserved Instances and Savings Plans. |
AWS Cost Optimization | AWS Cost Optimization involves strategies and tools to manage and reduce your AWS spending while maximizing resource efficiency. It includes selecting cost-effective resources, monitoring usage, and utilizing pricing models like Reserved Instances and Savings Plans. |
AWS customers | The responsibility for enabling encryption for Amazon EBS volumes rests with the AWS customers. They have the option to enable encryption when creating a new EBS volume through the AWS Management Console, CLI, or API. When enabled, EBS uses AWS Key Management Service (AWS KMS) to handle the encryption and decryption of the data, along with the management of the encryption keys. |
AWS customers | The responsibility for enabling encryption for Amazon EBS volumes rests with the AWS customers. They have the option to enable encryption when creating a new EBS volume through the AWS Management Console, CLI, or API. When enabled, EBS uses AWS Key Management Service (AWS KMS) to handle the encryption and decryption of the data, along with the management of the encryption keys. |
AWS Database Migration Service (AWS DMS) | This service is specifically designed to facilitate the migration of databases to AWS. AWS DMS supports various source and target databases, including PostgreSQL. It allows for the migration of data with minimal downtime, making it a suitable choice for moving an on-premises PostgreSQL database to Amazon RDS. |
AWS Database Migration Service (AWS DMS) | This service is specifically designed to facilitate the migration of databases to AWS. AWS DMS supports various source and target databases, including PostgreSQL. It allows for the migration of data with minimal downtime, making it a suitable choice for moving an on-premises PostgreSQL database to Amazon RDS. |
AWS Direct Connect | AWS Direct Connect bypasses the public internet and establishes a secure, dedicated connection from your on-premises to AWS. This service can reduce network costs, increase bandwidth throughput, and provide a more consistent network experience than internet-based connections. |
AWS Direct Connect | AWS Direct Connect bypasses the public internet and establishes a secure, dedicated connection from your on-premises to AWS. This service can reduce network costs, increase bandwidth throughput, and provide a more consistent network experience than internet-based connections. |
AWS Directory Service | This service is used for creating and managing Microsoft Active Directory (AD) in AWS, but it's not specifically designed for integrating social media logins into applications. |
AWS Directory Service | This service is used for creating and managing Microsoft Active Directory (AD) in AWS, but it's not specifically designed for integrating social media logins into applications. |
AWS Elastic Beanstalk | With Elastic Beanstalk, you can quickly deploy and manage applications in the AWS Cloud without having to learn about the infrastructure that runs those applications. Elastic Beanstalk reduces management complexity without restricting choice or control. You simply upload your application, and Elastic Beanstalk automatically handles the details of capacity provisioning, load balancing, scaling, and application health monitoring. "Deploy scalable web applications in minutes without the complexity of provisioning and managing underlying infrastructure." Reference: https://aws.amazon.com/elasticbeanstalk/ |
AWS Elastic Beanstalk | AWS Elastic Beanstalk is an easy-to-use service for deploying and scaling web applications and services developed with Java, . NET, PHP, Node. js, Python, Ruby, Go, and Docker on familiar servers such as Apache, Nginx, Passenger, and Internet Information Services (IIS). |
AWS Elastic Beanstalk | With Elastic Beanstalk, you can quickly deploy and manage applications in the AWS Cloud without having to learn about the infrastructure that runs those applications. Elastic Beanstalk reduces management complexity without restricting choice or control. You simply upload your application, and Elastic Beanstalk automatically handles the details of capacity provisioning, load balancing, scaling, and application health monitoring. "Deploy scalable web applications in minutes without the complexity of provisioning and managing underlying infrastructure." Reference: https://aws.amazon.com/elasticbeanstalk/ |
AWS Elastic Beanstalk | AWS Elastic Beanstalk is an easy-to-use service for deploying and scaling web applications and services developed with Java, . NET, PHP, Node. js, Python, Ruby, Go, and Docker on familiar servers such as Apache, Nginx, Passenger, and Internet Information Services (IIS). |
AWS Elastic Kubernetes Service (EKS) | Kubernetes, Managed, Containers, Scalable |
AWS Enterprise Support | AWS Enterprise Support: This is the most comprehensive support plan offered by AWS. It includes 24/7 access to senior AWS support engineers, a designated Technical Account Manager (TAM), and access to Infrastructure Event Management for operational readiness, which is particularly useful for pre-launch assessments of new products. This plan is designed for large enterprises with extensive and critical use of AWS services. The AWS Support plan that offers guidance and support for assessing operational readiness and identifying and mitigating operational risks ahead of a new product launch at no additional charge is the AWS Enterprise Support plan. https://aws.amazon.com/premiumsupport/plans/ "ahead of a new product launch" |
AWS Enterprise Support | For a company with AWS Enterprise Support that is expecting a large increase in traffic due to a product launch, the most appropriate action to assess readiness for scaling is "B. Use AWS Infrastructure Event Management (IEM) support." AWS Infrastructure Event Management offers architectural and operational guidance from AWS Support as part of the Enterprise Support plan. It is designed to help customers prepare for events such as product launches, marketing events, or migrations that could lead to significant changes in workload and traffic. IEM provides access to technical and project management expertise to assist in planning and optimizing AWS infrastructure for such critical events. |
AWS Enterprise Support | AWS Enterprise Support: This is the most comprehensive support plan offered by AWS. It includes 24/7 access to senior AWS support engineers, a designated Technical Account Manager (TAM), and access to Infrastructure Event Management for operational readiness, which is particularly useful for pre-launch assessments of new products. This plan is designed for large enterprises with extensive and critical use of AWS services. The AWS Support plan that offers guidance and support for assessing operational readiness and identifying and mitigating operational risks ahead of a new product launch at no additional charge is the AWS Enterprise Support plan. https://aws.amazon.com/premiumsupport/plans/ "ahead of a new product launch" |
AWS Enterprise Support | For a company with AWS Enterprise Support that is expecting a large increase in traffic due to a product launch, the most appropriate action to assess readiness for scaling is "B. Use AWS Infrastructure Event Management (IEM) support." AWS Infrastructure Event Management offers architectural and operational guidance from AWS Support as part of the Enterprise Support plan. It is designed to help customers prepare for events such as product launches, marketing events, or migrations that could lead to significant changes in workload and traffic. IEM provides access to technical and project management expertise to assist in planning and optimizing AWS infrastructure for such critical events. |
AWS Fargate | Serverless, Compute Engine, Containers, Automatic |
AWS Fargate | AWS Fargate is a serverless, pay-as-you-go compute engine that lets you focus on building applications without managing servers. AWS Fargate is compatible with both Amazon Elastic Container Service (Amazon ECS) and Amazon Elastic Kubernetes Service (Amazon EKS). |
AWS Fargate | AWS Fargate is a serverless compute engine for containers, and it does not have features related to identifying externally shared resources. |
AWS Fargate | AWS Fargate is a serverless, pay-as-you-go compute engine that lets you focus on building applications without managing servers. AWS Fargate is compatible with both Amazon Elastic Container Service (Amazon ECS) and Amazon Elastic Kubernetes Service (Amazon EKS). |
AWS Fargate | AWS Fargate is a serverless compute engine for containers, and it does not have features related to identifying externally shared resources. |
AWS Firewall Manager | Security, Rules, Centralized, Management |
AWS Firewall Manager | AWS Firewall Manager is a security management service that allows you to centrally configure and manage firewall rules across your accounts and applications in AWS Organizations. As new applications are created, Firewall Manager makes it easier to bring new applications and resources into compliance by enforcing a common set of security rules. therefore the only valid answer is D as it pertains to subnets (VPC) |
AWS Firewall Manager | This service is designed to manage firewall rules across multiple AWS accounts and applications in AWS Organizations. It simplifies your AWS WAF, AWS Shield Advanced, and VPC security groups management and maintenance tasks across multiple accounts and resources. It's the right tool for central management and configuration of security groups in a multi-account environment. |
AWS Firewall Manager | AWS Firewall Manager is a security management service that allows you to centrally configure and manage firewall rules across your accounts and applications in AWS Organizations. As new applications are created, Firewall Manager makes it easier to bring new applications and resources into compliance by enforcing a common set of security rules. therefore the only valid answer is D as it pertains to subnets (VPC) |
AWS Firewall Manager | This service is designed to manage firewall rules across multiple AWS accounts and applications in AWS Organizations. It simplifies your AWS WAF, AWS Shield Advanced, and VPC security groups management and maintenance tasks across multiple accounts and resources. It's the right tool for central management and configuration of security groups in a multi-account environment. |
AWS Global Accelerator | "Improve application availability, performance, and security using the AWS global network" Reference: https://aws.amazon.com/global-accelerator/ |
AWS Global Accelerator | This service improves the availability and performance of applications with global users. It directs traffic to optimal endpoints over the AWS global network, improving the performance of the applications by lowering latency and providing failover across AWS regions. |
AWS Global Accelerator | "Improve application availability, performance, and security using the AWS global network" Reference: https://aws.amazon.com/global-accelerator/ |
AWS Global Accelerator | This service improves the availability and performance of applications with global users. It directs traffic to optimal endpoints over the AWS global network, improving the performance of the applications by lowering latency and providing failover across AWS regions. |
AWS Glue | ETL, Data Integration, Serverless, Transformation |
AWS Glue | AWS Glue is a serverless data integration service that makes it easier to discover, prepare, move, and integrate data from multiple sources for analytics, machine learning (ML), and application development. |
AWS Glue | AWS Glue is a serverless data integration service that makes it easier to discover, prepare, move, and integrate data from multiple sources for analytics, machine learning (ML), and application development. |
AWS Greengrass | IoT, Local Compute, Messaging, Sync |
AWS Ground Station | Satellite, Ground Station, Data, Communication |
AWS Health Dashboard | For learning about AWS service availability and operations, users should use D. AWS Health Dashboard. The AWS Health Dashboard provides real-time information on the health of AWS services. It offers a personalized view of the performance and availability of the AWS services that an account uses, along with alerts about scheduled maintenance, security vulnerabilities, and other important events. This makes it the ideal choice for staying informed about the operational status and health of AWS services. |
AWS Health Dashboard | For learning about AWS service availability and operations, users should use D. AWS Health Dashboard. The AWS Health Dashboard provides real-time information on the health of AWS services. It offers a personalized view of the performance and availability of the AWS services that an account uses, along with alerts about scheduled maintenance, security vulnerabilities, and other important events. This makes it the ideal choice for staying informed about the operational status and health of AWS services. |
AWS IAM Access Analyzer | IAM Access Analyzer helps identify resources in your organization and accounts that are shared with an external entity. https://docs.aws.amazon.com/IAM/latest/UserGuide/what-is-access-analyzer.html |
AWS IAM Access Analyzer | AWS IAM Access Analyzer helps identify unintended external access to your AWS resources. It continuously monitors resource policies to analyze permissions granted to principals (e.g., AWS accounts, IAM users, roles) outside of your AWS organization. It can detect when resources are shared with external entities, and it provides findings to help you understand and control access to your resources. |
AWS IAM Access Analyzer | IAM Access Analyzer helps identify resources in your organization and accounts that are shared with an external entity. https://docs.aws.amazon.com/IAM/latest/UserGuide/what-is-access-analyzer.html |
AWS IAM Access Analyzer | AWS IAM Access Analyzer helps identify unintended external access to your AWS resources. It continuously monitors resource policies to analyze permissions granted to principals (e.g., AWS accounts, IAM users, roles) outside of your AWS organization. It can detect when resources are shared with external entities, and it provides findings to help you understand and control access to your resources. |
AWS IAM Identity Center (AWS Single Sign-On) | Web-based single sign-on (SSO) to the AWS Management Console from your organization. Users can sign in to a portal in your organization hosted by a SAML 2.0–compatible IdP, select an option to go to AWS, and be redirected to the console without having to provide additional sign-in information. You can use a third-party SAML IdP to establish SSO access to the console or you can create a custom IdP to enable console access for your external users. |
AWS IAM Identity Center (AWS Single Sign-On) | Formerly known as AWS Single Sign-On, this service is primarily used to manage SSO access to multiple AWS accounts and business applications. While it can integrate with external identity providers, it is more oriented towards enterprise SSO than consumer-facing social media integrations. |
AWS IAM Identity Center (AWS Single Sign-On) | Web-based single sign-on (SSO) to the AWS Management Console from your organization. Users can sign in to a portal in your organization hosted by a SAML 2.0–compatible IdP, select an option to go to AWS, and be redirected to the console without having to provide additional sign-in information. You can use a third-party SAML IdP to establish SSO access to the console or you can create a custom IdP to enable console access for your external users. |
AWS IAM Identity Center (AWS Single Sign-On) | Formerly known as AWS Single Sign-On, this service is primarily used to manage SSO access to multiple AWS accounts and business applications. While it can integrate with external identity providers, it is more oriented towards enterprise SSO than consumer-facing social media integrations. |
AWS IAM user with administrator privileges | This practice limits the use of the root account, reducing the risk of accidental changes or security breaches. IAM users can be given only the necessary permissions, following the principle of least privilege. |
AWS IAM user with administrator privileges | This practice limits the use of the root account, reducing the risk of accidental changes or security breaches. IAM users can be given only the necessary permissions, following the principle of least privilege. |
AWS Identity and Access Management (IAM) | IAM is a feature of your AWS account and is offered at no additional charge. Reference: https://aws.amazon.com/iam/getting-started/?nc=sn&loc=3 |
AWS Identity and Access Management (IAM) | IAM allows you to manage access and permissions in AWS, but it does not provide functionality for integrating social media logins for applications. |
AWS Identity and Access Management (IAM) | IAM is used for securely controlling access to AWS services and resources for your users. |
AWS Identity and Access Management (IAM) | IAM manages access to AWS services and resources, but it does not analyze or classify the content of the data. |
AWS Identity and Access Management (IAM) | IAM is a feature of your AWS account and is offered at no additional charge. Reference: https://aws.amazon.com/iam/getting-started/?nc=sn&loc=3 |
AWS Identity and Access Management (IAM) | IAM allows you to manage access and permissions in AWS, but it does not provide functionality for integrating social media logins for applications. |
AWS Identity and Access Management (IAM) | IAM is used for securely controlling access to AWS services and resources for your users. |
AWS Identity and Access Management (IAM) | IAM manages access to AWS services and resources, but it does not analyze or classify the content of the data. |
AWS IoT Core | IoT, Devices, Connectivity, Manage, Secure |
AWS IoT Core | This service is primarily used for connecting Internet of Things (IoT) devices to the AWS Cloud and to other devices. It's great for real-time data processing and analysis but requires a consistent internet connection to communicate with the cloud, which doesn't align well with the intermittent or no internet connectivity scenario described. |
AWS IoT Core | This service is primarily used for connecting Internet of Things (IoT) devices to the AWS Cloud and to other devices. It's great for real-time data processing and analysis but requires a consistent internet connection to communicate with the cloud, which doesn't align well with the intermittent or no internet connectivity scenario described. |
AWS Key Management Service (AWS KMS) | AWS Key Management Service (AWS KMS) is involved in the encryption process (as it provides the encryption keys), the actual enabling of EBS encryption is a customer-driven action. AWS KMS manages the creation, storage, and control of encryption keys, but it does not automatically enable encryption on EBS volumes; this is a decision and action taken by the customer. |
AWS Key Management Service (AWS KMS) | AWS Key Management Service (AWS KMS) is involved in the encryption process (as it provides the encryption keys), the actual enabling of EBS encryption is a customer-driven action. AWS KMS manages the creation, storage, and control of encryption keys, but it does not automatically enable encryption on EBS volumes; this is a decision and action taken by the customer. |
AWS Key Management Service (KMS) | Encryption, Keys, Management, Security |
AWS Kinesis | Data Streams, Real-time, Scalable, Processing |
AWS KMS | Use Amazon EBS encryption as a straight-forward encryption solution for your EBS resources associated with your EC2 instances. With Amazon EBS encryption, you aren't required to build, maintain, and secure your own key management infrastructure. Amazon EBS encryption uses AWS KMS keys when creating encrypted volumes and snapshots. https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html |
AWS KMS | Use Amazon EBS encryption as a straight-forward encryption solution for your EBS resources associated with your EC2 instances. With Amazon EBS encryption, you aren't required to build, maintain, and secure your own key management infrastructure. Amazon EBS encryption uses AWS KMS keys when creating encrypted volumes and snapshots. https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html |
AWS KMS managed keys (SSE-KMS) | Server-side encryption with AWS KMS managed keys (SSE-KMS):This method also encrypts objects at rest, but uses keys managed by AWS Key Management Service (KMS). This provides additional benefits of user control and audit trails. |
AWS KMS managed keys (SSE-KMS) | Server-side encryption with AWS KMS managed keys (SSE-KMS):This method also encrypts objects at rest, but uses keys managed by AWS Key Management Service (KMS). This provides additional benefits of user control and audit trails. |
AWS Knowledge Center | Answer should be Knowledge centre, because right in the official exam guide; section 2.4: Identifying where security information is available, Knowledge centre is listed among AWS security centre and AWS security blog. Artifact is majorly for compliance reports and is unfortunately the answer chatGPT will give you if you ask it. AWS Official Knowledge Center articles and videos covering the most frequent questions and requests that we receive from AWS customers. |
AWS Knowledge Center | Answer should be Knowledge centre, because right in the official exam guide; section 2.4: Identifying where security information is available, Knowledge centre is listed among AWS security centre and AWS security blog. Artifact is majorly for compliance reports and is unfortunately the answer chatGPT will give you if you ask it. AWS Official Knowledge Center articles and videos covering the most frequent questions and requests that we receive from AWS customers. |
AWS Lake Formation | Data Lake, Storage, Management, Security |
AWS Lambda | AWS Lambda is a serverless computing service that runs your code without provisioning or managing servers. However, Lambda functions have a maximum execution time of 15 minutes. Therefore, Lambda is not suitable for workloads that need to run for longer than 15 minutes. |
AWS Lambda | AWS Lambda is a serverless compute service where users upload code functions, but they don't have control over the underlying operating system, making it unsuitable for managing the OS patches. |
AWS Lambda | AWS Lambda is a serverless computing service that runs your code without provisioning or managing servers. However, Lambda functions have a maximum execution time of 15 minutes. Therefore, Lambda is not suitable for workloads that need to run for longer than 15 minutes. |
AWS Lambda | AWS Lambda is a serverless compute service where users upload code functions, but they don't have control over the underlying operating system, making it unsuitable for managing the OS patches. |
AWS License Manager | License, Management, Tracking, Compliance |
AWS License Manager | This service helps with managing licenses from software vendors. It can track licenses used in your environment but doesn't facilitate the purchase of new software. |
AWS License Manager | This service helps with managing licenses from software vendors. It can track licenses used in your environment but doesn't facilitate the purchase of new software. |
AWS Local Zones | Infrastructure, Low-latency, Local, Applications |
AWS Managed Blockchain | Blockchain, Networks, Scalable, Managed |
AWS Managed Services | AWS Managed Services provides ongoing management of your AWS infrastructure. While it offers operations management and automation, it's not a platform for purchasing software. |
AWS Managed Services | AWS Managed Services provides ongoing management of your AWS infrastructure. While it offers operations management and automation, it's not a platform for purchasing software. |
AWS Managed Services (AMS) | AWS Managed Services (AMS) helps you adopt AWS at scale and operate more efficiently and securely. We leverage standard AWS services and offer operational guidance with specialized automations, skills, and experience that are contextual to your environment and applications |
AWS Managed Services (AMS) | AWS Managed Services (AMS) helps you adopt AWS at scale and operate more efficiently and securely. We leverage standard AWS services and offer operational guidance with specialized automations, skills, and experience that are contextual to your environment and applications |
AWS Management Console | The AWS Management Console is a web application that comprises and refers to a broad collection of service consoles for managing AWS resources. https://docs.aws.amazon.com/awsconsolehelpdocs/latest/gsg/learn-whats-new.html |
AWS Management Console | The AWS Management Console is a web application that comprises and refers to a broad collection of service consoles for managing AWS resources. https://docs.aws.amazon.com/awsconsolehelpdocs/latest/gsg/learn-whats-new.html |
AWS Marketplace | Digital Catalog, Software, Cloud, Purchase |
AWS Marketplace | AWS Marketplace is a digital catalog that includes thousands of software listings from independent software vendors. You can use AWS Marketplace to find, test, buy, and deploy software that runs on AWS. It's specifically designed for the purchase and deployment of third-party software in an AWS environment. |
AWS Marketplace | The company can purchase the security solution from the "AWS Marketplace." AWS Marketplace is an online store that helps customers find, buy, and immediately start using the software and services that run on the Amazon Web Services (AWS) platform, including security software offered by various vendors. It's specifically designed for such purposes, offering a wide range of commercial and open-source software from AWS technology partners. |
AWS Marketplace | AWS Marketplace is a digital catalog that includes thousands of software listings from independent software vendors. You can use AWS Marketplace to find, test, buy, and deploy software that runs on AWS. It's specifically designed for the purchase and deployment of third-party software in an AWS environment. |
AWS Marketplace | The company can purchase the security solution from the "AWS Marketplace." AWS Marketplace is an online store that helps customers find, buy, and immediately start using the software and services that run on the Amazon Web Services (AWS) platform, including security software offered by various vendors. It's specifically designed for such purposes, offering a wide range of commercial and open-source software from AWS technology partners. |
AWS MediaConnect | Video Transfer, Live, Secure, Broadcast |
AWS MediaLive | Video Processing, Live, Broadcast, Stream |
AWS MediaPackage | Video Packaging, VOD, Live, DRM |
AWS MediaStore | Media Storage, High Performance, Object Storage |
AWS MediaTailor | Video, Personalization, Advertising, Content, Customization |
AWS Migration Hub | While Migration Hub provides a central location to track the progress of migrations across multiple AWS and partner solutions, it doesn't perform database migration itself. It's more of an oversight and management tool for the broader migration process. |
AWS Migration Hub | While Migration Hub provides a central location to track the progress of migrations across multiple AWS and partner solutions, it doesn't perform database migration itself. It's more of an oversight and management tool for the broader migration process. |
AWS Organizations | AWS Organizations is an account management service that enables you to consolidate multiple AWS accounts into an organization that you create and centrally manage. AWS Organizations is offered at no additional charge. You are charged only for AWS resources that users and roles in your member accounts use. For example, you are charged the standard fees for Amazon EC2 instances that are used by users or roles in your member accounts. https://docs.aws.amazon.com/organizations/latest/userguide/orgs_introduction.html |
AWS Organizations | "AWS Organizations provides you with the capability to centrally manage and govern your cloud environment. You can manage and organize your accounts under a single bill, set central policies and configuration requirements for your entire organization, create custom permissions or capabilities within the organization, and delegate responsibilities to other accounts so they can manage on behalf of the organization." |
AWS Organizations | This service allows you to centrally manage billing, control access, compliance, security, and resource sharing across multiple AWS accounts, but it does not provide third-party consulting services. |
AWS Organizations | This service is designed specifically for such scenarios. AWS Organizations allows for the centralized management and governance of multiple AWS accounts. It enables the automation of new account creation, application of service control policies (SCPs) across the organization to ensure compliance with company-wide policies, and simplifies billing by consolidating costs and providing detailed reports. This setup is particularly useful for large businesses with various business units needing distinct AWS environments under a unified management system. |
AWS Organizations | AWS Organizations enables you to create separate AWS accounts for each business unit. This structure allows for clear separation of resources, security, and permissions. Additionally, it simplifies cost tracking and billing as each account can be billed separately, and the costs are easily attributable to the respective business unit. This approach significantly reduces operational complexity compared to manually tracking costs with spreadsheets or a database like DynamoDB, and is more effective than trying to assign owners and track costs within a single account using the AWS Billing console. |
AWS Organizations | AWS Organizations is an account management service that enables you to consolidate multiple AWS accounts into an organization that you create and centrally manage. AWS Organizations is offered at no additional charge. You are charged only for AWS resources that users and roles in your member accounts use. For example, you are charged the standard fees for Amazon EC2 instances that are used by users or roles in your member accounts. https://docs.aws.amazon.com/organizations/latest/userguide/orgs_introduction.html |
AWS Organizations | "AWS Organizations provides you with the capability to centrally manage and govern your cloud environment. You can manage and organize your accounts under a single bill, set central policies and configuration requirements for your entire organization, create custom permissions or capabilities within the organization, and delegate responsibilities to other accounts so they can manage on behalf of the organization." |
AWS Organizations | This service allows you to centrally manage billing, control access, compliance, security, and resource sharing across multiple AWS accounts, but it does not provide third-party consulting services. |
AWS Organizations | This service is designed specifically for such scenarios. AWS Organizations allows for the centralized management and governance of multiple AWS accounts. It enables the automation of new account creation, application of service control policies (SCPs) across the organization to ensure compliance with company-wide policies, and simplifies billing by consolidating costs and providing detailed reports. This setup is particularly useful for large businesses with various business units needing distinct AWS environments under a unified management system. |
AWS Organizations | AWS Organizations enables you to create separate AWS accounts for each business unit. This structure allows for clear separation of resources, security, and permissions. Additionally, it simplifies cost tracking and billing as each account can be billed separately, and the costs are easily attributable to the respective business unit. This approach significantly reduces operational complexity compared to manually tracking costs with spreadsheets or a database like DynamoDB, and is more effective than trying to assign owners and track costs within a single account using the AWS Billing console. |
AWS Outposts | On-premises, AWS Services, Hybrid, Infrastructure, Consistency |
AWS Outposts | AWS Outposts enables you to run AWS infrastructure and services on premises while seamlessly connecting to the AWS cloud. This service extends the AWS ecosystem to your on-premises locations, allowing you to take advantage of cloud benefits while addressing the requirements of data residency, low-latency applications, and specific regulatory needs in hybrid environments. |
AWS Outposts | AWS Outposts enables you to run AWS infrastructure and services on premises while seamlessly connecting to the AWS cloud. This service extends the AWS ecosystem to your on-premises locations, allowing you to take advantage of cloud benefits while addressing the requirements of data residency, low-latency applications, and specific regulatory needs in hybrid environments. |
AWS Personal Health Dashboard | This service provides alerts and remediation guidance when AWS is experiencing events that may impact the company. The Personal Health Dashboard gives a personalized view into the performance and availability of the AWS services underlying the company's AWS resources. |
AWS Personal Health Dashboard | This service provides alerts and remediation guidance when AWS is experiencing events that may impact the company. The Personal Health Dashboard gives a personalized view into the performance and availability of the AWS services underlying the company's AWS resources. |
AWS Pricing Calculator | AWS Pricing Calculator is a web-based planning tool that you can use to create estimates for your AWS use cases. You can use it to model your solutions before building them, explore the AWS service price points, and review the calculations behind your estimates. https://docs.aws.amazon.com/pricing-calculator/latest/userguide/what-is-pricing-calculator.html |
AWS Pricing Calculator | "AWS Pricing Calculator is a web-based planning tool that you can use to create estimates for your AWS use cases. You can use it to model your solutions before building them, explore the AWS service price points, and review the calculations behind your estimates. You can use it to help you plan how you spend, find cost saving opportunities, and make informed decisions when using Amazon Web Services." Reference: https://docs.aws.amazon.com/pricing-calculator/latest/userguide/what-is-pricing-calculator.html |
AWS Pricing Calculator | AWS Pricing Calculator is a web-based planning tool that you can use to create estimates for your AWS use cases. You can use it to model your solutions before building them, explore the AWS service price points, and review the calculations behind your estimates. https://docs.aws.amazon.com/pricing-calculator/latest/userguide/what-is-pricing-calculator.html |
AWS Pricing Calculator | "AWS Pricing Calculator is a web-based planning tool that you can use to create estimates for your AWS use cases. You can use it to model your solutions before building them, explore the AWS service price points, and review the calculations behind your estimates. You can use it to help you plan how you spend, find cost saving opportunities, and make informed decisions when using Amazon Web Services." Reference: https://docs.aws.amazon.com/pricing-calculator/latest/userguide/what-is-pricing-calculator.html |
AWS PrivateLink | Private, Connectivity, Secure, Networking, VPC |
AWS PrivateLink | AWS PrivateLink provides a private network connection between VPCs and AWS services, while AWS Direct Connect is a dedicated, private connection between on-premises infrastructure and an AWS Location https://aws.amazon.com/privatelink/#:~:text=AWS%20PrivateLink%20provides%20private%20connectivity,traffic%20to%20the%20public%20intern et. |
AWS PrivateLink | AWS PrivateLink provides a private network connection between VPCs and AWS services, while AWS Direct Connect is a dedicated, private connection between on-premises infrastructure and an AWS Location https://aws.amazon.com/privatelink/#:~:text=AWS%20PrivateLink%20provides%20private%20connectivity,traffic%20to%20the%20public%20intern et. |
AWS provides agility | Agility in the context of cloud computing refers to the ability to rapidly and efficiently adapt to changes, whether in terms of scaling up or down, deploying new applications, or experimenting with new technologies. AWS enables this by allowing users to quickly provision and deprovision a wide range of resources (like compute instances, storage, databases, etc.) with minimal effort. This rapid provisioning capability means that organizations can innovate faster, experiment more easily, and bring products to market in a shorter time frame, all without the need for large upfront investments in hardware or long-term planning for capacity. |
AWS provides agility | Agility in the context of cloud computing refers to the ability to rapidly and efficiently adapt to changes, whether in terms of scaling up or down, deploying new applications, or experimenting with new technologies. AWS enables this by allowing users to quickly provision and deprovision a wide range of resources (like compute instances, storage, databases, etc.) with minimal effort. This rapid provisioning capability means that organizations can innovate faster, experiment more easily, and bring products to market in a shorter time frame, all without the need for large upfront investments in hardware or long-term planning for capacity. |
AWS Region | AWS has the concept of a Region, which is a physical location around the world where we cluster data centers. We call each group of logical data centers an Availability Zone. Each AWS Region consists of a minimum of three, isolated, and physically separate AZs within a geographic area. https://aws.amazon.com/about-aws/global-infrastructure/regions_az/ |
AWS Region | AWS has the concept of a Region, which is a physical location around the world where we cluster data centers. We call each group of logical data centers an Availability Zone. Each AWS Region consists of a minimum of three, isolated, and physically separate AZs within a geographic area. https://aws.amazon.com/about-aws/global-infrastructure/regions_az/ |
AWS Regions | AWS Regions are specific geographic locations where Amazon Web Services operates data centers, known as Availability Zones (AZs). These Regions offer global network coverage, enabling users to reduce latency, comply with data residency laws, and enhance fault tolerance. Each Region contains multiple AZs, which are isolated data centers providing high availability and redundancy. AWS services vary by Region, influencing user choice based on service needs, compliance, and latency. Costs also differ across Regions due to varying operational expenses. Selecting a closer Region can decrease network latency for end-users. AWS constantly grows, adding new Regions and AZs for enhanced disaster recovery, fault tolerance, and to cater to increasing demand. |
AWS Regions | AWS Regions are specific geographic locations where Amazon Web Services operates data centers, known as Availability Zones (AZs). These Regions offer global network coverage, enabling users to reduce latency, comply with data residency laws, and enhance fault tolerance. Each Region contains multiple AZs, which are isolated data centers providing high availability and redundancy. AWS services vary by Region, influencing user choice based on service needs, compliance, and latency. Costs also differ across Regions due to varying operational expenses. Selecting a closer Region can decrease network latency for end-users. AWS constantly grows, adding new Regions and AZs for enhanced disaster recovery, fault tolerance, and to cater to increasing demand. |
AWS Resource Access Manager | Resource Sharing, Management, Multi-account, Efficiency, AWS |
AWS Resource Access Manager | This service helps you securely share AWS resources within your organization or with external organizations. It's not used for purchasing software, but rather for managing and sharing AWS resources. |
AWS Resource Access Manager | This service is used to share AWS resources with any AWS account or within your AWS Organization. It's not related to DDoS protection. |
AWS Resource Access Manager | This service helps you securely share AWS resources within your organization or with external organizations. It's not used for purchasing software, but rather for managing and sharing AWS resources. |
AWS Resource Access Manager | This service is used to share AWS resources with any AWS account or within your AWS Organization. It's not related to DDoS protection. |
AWS resources | Agility - how quickly you can do things, so how soon you can setup your environment (A) and cloud benefit is how soon you can setup your eco system to experiment (C) |
AWS resources | Agility - how quickly you can do things, so how soon you can setup your environment (A) and cloud benefit is how soon you can setup your eco system to experiment (C) |
AWS resources to control cloud costs | **Select EC2 Instances Based on Usage History** - Pick EC2 types matching previous use to avoid oversizing and extra costs. **Apply S3 Lifecycle Policies for Infrequent Access** - Move rarely used data to cheaper storage options like S3 Infrequent Access or Glacier to cut costs. |
AWS resources to control cloud costs | **Select EC2 Instances Based on Usage History** - Pick EC2 types matching previous use to avoid oversizing and extra costs. **Apply S3 Lifecycle Policies for Infrequent Access** - Move rarely used data to cheaper storage options like S3 Infrequent Access or Glacier to cut costs. |
AWS RoboMaker | Robotics, Development, Simulation, Deployment, AWS |
AWS S3 Transfer Acceleration | Fast, Secure, Data Transfer, S3, Acceleration |
AWS Secrets Manager | Secrets, Management, Security, Encryption, Rotation |
AWS Secrets Manager | AWS Secrets Manager: This service is specifically designed to handle secret management, including the rotation of credentials for databases and other services. It allows you to automatically rotate, manage, and retrieve database credentials, API keys, and other secrets throughout their lifecycle. AWS Secrets Manager supports native credential rotation for AWS databases with minimal manual setup, making it the best choice for the requirement. |
AWS Secrets Manager | AWS Secrets Manager makes it easier to rotate, manage, and retrieve database credentials, API keys, and other secrets throughout their lifecycle. |
AWS Secrets Manager | A company can use AWS Secrets Manager to securely store and encrypt passwords for a database. AWS Secrets Manager is specifically designed for this purpose, allowing you to easily rotate, manage, and retrieve database credentials, API keys, and other secrets throughout their lifecycle. The service offers encryption of these secrets to enhance security and also integrates with other AWS services to simplify the management of credentials and secrets. |
AWS Secrets Manager | AWS Secrets Manager: This service is specifically designed to handle secret management, including the rotation of credentials for databases and other services. It allows you to automatically rotate, manage, and retrieve database credentials, API keys, and other secrets throughout their lifecycle. AWS Secrets Manager supports native credential rotation for AWS databases with minimal manual setup, making it the best choice for the requirement. |
AWS Secrets Manager | AWS Secrets Manager makes it easier to rotate, manage, and retrieve database credentials, API keys, and other secrets throughout their lifecycle. |
AWS Secrets Manager | A company can use AWS Secrets Manager to securely store and encrypt passwords for a database. AWS Secrets Manager is specifically designed for this purpose, allowing you to easily rotate, manage, and retrieve database credentials, API keys, and other secrets throughout their lifecycle. The service offers encryption of these secrets to enhance security and also integrates with other AWS services to simplify the management of credentials and secrets. |
AWS Security Hub | Security, Monitoring, Compliance, Alerts, Aggregation |
AWS Security Hub | "AWS Security Hub is a cloud security posture management (CSPM) service that performs automated, continuous security best practice checks against your AWS resources to help you identify misconfigurations, and aggregates your security alerts (i.e. findings) in a standardized format so that you can more easily enrich, investigate, and remediate them." Reference: https://aws.amazon.com/security-hub/features/?nc=sn&loc=2 |
AWS Security Hub | This service provides a comprehensive view of your high-priority security alerts and compliance status across AWS accounts. It's more about security and compliance monitoring, not about granting access or permissions to AWS services. |
AWS Security Hub | "AWS Security Hub is a cloud security posture management (CSPM) service that performs automated, continuous security best practice checks against your AWS resources to help you identify misconfigurations, and aggregates your security alerts (i.e. findings) in a standardized format so that you can more easily enrich, investigate, and remediate them." Reference: https://aws.amazon.com/security-hub/features/?nc=sn&loc=2 |
AWS Security Hub | This service provides a comprehensive view of your high-priority security alerts and compliance status across AWS accounts. It's more about security and compliance monitoring, not about granting access or permissions to AWS services. |
AWS Security Token Service (AWS STS) | AWS STS provides a way to grant temporary, limited-privilege credentials to users, applications, or services. These temporary credentials can be used to access AWS resources securely without having to use long-term access keys or IAM user credentials. AWS provides AWS Security Token Service (AWS STS) as a web service that enables you to request temporary, limited-privilege credentials for users. https://docs.aws.amazon.com/STS/latest/APIReference/welcome.html |
AWS Security Token Service (AWS STS) | AWS STS provides a way to grant temporary, limited-privilege credentials to users, applications, or services. These temporary credentials can be used to access AWS resources securely without having to use long-term access keys or IAM user credentials. AWS provides AWS Security Token Service (AWS STS) as a web service that enables you to request temporary, limited-privilege credentials for users. https://docs.aws.amazon.com/STS/latest/APIReference/welcome.html |
AWS Serverless Application Model (SAM) | Serverless, Deployment, Management, Development, AWS |
AWS Service Catalog | AWS Service Catalog lets you centrally manage your cloud resources to achieve governance at scale of your infrastructure as code (IaC) templates, written in CloudFormation or Terraform configurations. With AWS Service Catalog, you can meet your compliance requirements while making sure your customers can quickly deploy the cloud resources they need. |
AWS Service Catalog | This service allows organizations to create and manage catalogs of IT services that are approved for use on AWS, but it does not facilitate the engagement of third-party consultants. |
AWS Service Catalog | This is used to create and manage catalogs of IT services that are approved for use on AWS. It's not suitable for scheduling and running computing jobs. |
AWS Service Catalog | This service allows organizations to create and manage catalogs of IT services approved for use on AWS, which is not related to monitoring the health of AWS services. |
AWS Service Catalog | AWS Service Catalog lets you centrally manage your cloud resources to achieve governance at scale of your infrastructure as code (IaC) templates, written in CloudFormation or Terraform configurations. With AWS Service Catalog, you can meet your compliance requirements while making sure your customers can quickly deploy the cloud resources they need. |
AWS Service Catalog | This service allows organizations to create and manage catalogs of IT services that are approved for use on AWS, but it does not facilitate the engagement of third-party consultants. |
AWS Service Catalog | This is used to create and manage catalogs of IT services that are approved for use on AWS. It's not suitable for scheduling and running computing jobs. |
AWS Service Catalog | This service allows organizations to create and manage catalogs of IT services approved for use on AWS, which is not related to monitoring the health of AWS services. |
AWS Service Health Dashboard | This dashboard provides information on the general health of AWS services. It displays the current status and past incidents of each AWS service, offering a broader view of the AWS environment's status compared to the personalized information available in the Personal Health Dashboard. |
AWS Service Health Dashboard | This dashboard provides information on the general health of AWS services. It displays the current status and past incidents of each AWS service, offering a broader view of the AWS environment's status compared to the personalized information available in the Personal Health Dashboard. |
AWS shared responsibility model | Under the AWS shared responsibility model, "Configuration of infrastructure devices" is an AWS responsibility. AWS is responsible for the security and maintenance of the underlying infrastructure of the cloud, including hardware, software, networking, and facilities that run AWS Cloud services. The customer is responsible for managing the guest operating system (including updates and security patches), as well as configuring the AWS-provided security group settings. |
AWS shared responsibility model | Provide public endpoints to store and retrieve data: AWS is responsible for ensuring that the infrastructure and endpoints for services like DynamoDB are available, reliable, and accessible to the users. Manage the infrastructure layer and the operating system: AWS manages the underlying infrastructure (including hardware and networking) and the operating system on which DynamoDB runs. This includes ensuring the infrastructure's security, durability, and scalability. |
AWS shared responsibility model | In the AWS shared responsibility model, "Configuration management" is an example of a shared control between AWS and the customer. This means that both AWS and the customer have responsibilities in ensuring the effective management of configuration settings for the infrastructure and services used. |
AWS shared responsibility model | AWS is responsible for the configuration management of the infrastructure that runs all of the services offered in the AWS Cloud. This includes the configuration of hardware, network infrastructure, and the facilities that host cloud services. |
AWS shared responsibility model | The customer is responsible for the configuration management of their software and applications, including the AWS services they utilize (like EC2 instances, S3 buckets, etc.). This involves setting up and managing the operating system, network and firewall configurations, and other application software settings within their AWS environment. |
AWS shared responsibility model | Under the AWS shared responsibility model, "Configuration of infrastructure devices" is an AWS responsibility. AWS is responsible for the security and maintenance of the underlying infrastructure of the cloud, including hardware, software, networking, and facilities that run AWS Cloud services. The customer is responsible for managing the guest operating system (including updates and security patches), as well as configuring the AWS-provided security group settings. |
AWS shared responsibility model | Provide public endpoints to store and retrieve data: AWS is responsible for ensuring that the infrastructure and endpoints for services like DynamoDB are available, reliable, and accessible to the users. Manage the infrastructure layer and the operating system: AWS manages the underlying infrastructure (including hardware and networking) and the operating system on which DynamoDB runs. This includes ensuring the infrastructure's security, durability, and scalability. |
AWS shared responsibility model | In the AWS shared responsibility model, "Configuration management" is an example of a shared control between AWS and the customer. This means that both AWS and the customer have responsibilities in ensuring the effective management of configuration settings for the infrastructure and services used. |
AWS shared responsibility model | AWS is responsible for the configuration management of the infrastructure that runs all of the services offered in the AWS Cloud. This includes the configuration of hardware, network infrastructure, and the facilities that host cloud services. |
AWS shared responsibility model | The customer is responsible for the configuration management of their software and applications, including the AWS services they utilize (like EC2 instances, S3 buckets, etc.). This involves setting up and managing the operating system, network and firewall configurations, and other application software settings within their AWS environment. |
AWS Shield | This service provides protection against DDoS attacks for applications running on AWS. AWS Shield offers always-on detection and automatic inline mitigations that minimize application downtime and latency. There are two tiers of AWS Shield - Standard and Advanced. The Standard tier is automatically enabled for all AWS customers at no additional cost and provides basic DDoS protection. The Advanced tier offers expanded DDoS protection for higher-level needs and includes 24/7 access to the AWS DDoS Response Team. |
AWS Shield | This is a managed Distributed Denial of Service (DDoS) protection service that safeguards applications running on AWS. |
AWS Shield | AWS Shield is a managed DDoS protection service that safeguards applications running on AWS. AWS Shield provides always-on detection and automatic inline mitigations that minimize application downtime and latency, which is essential for defending against DDoS attacks. There are two tiers of AWS Shield - Standard and Advanced. The Standard tier is included with AWS at no additional cost and provides basic protection. The Advanced tier offers enhanced protections for more sophisticated and larger scale DDoS attacks. |
AWS Shield | This service provides protection against DDoS attacks for applications running on AWS. AWS Shield offers always-on detection and automatic inline mitigations that minimize application downtime and latency. There are two tiers of AWS Shield - Standard and Advanced. The Standard tier is automatically enabled for all AWS customers at no additional cost and provides basic DDoS protection. The Advanced tier offers expanded DDoS protection for higher-level needs and includes 24/7 access to the AWS DDoS Response Team. |
AWS Shield | This is a managed Distributed Denial of Service (DDoS) protection service that safeguards applications running on AWS. |
AWS Shield | AWS Shield is a managed DDoS protection service that safeguards applications running on AWS. AWS Shield provides always-on detection and automatic inline mitigations that minimize application downtime and latency, which is essential for defending against DDoS attacks. There are two tiers of AWS Shield - Standard and Advanced. The Standard tier is included with AWS at no additional cost and provides basic protection. The Advanced tier offers enhanced protections for more sophisticated and larger scale DDoS attacks. |
AWS Snowcone | This is a small, rugged, and secure edge computing and data transfer device. It's primarily used for collecting, processing, and moving data to AWS, especially in environments with limited connectivity or space. It's not primarily used for continuous data backup with local caching. |
AWS Snowcone | This is a small, rugged, and secure edge computing and data transfer device. It's primarily used for collecting, processing, and moving data to AWS, especially in environments with limited connectivity or space. It's not primarily used for continuous data backup with local caching. |
AWS Software Development Kit | A. AWS Software Development Kit (SDK) to integrate AWS service features directly into an application. The AWS SDK provides libraries for various programming languages and platforms, allowing developers to interact with AWS services programmatically. |
AWS Software Development Kit | A. AWS Software Development Kit (SDK) to integrate AWS service features directly into an application. The AWS SDK provides libraries for various programming languages and platforms, allowing developers to interact with AWS services programmatically. |
AWS Step Functions | Workflow, Automation, Serverless, Orchestration, AWS |
AWS Step Functions | This service is great for coordinating multiple AWS services into serverless workflows. While it can manage sequences of tasks, it's not primarily designed for large-scale batch job processing. |
AWS Step Functions | This service is great for coordinating multiple AWS services into serverless workflows. While it can manage sequences of tasks, it's not primarily designed for large-scale batch job processing. |
AWS Storage Gateway | Hybrid, Storage, On-premises, Cloud, Integration |
AWS Storage Gateway | "Bridge between on-premise data and cloud data in S3 • Hybrid storage service to allow onpremises to seamlessly use the AWS Cloud" |
AWS Storage Gateway | AWS Storage Gateway is a hybrid cloud storage service that gives you on-premises access to virtually unlimited cloud storage. Storage Gateway provides a standard set of storage protocols such as iSCSI, SMB, and NFS, which allow you to use AWS storage without rewriting your existing applications. |
AWS Storage Gateway | This service connects an on-premises software appliance with cloud-based storage. While it could be used to store data and sync it later with AWS, it's not specifically designed for environments with intermittent connectivity and doesn't inherently support local data processing. |
AWS Storage Gateway | This service is designed to seamlessly integrate on-premises environments with cloud storage. AWS Storage Gateway provides a set of solutions that enable local caching of data, which can then be synchronized with cloud storage. It supports different types of storage interfaces such as file, volume, and tape, which makes it suitable for a variety of use cases including data backup and archival. |
AWS Storage Gateway | "Bridge between on-premise data and cloud data in S3 • Hybrid storage service to allow onpremises to seamlessly use the AWS Cloud" |
AWS Storage Gateway | AWS Storage Gateway is a hybrid cloud storage service that gives you on-premises access to virtually unlimited cloud storage. Storage Gateway provides a standard set of storage protocols such as iSCSI, SMB, and NFS, which allow you to use AWS storage without rewriting your existing applications. |
AWS Storage Gateway | This service connects an on-premises software appliance with cloud-based storage. While it could be used to store data and sync it later with AWS, it's not specifically designed for environments with intermittent connectivity and doesn't inherently support local data processing. |
AWS Storage Gateway | This service is designed to seamlessly integrate on-premises environments with cloud storage. AWS Storage Gateway provides a set of solutions that enable local caching of data, which can then be synchronized with cloud storage. It supports different types of storage interfaces such as file, volume, and tape, which makes it suitable for a variety of use cases including data backup and archival. |
AWS Storage Gateway file gateway | "AWS Storage Gateway: Connect [on premises] with [AWS S3] file gateway:one of the AWS Storage Gateway's interface" AWS Storage Gateway is a hybrid storage service |
AWS Storage Gateway file gateway | "AWS Storage Gateway: Connect [on premises] with [AWS S3] file gateway:one of the AWS Storage Gateway's interface" AWS Storage Gateway is a hybrid storage service |
AWS Support | While AWS Support provides assistance and guidance on AWS services, it does not directly involve engaging third-party consultants for extended support and maintenance. |
AWS Support | While AWS Support provides assistance and guidance on AWS services, it does not directly involve engaging third-party consultants for extended support and maintenance. |
AWS Systems Manager | Management, Automation, Systems, Control, AWS |
AWS Systems Manager | This service provides visibility and control of your AWS infrastructure. It is not used for defining and provisioning resources with programming languages. |
AWS Systems Manager | This service provides visibility and control of your AWS infrastructure, but it is not a repository for AWS compliance documents. |
AWS Systems Manager | This service is used for visibility and control of the AWS infrastructure, but it doesn't provide information on the general health of AWS services. |
AWS Systems Manager | This service provides visibility and control of your AWS infrastructure. It is not used for defining and provisioning resources with programming languages. |
AWS Systems Manager | This service provides visibility and control of your AWS infrastructure, but it is not a repository for AWS compliance documents. |
AWS Systems Manager | This service is used for visibility and control of the AWS infrastructure, but it doesn't provide information on the general health of AWS services. |
AWS Systems Manager Parameter Store | AWS Systems Manager provides a centralized store to manage your configuration data, whether plain-text data such as database strings or secrets such as passwords. This allows you to separate your secrets and configuration data from your code. "Parameter Store, a capability of AWS Systems Manager, provides secure, hierarchical storage for configuration data management and secrets management. You can store data such as passwords, database strings, Amazon Machine Image (AMI) IDs, and license codes as parameter values." Reference: https://docs.aws.amazon.com/systems-manager/latest/userguide/systems-manager-parameter-store.html |
AWS Systems Manager Parameter Store | AWS Systems Manager provides a centralized store to manage your configuration data, whether plain-text data such as database strings or secrets such as passwords. This allows you to separate your secrets and configuration data from your code. "Parameter Store, a capability of AWS Systems Manager, provides secure, hierarchical storage for configuration data management and secrets management. You can store data such as passwords, database strings, Amazon Machine Image (AMI) IDs, and license codes as parameter values." Reference: https://docs.aws.amazon.com/systems-manager/latest/userguide/systems-manager-parameter-store.html |
AWS Transfer for SFTP | File Transfer, SFTP, Secure, AWS, Integration |
AWS Transit Gateway | Networking, Interconnect, Scalability, VPC, Simplify |
AWS Transit Gateway | AWS Transit Gateway connects your Amazon Virtual Private Clouds (VPCs) and on-premises networks through a central hub. This connection simplifies your network and puts an end to complex peering relationships. Transit Gateway acts as a highly scalable cloud router—each new connection is made only once. |
AWS Transit Gateway | AWS Transit Gateway connects your Amazon Virtual Private Clouds (VPCs) and on-premises networks through a central hub. This connection simplifies your network and puts an end to complex peering relationships. Transit Gateway acts as a highly scalable cloud router—each new connection is made only once. |
AWS Trusted Advisor | Optimization, Best Practices, Guidance, AWS, Resources |
AWS Trusted Advisor | Benefits of Trusted Advisor: • Cost optimization - Trusted Advisor can help you save cost with actionable recommendations by analyzing usage, configuration and spend. • Performance - Trusted Advisor can help improve the performance of your services with actionable recommendations by analyzing usage and configuration. • Security - Trusted Advisor can help improve the security of your AWS environment by suggesting foundational security best practices curated by security experts. • Fault tolerance - Trusted Advisor can help improve the reliability of your services. • Service quotas - Service quotas are the maximum number of resources that you can create in an AWS account. Reference: https://aws.amazon.com/premiumsupport/technology/trusted-advisor/ |
AWS Trusted Advisor | Analyze your AWS accounts and provides recommendation on 5 categories • Cost optimization • Performance • Security • Fault tolerance • Service limits |
AWS Trusted Advisor | ** AWS Step Functions:** Step Functions is a serverless function orchestrator that allows you to coordinate multiple AWS services into serverless workflows. It helps in creating loosely coupled, flexible systems by defining workflows that connect various services. |
AWS Trusted Advisor | While this tool provides recommendations to reduce cost, improve performance, and enhance security, it does not offer a detailed analysis of on-premises environments for migration planning. |
AWS Trusted Advisor | Trusted Advisor provides recommendations to optimize AWS resources for cost, performance, security, and fault tolerance, but it does not support account creation, SCPs application, or billing consolidation. |
AWS Trusted Advisor | Trusted Advisor offers recommendations for optimizing AWS infrastructure for cost, performance, security, and fault tolerance, but it doesn't specifically report on the operational health of AWS services. |
AWS Trusted Advisor | Benefits of Trusted Advisor: • Cost optimization - Trusted Advisor can help you save cost with actionable recommendations by analyzing usage, configuration and spend. • Performance - Trusted Advisor can help improve the performance of your services with actionable recommendations by analyzing usage and configuration. • Security - Trusted Advisor can help improve the security of your AWS environment by suggesting foundational security best practices curated by security experts. • Fault tolerance - Trusted Advisor can help improve the reliability of your services. • Service quotas - Service quotas are the maximum number of resources that you can create in an AWS account. Reference: https://aws.amazon.com/premiumsupport/technology/trusted-advisor/ |
AWS Trusted Advisor | Analyze your AWS accounts and provides recommendation on 5 categories • Cost optimization • Performance • Security • Fault tolerance • Service limits |
AWS Trusted Advisor | ** AWS Step Functions:** Step Functions is a serverless function orchestrator that allows you to coordinate multiple AWS services into serverless workflows. It helps in creating loosely coupled, flexible systems by defining workflows that connect various services. |
AWS Trusted Advisor | While this tool provides recommendations to reduce cost, improve performance, and enhance security, it does not offer a detailed analysis of on-premises environments for migration planning. |
AWS Trusted Advisor | Trusted Advisor provides recommendations to optimize AWS resources for cost, performance, security, and fault tolerance, but it does not support account creation, SCPs application, or billing consolidation. |
AWS Trusted Advisor | Trusted Advisor offers recommendations for optimizing AWS infrastructure for cost, performance, security, and fault tolerance, but it doesn't specifically report on the operational health of AWS services. |
AWS Trusted Advisor: | AWS Trusted Advisor is a service that analyzes your AWS environment and provides recommendations for saving money, improving system performance, and closing security gaps. It includes checks for common misconfigurations in security groups, such as open ports to the internet, which could pose a security risk. Trusted Advisor can alert you to these potential vulnerabilities, helping you ensure that your security groups are configured properly. |
AWS Trusted Advisor: | AWS Trusted Advisor is a service that analyzes your AWS environment and provides recommendations for saving money, improving system performance, and closing security gaps. It includes checks for common misconfigurations in security groups, such as open ports to the internet, which could pose a security risk. Trusted Advisor can alert you to these potential vulnerabilities, helping you ensure that your security groups are configured properly. |
AWS VPN | AWS VPN allows you to establish a secure and private tunnel from your network or device to the AWS global network. This service enables you to extend your on-premises networks to the AWS cloud over the internet in a secure manner. |
AWS VPN | AWS VPN allows you to establish a secure and private tunnel from your network or device to the AWS global network. This service enables you to extend your on-premises networks to the AWS cloud over the internet in a secure manner. |
AWS WAF | Web Application Firewall, Security, Rules, Protection, AWS |
AWS WAF | Confusion will come to choose between WAF or Shield. but all common web attack patterns (XSS, SQL Injection, etc...) dealt by WAF, special cases which can't be handled by WAF - will be handled by Shield primarily DDoS AWS WAF helps you protect against common web exploits and bots that can affect availability, compromise security, or consume excessive resources. https://aws.amazon.com/waf/ AWS WAF allows you to create custom rules to block SQL injection attempts. Create a WebACL: Go to AWS WAF dashboard and create a new WebACL. Add a Rule: Inside the WebACL, add a new rule. SQLi Filter: Choose the rule type to look for SQLi patterns. AWS WAF has built-in SQLi filters. Attach Resources: Attach the WebACL to a resource, such as an Application Load Balancer, Amazon CloudFront distribution, or an API Gateway. Deploy: Save and deploy the WebACL. |
AWS WAF | AWS WAF is a web application firewall that helps protect web applications from attacks by allowing you to configure rules that allow, block, or monitor (count) web requests based on conditions that you define. These conditions include IP addresses, HTTP headers, HTTP body, URI strings, SQL injection and cross-site scripting. References: https://aws.amazon.com/waf/faqs/ |
AWS WAF | "AWS WAF is a web application firewall that helps protect web applications from attacks by allowing you to configure rules that allow, block, or monitor (count) web requests based on conditions that you define. These conditions include IP addresses, HTTP headers, HTTP body, URI strings, SQL injection and cross-site scripting." References: https://aws.amazon.com/waf/faqs/ |
AWS WAF | Confusion will come to choose between WAF or Shield. but all common web attack patterns (XSS, SQL Injection, etc...) dealt by WAF, special cases which can't be handled by WAF - will be handled by Shield primarily DDoS AWS WAF helps you protect against common web exploits and bots that can affect availability, compromise security, or consume excessive resources. https://aws.amazon.com/waf/ AWS WAF allows you to create custom rules to block SQL injection attempts. Create a WebACL: Go to AWS WAF dashboard and create a new WebACL. Add a Rule: Inside the WebACL, add a new rule. SQLi Filter: Choose the rule type to look for SQLi patterns. AWS WAF has built-in SQLi filters. Attach Resources: Attach the WebACL to a resource, such as an Application Load Balancer, Amazon CloudFront distribution, or an API Gateway. Deploy: Save and deploy the WebACL. |
AWS WAF | AWS WAF is a web application firewall that helps protect web applications from attacks by allowing you to configure rules that allow, block, or monitor (count) web requests based on conditions that you define. These conditions include IP addresses, HTTP headers, HTTP body, URI strings, SQL injection and cross-site scripting. References: https://aws.amazon.com/waf/faqs/ |
AWS WAF | "AWS WAF is a web application firewall that helps protect web applications from attacks by allowing you to configure rules that allow, block, or monitor (count) web requests based on conditions that you define. These conditions include IP addresses, HTTP headers, HTTP body, URI strings, SQL injection and cross-site scripting." References: https://aws.amazon.com/waf/faqs/ |
AWS WAF (Web Application Firewall) | AWS WAF helps protect web applications or APIs against common web exploits. While AWS WAF is an important component of a comprehensive security strategy, it does not handle the management of VPC security groups. |
AWS WAF (Web Application Firewall) | AWS WAF helps protect web applications or APIs against common web exploits. While AWS WAF is an important component of a comprehensive security strategy, it does not handle the management of VPC security groups. |
AWS Wavelength | 5G, Edge Computing, Low-latency, Mobile, AWS |
AWS Web Application Firewall (AWS WAF) | AWS WAF helps protect web applications from common web exploits, but its primary focus is not on mitigating DDoS attacks. |
AWS Web Application Firewall (AWS WAF) | AWS WAF helps protect web applications from common web exploits, but its primary focus is not on mitigating DDoS attacks. |
AWS Well-Architected Framework | 1. Operational Excellence 2. Security 3. Reliability 4. Performance Efficiency AWS Well-Architected helps cloud architects build secure, high-performing, resilient, and efficient infrastructure for a variety of applications and workloads. Built around six pillars—operational excellence, security, reliability, performance efficiency, cost optimization, and sustainability. |
AWS Well-Architected Framework | Ability of a system to recover from infrastructure or service disruptions, dynamically acquire computing resources to meet demand, and mitigate disruptions such as misconfigurations or transient network issues. Reliability:The Reliability pillar focuses on ensuring a system's ability to prevent, and quickly recover from, failures to meet business and customer demand. Key topics include foundational elements like setup, cross-project requirements, recovery planning, and how to handle change. It emphasizes the importance of being able to dynamically acquire resources as needed, automatically recover from failure, and manage the dynamic demands of the workload. |
AWS Well-Architected Framework | **Perform operations as code.** - Automating operations with code helps ensure consistency and reduces the risk of human error, contributing to the reliability of systems. **Automatically recover from failure.** - Designing systems that can detect and correct failures automatically is crucial for maintaining reliability. This includes the use of self-healing mechanisms and failover strategies to ensure continuous operation. |
AWS Well-Architected Framework | The AWS Well-Architected Framework provides a consistent approach for customers and partners to evaluate architectures and implement designs that will scale over time. It consists of five pillars — Operational Excellence, Security, Reliability, Performance Efficiency, and Cost Optimization. This framework helps cloud architects build secure, high-performing, resilient, and efficient infrastructure for their applications and workloads. By adhering to the principles of the Well-Architected Framework, the company can ensure they are making the most of the cloud and that their AWS environment is optimized, secure, and efficient. |
AWS Well-Architected Framework | 1. Operational Excellence 2. Security 3. Reliability 4. Performance Efficiency AWS Well-Architected helps cloud architects build secure, high-performing, resilient, and efficient infrastructure for a variety of applications and workloads. Built around six pillars—operational excellence, security, reliability, performance efficiency, cost optimization, and sustainability. |
AWS Well-Architected Framework | Ability of a system to recover from infrastructure or service disruptions, dynamically acquire computing resources to meet demand, and mitigate disruptions such as misconfigurations or transient network issues. Reliability:The Reliability pillar focuses on ensuring a system's ability to prevent, and quickly recover from, failures to meet business and customer demand. Key topics include foundational elements like setup, cross-project requirements, recovery planning, and how to handle change. It emphasizes the importance of being able to dynamically acquire resources as needed, automatically recover from failure, and manage the dynamic demands of the workload. |
AWS Well-Architected Framework | **Perform operations as code.** - Automating operations with code helps ensure consistency and reduces the risk of human error, contributing to the reliability of systems. **Automatically recover from failure.** - Designing systems that can detect and correct failures automatically is crucial for maintaining reliability. This includes the use of self-healing mechanisms and failover strategies to ensure continuous operation. |
AWS Well-Architected Framework | The AWS Well-Architected Framework provides a consistent approach for customers and partners to evaluate architectures and implement designs that will scale over time. It consists of five pillars — Operational Excellence, Security, Reliability, Performance Efficiency, and Cost Optimization. This framework helps cloud architects build secure, high-performing, resilient, and efficient infrastructure for their applications and workloads. By adhering to the principles of the Well-Architected Framework, the company can ensure they are making the most of the cloud and that their AWS environment is optimized, secure, and efficient. |
AWS Well-Architected Framework: | AWS Well-Architected Framework: This framework helps cloud architects build secure, high-performing, resilient, and efficient infrastructure for their applications. It focuses more on the architectural best practices than on organizational readiness for cloud adoption |
AWS Well-Architected Framework: | AWS Well-Architected Framework: This framework helps cloud architects build secure, high-performing, resilient, and efficient infrastructure for their applications. It focuses more on the architectural best practices than on organizational readiness for cloud adoption |
AWS X-Ray | Application Analysis, Performance, Debugging, Monitoring, AWS |
Capacity | No Longer Having to Guess What Capacity Will Be Required: AWS provides scalable resources, meaning businesses can adjust their capacity based on actual usage and predicted demand, rather than having to estimate and invest in infrastructure upfront. This reduces the risks of over-provisioning or under-provisioning resources. |
Capacity | No Longer Having to Guess What Capacity Will Be Required: AWS provides scalable resources, meaning businesses can adjust their capacity based on actual usage and predicted demand, rather than having to estimate and invest in infrastructure upfront. This reduces the risks of over-provisioning or under-provisioning resources. |
Cloud Adoption Readiness Tool | This tool is designed to help organizations understand their readiness for adopting cloud computing but does not specifically assist in database migration. |
Cloud Adoption Readiness Tool | This tool is designed to help organizations understand their readiness for adopting cloud computing but does not specifically assist in database migration. |
Cloud computing | 1. Trade fixed expense for variable expense – Instead of having to invest heavily in data centers and servers before you know how you’re going to use them, you can pay only when you consume computing resources, and pay only for how much you consume. 2. Benefit from massive economies of scale – By using cloud computing, you can achieve a lower variable cost than you can get on your own. Because usage from hundreds of thousands of customers is aggregated in the cloud, providers such as AWS can achieve higher economies of scale, which translates into lower pay as-you-go prices. 3. Stop guessing capacity – Eliminate guessing on your infrastructure capacity needs. When you make a capacity decision prior to deploying an application, you often end up either sitting on expensive idle resources or dealing with limited capacity. With cloud computing, these problems go away. You can access as much or as little capacity as you need, and scale up and down as required with only a few minutes’ notice. 4. Increase speed and agility – In a cloud computing environment, new IT resources are only a click away, which means that you reduce the time to make those resources available to your developers from weeks to just minutes. This results in a dramatic increase in agility for the organization, since the cost and time it takes to experiment and develop is significantly lower. 5. Stop spending money running and maintaining data centers – Focus on projects that differentiate your business, not the infrastructure. Cloud computing lets you focus on your own customers, rather than on the heavy lifting of racking, stacking, and powering servers. 6. Go global in minutes – Easily deploy your application in multiple regions around the world with just a few clicks. This means you can provide lower latency and a better experience for your customers at minimal cost. |
Cloud computing | A. Elimination of expenses for running and maintaining data centers. https://docs.aws.amazon.com/whitepapers/latest/aws-overview/six-advantages-of-cloud-computing.html |
Cloud computing | 1 - is reversed benefit "Trade fixed expense for variable expense" thus invalid 2 - speed and agility has nothing to do with economies of scale 4 - "Increased operational costs across data centers" is not a benefit 3 - Benefit from massive economies of scale – By using cloud computing, you can achieve a -------lower variable cost than you can get on your own------. Because usage from hundreds of thousands of customers is aggregated in the cloud, providers such as AWS can achieve higher economies of scale, which translates into lower pay as-you-go prices. https://docs.aws.amazon.com/whitepapers/latest/aws-overview/six-advantages-of-cloud-computing.html |
Cloud computing | The advantage of cloud computing that will specifically meet the requirement of being able to develop, test, and launch an application in the AWS Cloud quickly is: **Increase speed and agility:** Cloud computing provides tools and technologies that enable rapid development and deployment of applications. Resources in the cloud can be quickly provisioned and scaled, allowing companies to be more agile in their development and testing processes. This speed and flexibility significantly reduce the time to market for new applications. |
Cloud computing | 1. Trade fixed expense for variable expense – Instead of having to invest heavily in data centers and servers before you know how you’re going to use them, you can pay only when you consume computing resources, and pay only for how much you consume. 2. Benefit from massive economies of scale – By using cloud computing, you can achieve a lower variable cost than you can get on your own. Because usage from hundreds of thousands of customers is aggregated in the cloud, providers such as AWS can achieve higher economies of scale, which translates into lower pay as-you-go prices. 3. Stop guessing capacity – Eliminate guessing on your infrastructure capacity needs. When you make a capacity decision prior to deploying an application, you often end up either sitting on expensive idle resources or dealing with limited capacity. With cloud computing, these problems go away. You can access as much or as little capacity as you need, and scale up and down as required with only a few minutes’ notice. 4. Increase speed and agility – In a cloud computing environment, new IT resources are only a click away, which means that you reduce the time to make those resources available to your developers from weeks to just minutes. This results in a dramatic increase in agility for the organization, since the cost and time it takes to experiment and develop is significantly lower. 5. Stop spending money running and maintaining data centers – Focus on projects that differentiate your business, not the infrastructure. Cloud computing lets you focus on your own customers, rather than on the heavy lifting of racking, stacking, and powering servers. 6. Go global in minutes – Easily deploy your application in multiple regions around the world with just a few clicks. This means you can provide lower latency and a better experience for your customers at minimal cost. |
Cloud computing | A. Elimination of expenses for running and maintaining data centers. https://docs.aws.amazon.com/whitepapers/latest/aws-overview/six-advantages-of-cloud-computing.html |
Cloud computing | 1 - is reversed benefit "Trade fixed expense for variable expense" thus invalid 2 - speed and agility has nothing to do with economies of scale 4 - "Increased operational costs across data centers" is not a benefit 3 - Benefit from massive economies of scale – By using cloud computing, you can achieve a -------lower variable cost than you can get on your own------. Because usage from hundreds of thousands of customers is aggregated in the cloud, providers such as AWS can achieve higher economies of scale, which translates into lower pay as-you-go prices. https://docs.aws.amazon.com/whitepapers/latest/aws-overview/six-advantages-of-cloud-computing.html |
Cloud computing | The advantage of cloud computing that will specifically meet the requirement of being able to develop, test, and launch an application in the AWS Cloud quickly is: **Increase speed and agility:** Cloud computing provides tools and technologies that enable rapid development and deployment of applications. Resources in the cloud can be quickly provisioned and scaled, allowing companies to be more agile in their development and testing processes. This speed and flexibility significantly reduce the time to market for new applications. |
Cloud fluency | Data architecture => Platform Event management => Operations Cloud fluency => People Strategic partnership => Business https://abhi0751.medium.com/aws-cloud-adoption-framework-aws-caf-a512b89dbcba |
Cloud fluency | Data architecture => Platform Event management => Operations Cloud fluency => People Strategic partnership => Business https://abhi0751.medium.com/aws-cloud-adoption-framework-aws-caf-a512b89dbcba |
Consolidated billing | Consolidated billing allows you to combine multiple AWS accounts and aggregate the usage and spending across those accounts. This simplifies billing and enables you to take advantage of volume discounts, which can lead to cost savings. Each account can still maintain its own resource tagging and pricing options, so it's possible to manage compute workloads in individual accounts as needed. |
Consolidated billing | Consolidated billing is a feature of AWS Organizations that allows you to combine billing for multiple AWS accounts. With consolidated billing, each department can have its own AWS account for tracking and managing its resources separately, while the company enjoys the convenience of a single payment method for all these accounts. This setup makes it easier to track costs and implement chargeback mechanisms. |
Consolidated billing | Consolidated billing allows you to combine multiple AWS accounts and aggregate the usage and spending across those accounts. This simplifies billing and enables you to take advantage of volume discounts, which can lead to cost savings. Each account can still maintain its own resource tagging and pricing options, so it's possible to manage compute workloads in individual accounts as needed. |
Consolidated billing | Consolidated billing is a feature of AWS Organizations that allows you to combine billing for multiple AWS accounts. With consolidated billing, each department can have its own AWS account for tracking and managing its resources separately, while the company enjoys the convenience of a single payment method for all these accounts. This setup makes it easier to track costs and implement chargeback mechanisms. |
Consolidated billing for AWS Cloud services | 1. **Cost Savings**: Aggregates usage across accounts for volume discounts, reducing costs for services like Amazon S3 and EC2. 2. **Simplified Billing**: One bill for all AWS accounts, reducing administrative overhead and easing expense tracking. 3. **Centralized Management**: Central account manages and views expenses across all linked accounts, beneficial for large organizations or multiple client management. 4. **Budget Tracking and Reporting**: Monitors individual account usage and costs with a single combined bill, aiding in cost allocation and budget compliance. 5. **Shared Reserved Instances and Savings Plans**: Discounts from RIs and Savings Plans shared among all accounts, enhancing cost efficiency. 6. **Uninterrupted Service**: Master account handles payments, preventing service disruption due to individual account payment issues. 7. **Customized Allocation Reports**: Utilizes cost allocation tags and detailed reports for insights on resource usage across accounts. 8. **Improved Compliance and Governance**: Streamlines policy and access control application uniformly across accounts. 9. **Volume discounts** 10. **One bill for multiple accounts** |
Consolidated billing for AWS Cloud services | 1. **Cost Savings**: Aggregates usage across accounts for volume discounts, reducing costs for services like Amazon S3 and EC2. 2. **Simplified Billing**: One bill for all AWS accounts, reducing administrative overhead and easing expense tracking. 3. **Centralized Management**: Central account manages and views expenses across all linked accounts, beneficial for large organizations or multiple client management. 4. **Budget Tracking and Reporting**: Monitors individual account usage and costs with a single combined bill, aiding in cost allocation and budget compliance. 5. **Shared Reserved Instances and Savings Plans**: Discounts from RIs and Savings Plans shared among all accounts, enhancing cost efficiency. 6. **Uninterrupted Service**: Master account handles payments, preventing service disruption due to individual account payment issues. 7. **Customized Allocation Reports**: Utilizes cost allocation tags and detailed reports for insights on resource usage across accounts. 8. **Improved Compliance and Governance**: Streamlines policy and access control application uniformly across accounts. 9. **Volume discounts** 10. **One bill for multiple accounts** |
Cost Explorer | While Cost Explorer is useful for visualizing and understanding AWS spending, it doesn't offer account management or governance capabilities. |
Cost Explorer | While Cost Explorer is useful for visualizing and understanding AWS spending, it doesn't offer account management or governance capabilities. |
Data monetization | Data Monetization: This falls under the Business Perspective of the AWS CAF, which focuses on capabilities related to the financial aspects of cloud adoption and the ability to transform data into valuable business insights, products, or services. Data monetization involves strategies to generate measurable economic benefits from available data sources (including cloud-based data), which aligns with business objectives and outcomes. Data Monetization indeed: https://docs.aws.amazon.com/whitepapers/latest/aws-caf-business-perspective/aws-caf-business-perspective.html |
Data monetization | Data Monetization: This falls under the Business Perspective of the AWS CAF, which focuses on capabilities related to the financial aspects of cloud adoption and the ability to transform data into valuable business insights, products, or services. Data monetization involves strategies to generate measurable economic benefits from available data sources (including cloud-based data), which aligns with business objectives and outcomes. Data Monetization indeed: https://docs.aws.amazon.com/whitepapers/latest/aws-caf-business-perspective/aws-caf-business-perspective.html |
Dedicated Hosts | This pricing model provides physical EC2 servers dedicated for your use. While it can offer cost savings for certain use cases, the discounts are not as high as 90%. |
Dedicated Hosts | This pricing model provides physical EC2 servers dedicated for your use. While it can offer cost savings for certain use cases, the discounts are not as high as 90%. |
Dedicated Instances | These instances run on hardware that's dedicated to a single customer and are more expensive than regular instances. They are usually used for regulatory requirements that may not allow multi-tenant virtualization, rather than for cost savings. |
Dedicated Instances | These instances run on hardware that's dedicated to a single customer and are more expensive than regular instances. They are usually used for regulatory requirements that may not allow multi-tenant virtualization, rather than for cost savings. |
Direct Connect | Dedicated, Network, AWS, Connectivity, Reliable |
DynamoDB | NoSQL, Database, Scalable, Fast, AWS |
DynamoDB | DynamoDB implements its encryption in: Data at rest Data in transit DynamoDB : fully managed Data service , encrypts data by default Amazon RDS : encrypts data when user select it Under the AWS Shared Responsibility Model, controlling and managing access to AWS services, including Amazon DynamoDB tables, is a customer responsibility. While AWS takes care of the physical infrastructure, patching, and encryption of data at rest in DynamoDB, customers are responsible for setting up proper access controls, authentication, and authorization to protect their data and resources |
DynamoDB | DynamoDB implements its encryption in: Data at rest Data in transit DynamoDB : fully managed Data service , encrypts data by default Amazon RDS : encrypts data when user select it Under the AWS Shared Responsibility Model, controlling and managing access to AWS services, including Amazon DynamoDB tables, is a customer responsibility. While AWS takes care of the physical infrastructure, patching, and encryption of data at rest in DynamoDB, customers are responsible for setting up proper access controls, authentication, and authorization to protect their data and resources |
EC2 Amazon Machine Images (AMIs) | EC2 Amazon Machine Images (AMIs): AMIs are used to create backups of EC2 instances, and they can be used to launch replacement instances in the event of a disaster or data loss. AMIs are essential for creating recovery points for your EC2 instances. |
EC2 Amazon Machine Images (AMIs) | EC2 Amazon Machine Images (AMIs): AMIs are used to create backups of EC2 instances, and they can be used to launch replacement instances in the event of a disaster or data loss. AMIs are essential for creating recovery points for your EC2 instances. |
EC2 Image Builder | "EC2 Image Builder simplifies the creation, maintenance, validation, sharing, and deployment of Linux or Windows images for use with Amazon EC2 and on-premises." Reference: https://aws.amazon.com/image-builder/faqs/ |
EC2 Image Builder | "EC2 Image Builder simplifies the creation, maintenance, validation, sharing, and deployment of Linux or Windows images for use with Amazon EC2 and on-premises." Reference: https://aws.amazon.com/image-builder/faqs/ |
Edge Location | Content Delivery, Caching, Network, Global, AWS |
Elastic Beanstalk | Application Deployment, Management, PaaS, AWS, Scalable |
Elastic Block Store (EBS) | Block Storage, EC2, Persistent, Scalable, AWS |
Elastic Compute Cloud (EC2) | Compute, Scalable, Cloud, Service, AWS |
Elastic Compute Cloud (EC2) instance | Have the EC2 instance assume a role to obtain the privileges to upload the file. You definitely need a role to access the S3 bucket as best practice! https://repost.aws/knowledge-center/ec2-instance-access-s3-bucket# |
Elastic Compute Cloud (EC2) instance | Patch the physical infrastructure that hosts the EC2 instances. Guest operating system is always responsibility of customer and host of AWS. https://aws.amazon.com/compliance/shared-responsibility-model/ |
Elastic Compute Cloud (EC2) instance | Have the EC2 instance assume a role to obtain the privileges to upload the file. You definitely need a role to access the S3 bucket as best practice! https://repost.aws/knowledge-center/ec2-instance-access-s3-bucket# |
Elastic Compute Cloud (EC2) instance | Patch the physical infrastructure that hosts the EC2 instances. Guest operating system is always responsibility of customer and host of AWS. https://aws.amazon.com/compliance/shared-responsibility-model/ |
Elastic File System (EFS) | File Storage, Scalable, Elastic, AWS, Cloud |
Elastic Load Balancing (ELB) | Load Balancer, Traffic Distribution, Scalable, AWS, High Availability |
Elastic Load Balancing (ELB) | While ELB distributes incoming application traffic across multiple targets, such as Amazon EC2 instances, containers, and IP addresses, it's primarily used for load balancing and not as a CDN. It doesn't inherently provide the global distribution and caching features typical of a CDN. |
Elastic Load Balancing (ELB) | While ELB distributes incoming application traffic across multiple targets, it is not specifically designed to protect against DDoS attacks. |
Elastic Load Balancing (ELB) | While ELB distributes incoming application traffic across multiple targets, such as Amazon EC2 instances, containers, and IP addresses, it's primarily used for load balancing and not as a CDN. It doesn't inherently provide the global distribution and caching features typical of a CDN. |
Elastic Load Balancing (ELB) | While ELB distributes incoming application traffic across multiple targets, it is not specifically designed to protect against DDoS attacks. |
Elasticity | Elasticity is the ability to add and release resources as business needs change. It has nothing to do with pricing. |
Elasticity | While related to rightsizing, elasticity more specifically refers to the ability to scale computing resources up or down automatically, in response to demand, ensuring that the number of active servers matches the current load in real-time. Elasticity is a broader concept than rightsizing, which is more focused on ensuring that individual resources are the correct size and type for their workload. |
Elasticity | Elasticity is the ability to add and release resources as business needs change. It has nothing to do with pricing. |
Elasticity | While related to rightsizing, elasticity more specifically refers to the ability to scale computing resources up or down automatically, in response to demand, ensuring that the number of active servers matches the current load in real-time. Elasticity is a broader concept than rightsizing, which is more focused on ensuring that individual resources are the correct size and type for their workload. |
Global reach | This concept refers to the ability to deploy and manage applications and services across multiple global locations. AWS Compute Optimizer focuses on optimizing individual compute resources rather than managing global deployment. |
Global reach | This concept refers to the ability to deploy and manage applications and services across multiple global locations. AWS Compute Optimizer focuses on optimizing individual compute resources rather than managing global deployment. |
IAM Access Analyzer | IAM Access Analyzer helps identify the resources in your organization and accounts, like Amazon S3 buckets, that are shared with an external entity. It analyzes policies to determine the sharing and accessibility of your resources and alerts you to any unintended external access. This makes it an effective tool for auditing S3 bucket access and ensuring that bucket sharing aligns with the company's intended access policies. |
IAM Access Analyzer | IAM Access Analyzer helps identify the resources in your organization and accounts, like Amazon S3 buckets, that are shared with an external entity. It analyzes policies to determine the sharing and accessibility of your resources and alerts you to any unintended external access. This makes it an effective tool for auditing S3 bucket access and ensuring that bucket sharing aligns with the company's intended access policies. |
IAM credential report | You can use credential reports to assist in your auditing and compliance efforts. You can use the report to audit the effects of credential lifecycle requirements, such as password and access key updates. https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_getting-report.html |
IAM credential report | You can use credential reports to assist in your auditing and compliance efforts. You can use the report to audit the effects of credential lifecycle requirements, such as password and access key updates. https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_getting-report.html |
IAM Instance Profiles | Instance profiles are used to pass role information to an EC2 instance. They are not typically used for managing user permissions. |
IAM Instance Profiles | Instance profiles are used to pass role information to an EC2 instance. They are not typically used for managing user permissions. |
IAM Policies for Individual Users | Directly attaching policies to individual users would create significant operational overhead in a scenario where employees frequently change teams, as it would require constantly updating the permissions for each user. |
IAM Policies for Individual Users | Directly attaching policies to individual users would create significant operational overhead in a scenario where employees frequently change teams, as it would require constantly updating the permissions for each user. |
IAM role | AWS IAM roles provide a set of permissions for secure, temporary access control in AWS, without direct association to specific users. Key features include temporary credentials, secure permission delegation without permanent keys, cross-account resource access, predefined policies, and enhanced security by adhering to the principle of least privilege. |
IAM role | AWS IAM roles provide a set of permissions for secure, temporary access control in AWS, without direct association to specific users. Key features include temporary credentials, secure permission delegation without permanent keys, cross-account resource access, predefined policies, and enhanced security by adhering to the principle of least privilege. |
IAM roles | IAM Roles. Roles are used to allow users or services access to other AWS resources. "You can use roles to delegate access to users, applications, or services that don't normally have access to your AWS resources." Reference: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles.html |
IAM roles | To give an application hosted on Amazon EC2 instances permission to access required AWS services, such as Amazon Simple Notification Service (Amazon SNS) |
IAM roles | IAM (Identity and Access Management) roles are used to define a set of permissions for making AWS service requests. IAM roles do not have long-term credentials and can be assumed by authorized entities, such as AWS EC2 instances. By attaching an IAM role to an EC2 instance, you grant applications running on the instance the necessary permissions to make calls to other AWS services, like Amazon SNS. |
IAM Roles | Using IAM roles is the best approach in this scenario. Roles allow the assignment of permissions that are not directly attached to a single user. Instead, users can assume a role that provides them with the permissions necessary for their current job responsibilities. When an employee changes teams, they can simply be granted permission to assume a different role that aligns with their new responsibilities. This approach reduces operational overhead since it eliminates the need to frequently update individual user permissions. |
IAM roles | IAM Roles. Roles are used to allow users or services access to other AWS resources. "You can use roles to delegate access to users, applications, or services that don't normally have access to your AWS resources." Reference: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles.html |
IAM roles | To give an application hosted on Amazon EC2 instances permission to access required AWS services, such as Amazon Simple Notification Service (Amazon SNS) |
IAM roles | IAM (Identity and Access Management) roles are used to define a set of permissions for making AWS service requests. IAM roles do not have long-term credentials and can be assumed by authorized entities, such as AWS EC2 instances. By attaching an IAM role to an EC2 instance, you grant applications running on the instance the necessary permissions to make calls to other AWS services, like Amazon SNS. |
IAM Roles | Using IAM roles is the best approach in this scenario. Roles allow the assignment of permissions that are not directly attached to a single user. Instead, users can assume a role that provides them with the permissions necessary for their current job responsibilities. When an employee changes teams, they can simply be granted permission to assume a different role that aligns with their new responsibilities. This approach reduces operational overhead since it eliminates the need to frequently update individual user permissions. |
IAM User Groups | While user groups are useful for managing permissions for a set of users with similar responsibilities, they still require updating the group memberships each time a user changes teams. This can be more cumbersome than using roles, especially in a dynamic environment. |
IAM User Groups | While user groups are useful for managing permissions for a set of users with similar responsibilities, they still require updating the group memberships each time a user changes teams. This can be more cumbersome than using roles, especially in a dynamic environment. |
Identity and Access Management (IAM) | Identity, Access, Security, Management, AWS |
inbound data transfer | AWS does not charge for inbound data transfer from the internet to AWS services. This means when you upload or transfer data into the AWS cloud (e.g., uploading files to Amazon S3 or transferring data to Amazon EC2), there is no charge for the data ingress. However, it's important to note that other types of data transfers, such as outbound data transfers to the internet, inter-region transfers, or transfers between availability zones, may incur charges. |
inbound data transfer | AWS does not charge for inbound data transfer from the internet to AWS services. This means when you upload or transfer data into the AWS cloud (e.g., uploading files to Amazon S3 or transferring data to Amazon EC2), there is no charge for the data ingress. However, it's important to note that other types of data transfers, such as outbound data transfers to the internet, inter-region transfers, or transfers between availability zones, may incur charges. |
Lambda | Serverless, Function, Event-driven, Scalable, AWS |
Loosely coupled dependencies | Dependencies such as queuing systems, streaming systems, workflows, and load balancers are loosely coupled. Loose coupling helps isolate behavior of a component from other components that depend on it, increasing resiliency and agility. https://docs.aws.amazon.com/wellarchitected/latest/framework/rel_prevent_interaction_failure_loosely_coupled_system.html |
Loosely coupled dependencies | Dependencies such as queuing systems, streaming systems, workflows, and load balancers are loosely coupled. Loose coupling helps isolate behavior of a component from other components that depend on it, increasing resiliency and agility. https://docs.aws.amazon.com/wellarchitected/latest/framework/rel_prevent_interaction_failure_loosely_coupled_system.html |
Management of the Guest Operating Systems | In the AWS shared responsibility model, AWS is responsible for the security "of" the cloud, meaning the infrastructure that runs all of the services offered in the AWS Cloud. This includes hardware, software, networking, and facilities that support AWS services. Customers, on the other hand, are responsible for security "in" the cloud. This means customers are responsible for managing the guest operating systems (including updates and security patches), as well as other associated application software, and the configuration of AWS provided security group firewalls. |
Management of the Guest Operating Systems | In the AWS shared responsibility model, AWS is responsible for the security "of" the cloud, meaning the infrastructure that runs all of the services offered in the AWS Cloud. This includes hardware, software, networking, and facilities that support AWS services. Customers, on the other hand, are responsible for security "in" the cloud. This means customers are responsible for managing the guest operating systems (including updates and security patches), as well as other associated application software, and the configuration of AWS provided security group firewalls. |
Migration Evaluator (formerly known as AWS TCO Calculator) | This tool is specifically designed to analyze existing on-premises environments and provide detailed reports on the cost benefits and considerations of moving to AWS. It assesses current infrastructure and usage to give a comprehensive view of the cost of running those workloads in the AWS Cloud. This tool helps in making informed decisions about cloud migration by projecting potential cost savings and resource optimizations. |
Migration Evaluator (formerly known as AWS TCO Calculator) | This tool is specifically designed to analyze existing on-premises environments and provide detailed reports on the cost benefits and considerations of moving to AWS. It assesses current infrastructure and usage to give a comprehensive view of the cost of running those workloads in the AWS Cloud. This tool helps in making informed decisions about cloud migration by projecting potential cost savings and resource optimizations. |
Multi-AZ (Availability Zone) | Multi-AZ (Availability Zone) deployments for Amazon RDS provide high availability and automatic failover support for DB instances, making them ideal for critical production environments. In a Multi-AZ deployment, AWS automatically provisions and maintains a synchronous standby replica in a different Availability Zone. In the event of a planned or unplanned outage of your primary DB instance (including DB instance failure, DB instance failover, or Availability Zone failure), Amazon RDS automatically fails over to the standby so that you can resume database operations as soon as the failover is complete. This typically happens within minutes, aligning with the requirement of a recovery time of less than 5 minutes. |
Multi-AZ (Availability Zone) | Multi-AZ (Availability Zone) deployments for Amazon RDS provide high availability and automatic failover support for DB instances, making them ideal for critical production environments. In a Multi-AZ deployment, AWS automatically provisions and maintains a synchronous standby replica in a different Availability Zone. In the event of a planned or unplanned outage of your primary DB instance (including DB instance failure, DB instance failover, or Availability Zone failure), Amazon RDS automatically fails over to the standby so that you can resume database operations as soon as the failover is complete. This typically happens within minutes, aligning with the requirement of a recovery time of less than 5 minutes. |
Multi-factor authentication (MFA) | Turn on multi-factor authentication (MFA) for added security during the login process. Enabling multi-factor authentication (MFA) for user accounts, especially for users with administrative or high-privilege access, is a crucial security best practice. MFA adds an additional layer of security by requiring users to provide two or more verification factors (typically something they know, like a password, and something they have, like a temporary MFA code from a hardware token or mobile app) before gaining access. This significantly reduces the risk of unauthorized access, even if login credentials are compromised. |
Multi-factor authentication (MFA) | This adds an extra layer of security on top of the username and password, making the root account more secure. |
Multi-factor authentication (MFA) | Turn on multi-factor authentication (MFA) for added security during the login process. Enabling multi-factor authentication (MFA) for user accounts, especially for users with administrative or high-privilege access, is a crucial security best practice. MFA adds an additional layer of security by requiring users to provide two or more verification factors (typically something they know, like a password, and something they have, like a temporary MFA code from a hardware token or mobile app) before gaining access. This significantly reduces the risk of unauthorized access, even if login credentials are compromised. |
Multi-factor authentication (MFA) | This adds an extra layer of security on top of the username and password, making the root account more secure. |
Multiple AWS Accounts | Creating multiple AWS accounts, one for each department, is an effective way to segregate resources, manage permissions, and track costs separately. This approach enhances security by limiting the scope of access and impact of changes, and it simplifies the process of attributing costs to the right department. Combined with consolidated billing, it provides both organizational flexibility and centralized financial control. |
Multiple AWS Accounts | Creating multiple AWS accounts, one for each department, is an effective way to segregate resources, manage permissions, and track costs separately. This approach enhances security by limiting the scope of access and impact of changes, and it simplifies the process of attributing costs to the right department. Combined with consolidated billing, it provides both organizational flexibility and centralized financial control. |
Network Access Analyzer | This option does not correspond to an existing AWS service specifically designed to analyze user service usage within a certain date range. |
Network Access Analyzer | This option does not correspond to an existing AWS service specifically designed to analyze user service usage within a certain date range. |
Network ACLs (Access Control Lists) | Network ACLs (Access Control Lists) are stateless firewalls that control traffic at the subnet level. Network ACLs define rules to allow or deny traffic based on source and destination IP addresses, ports, and protocols. |
Network ACLs (Access Control Lists) | Network ACLs (Access Control Lists) are stateless firewalls that control traffic at the subnet level. Network ACLs define rules to allow or deny traffic based on source and destination IP addresses, ports, and protocols. |
Nitro Hypervisor | AWS responsibility “Security of the Cloud” - AWS is responsible for protecting the infrastructure that runs all of the services offered in the AWS Cloud. This infrastructure is composed of the hardware, software, networking, and facilities that run AWS Cloud services. Reference: https://aws.amazon.com/compliance/shared-responsibility-model/ |
Nitro Hypervisor | AWS responsibility “Security of the Cloud” - AWS is responsible for protecting the infrastructure that runs all of the services offered in the AWS Cloud. This infrastructure is composed of the hardware, software, networking, and facilities that run AWS Cloud services. Reference: https://aws.amazon.com/compliance/shared-responsibility-model/ |
On-Demand | Since this service cannot be interrupted. This is why we need On-Demand. D - On-Demand Instances is correct. "On-Demand Instances are recommended for: • Users that prefer the low cost and flexibility of EC2 without any upfront payment or long-term commitment • Applications with short-term, spiky, or unpredictable workloads that cannot be interrupted • Applications being developed or tested on EC2 for the first time" Reference: https://aws.amazon.com/ec2/pricing/ |
On-Demand | This pricing model allows you to pay for compute capacity by the hour or second (minimum of 60 seconds) with no long-term commitments or upfront payments. It is typically the most expensive option on a per-hour basis. |
On-Demand | Since this service cannot be interrupted. This is why we need On-Demand. D - On-Demand Instances is correct. "On-Demand Instances are recommended for: • Users that prefer the low cost and flexibility of EC2 without any upfront payment or long-term commitment • Applications with short-term, spiky, or unpredictable workloads that cannot be interrupted • Applications being developed or tested on EC2 for the first time" Reference: https://aws.amazon.com/ec2/pricing/ |
On-Demand | This pricing model allows you to pay for compute capacity by the hour or second (minimum of 60 seconds) with no long-term commitments or upfront payments. It is typically the most expensive option on a per-hour basis. |
On-Demand Instances | On-Demand Instances – short workload, predictable pricing, pay by second. On Demand (because Spot its uninttruptable, Reserved is expensive for the 1 year or 3 year contract and paying for 3 years to run 24hrs/year job lol) With On-Demand instances, you pay for compute capacity by the hour or the second depending on which instances you run. No longer-term commitments or upfront payments are needed. You can increase or decrease your compute capacity depending on the demands of your application and only pay the specified per hourly rates for the instance you use. Reference: |
On-Demand Instances | Key Sentence " needs to continuously run" - so continuously and most cost effective is On Demand |
On-Demand Instances | These instances are great for short-term, irregular workloads that cannot be interrupted. However, they are the most expensive pricing option per hour. |
On-Demand Instances | For running experimental workloads for a short duration of 3 to 6 months on AWS, the most suitable pricing model would be "D. Use On-Demand Instances." On-Demand Instances offer flexibility and no long-term commitment, allowing you to pay for compute capacity by the hour or second (minimum of 60 seconds), depending on the instances you run. This model is ideal for short-term, irregular workloads that cannot be interrupted, like experimental or developmental workloads, making it a good fit for the company's requirements. |
On-Demand Instances | On-Demand Instances – short workload, predictable pricing, pay by second. On Demand (because Spot its uninttruptable, Reserved is expensive for the 1 year or 3 year contract and paying for 3 years to run 24hrs/year job lol) With On-Demand instances, you pay for compute capacity by the hour or the second depending on which instances you run. No longer-term commitments or upfront payments are needed. You can increase or decrease your compute capacity depending on the demands of your application and only pay the specified per hourly rates for the instance you use. Reference: |
On-Demand Instances | Key Sentence " needs to continuously run" - so continuously and most cost effective is On Demand |
On-Demand Instances | These instances are great for short-term, irregular workloads that cannot be interrupted. However, they are the most expensive pricing option per hour. |
On-Demand Instances | For running experimental workloads for a short duration of 3 to 6 months on AWS, the most suitable pricing model would be "D. Use On-Demand Instances." On-Demand Instances offer flexibility and no long-term commitment, allowing you to pay for compute capacity by the hour or second (minimum of 60 seconds), depending on the instances you run. This model is ideal for short-term, irregular workloads that cannot be interrupted, like experimental or developmental workloads, making it a good fit for the company's requirements. |
Operating System Patches | The customer is responsible for patching the operating system on EC2 instances. AWS provides the infrastructure, but the maintenance of the operating system itself is up to the customer. |
Operating System Patches | The customer is responsible for patching the operating system on EC2 instances. AWS provides the infrastructure, but the maintenance of the operating system itself is up to the customer. |
Operational failures | Learn from all operational failures: Drive improvement through lessons learned from all operational events and failures. Share what is learned across teams and through the entire organization. https://docs.aws.amazon.com/whitepapers/latest/aws-overview/six-advantages-of-cloud-computing.html |
Operational failures | Learn from all operational failures: Drive improvement through lessons learned from all operational events and failures. Share what is learned across teams and through the entire organization. https://docs.aws.amazon.com/whitepapers/latest/aws-overview/six-advantages-of-cloud-computing.html |
Patch management | "AWS is responsible for patching and fixing flaws within the infrastructure, but customers are responsible for patching their guest OS and applications." Reference: https://aws.amazon.com/compliance/shared-responsibility-model/ |
Patch management | "AWS is responsible for patching and fixing flaws within the infrastructure, but customers are responsible for patching their guest OS and applications." Reference: https://aws.amazon.com/compliance/shared-responsibility-model/ |
Pay-As-You-Go Model | This is a significant advantage of AWS Cloud. Customers pay only for the resources they use, without needing long-term commitments or upfront capital expenses. This model offers flexibility and cost-effectiveness, allowing businesses to scale up or down based on demand. |
Pay-As-You-Go Model | This is a significant advantage of AWS Cloud. Customers pay only for the resources they use, without needing long-term commitments or upfront capital expenses. This model offers flexibility and cost-effectiveness, allowing businesses to scale up or down based on demand. |
Pay-as-you-go Pricing | Pay-as-you-go Pricing: Cloud elasticity lets organizations connect their IT spending to current demand. This means they only pay for the resources they use at any given time. |
Pay-as-you-go pricing | |
Pay-as-you-go pricing | Pay-as-you-go pricing is a key benefit of AWS and cloud computing in general, where users pay only for the resources and services they consume, without the need for large upfront investments. This model allows expenses to scale with business needs, offering flexibility and cost-effectiveness. |
Pay-as-you-go Pricing | Pay-as-you-go Pricing: Cloud elasticity lets organizations connect their IT spending to current demand. This means they only pay for the resources they use at any given time. |
Pay-as-you-go pricing | |
Pay-as-you-go pricing | Pay-as-you-go pricing is a key benefit of AWS and cloud computing in general, where users pay only for the resources and services they consume, without the need for large upfront investments. This model allows expenses to scale with business needs, offering flexibility and cost-effectiveness. |
Refactor | Lift and shift—moving applications to the cloud as-is. This is also sometimes referred to as rehosting. Refactor—modifying applications to better support the cloud environment.Replatform—moving applications to the cloud without major changes, but taking advantage of benefits of the cloud environment.Rebuild—rewrite the application from scratch.Replace—retire the application and replace it with a new cloud-native application. |
Refactor | Lift and shift—moving applications to the cloud as-is. This is also sometimes referred to as rehosting. Refactor—modifying applications to better support the cloud environment.Replatform—moving applications to the cloud without major changes, but taking advantage of benefits of the cloud environment.Rebuild—rewrite the application from scratch.Replace—retire the application and replace it with a new cloud-native application. |
Region | Geographical, Data Centers, Availability, AWS, Global |
Relational Database Service (RDS) | Relational, Database, Managed, Scalable, AWS |
Reserved Instances | We can rule out Spot instances since this is a production environment. So the right answers are: C. Reserved Instances: Reserved Instances provide a significant discount (up to 75%) compared to On-Demand pricing in exchange for a one-time upfront payment and/or a lower hourly rate. The more you commit, the greater the discount. |
Reserved Instances | cost savings. because it is predictable, non-interruptable (so non-Spot) and most cost-effective (dedicated & on-demand cost more). |
Reserved Instances | Reserved Instances provide a significant discount (up to 75%) compared to On-Demand pricing and are best suited for use cases with steady-state or predictable usage, like the one described. By committing to a one-year (or three-year) term, you can reduce your computing costs substantially. This aligns well with the requirement of continuous usage for a year. |
Reserved Instances | These provide a significant discount (up to 75%) compared to On-Demand pricing, but require a commitment to a specific instance type in a region for a one-year or three-year term. |
Reserved Instances | Reserved Instances provide a significant discount (up to 75% compared to On-Demand pricing) on EC2 usage when you commit to using the instance for a 1-year or 3-year term. For a long-term, steady-state workload like the one described, Reserved Instances are typically the most cost-effective option. They offer both Standard and Convertible Reserved Instances, with Standard offering the highest discount for a commitment to a specific instance type in a specific region. |
Reserved Instances | We can rule out Spot instances since this is a production environment. So the right answers are: C. Reserved Instances: Reserved Instances provide a significant discount (up to 75%) compared to On-Demand pricing in exchange for a one-time upfront payment and/or a lower hourly rate. The more you commit, the greater the discount. |
Reserved Instances | cost savings. because it is predictable, non-interruptable (so non-Spot) and most cost-effective (dedicated & on-demand cost more). |
Reserved Instances | Reserved Instances provide a significant discount (up to 75%) compared to On-Demand pricing and are best suited for use cases with steady-state or predictable usage, like the one described. By committing to a one-year (or three-year) term, you can reduce your computing costs substantially. This aligns well with the requirement of continuous usage for a year. |
Reserved Instances | These provide a significant discount (up to 75%) compared to On-Demand pricing, but require a commitment to a specific instance type in a region for a one-year or three-year term. |
Reserved Instances | Reserved Instances provide a significant discount (up to 75% compared to On-Demand pricing) on EC2 usage when you commit to using the instance for a 1-year or 3-year term. For a long-term, steady-state workload like the one described, Reserved Instances are typically the most cost-effective option. They offer both Standard and Convertible Reserved Instances, with Standard offering the highest discount for a commitment to a specific instance type in a specific region. |
Resource Elasticity | Resource elasticity in the context of AWS refers to the ability to quickly and efficiently scale computing resources up or down as needed. This matches the demand without over-provisioning or incurring excessive costs, which is a key advantage of cloud computing. |
Resource Elasticity | Resource elasticity in the context of AWS refers to the ability to quickly and efficiently scale computing resources up or down as needed. This matches the demand without over-provisioning or incurring excessive costs, which is a key advantage of cloud computing. |
Rightsizing | Right sizing is the process of matching instance types and sizes to your workload performance and capacity requirements at the lowest possible cost. Ref link: https://aws.amazon.com/aws-cost-management/aws-cost-optimization/rightsizing/#:~: text=Right%20sizing%20is%20the%20process,at%20the%20lowest%20possible%20cost. |
Rightsizing | AWS Compute Optimizer assists in optimizing computing resources for your workloads based on usage patterns. It provides recommendations for ideal compute types and sizes, helping to ensure that you are running your workloads on appropriately sized resources. Rightsizing is about matching the capacity to the actual demand as efficiently as possible, which is exactly what AWS Compute Optimizer aims to facilitate. |
Rightsizing | Right sizing is the process of matching instance types and sizes to your workload performance and capacity requirements at the lowest possible cost. Ref link: https://aws.amazon.com/aws-cost-management/aws-cost-optimization/rightsizing/#:~: text=Right%20sizing%20is%20the%20process,at%20the%20lowest%20possible%20cost. |
Rightsizing | AWS Compute Optimizer assists in optimizing computing resources for your workloads based on usage patterns. It provides recommendations for ideal compute types and sizes, helping to ensure that you are running your workloads on appropriately sized resources. Rightsizing is about matching the capacity to the actual demand as efficiently as possible, which is exactly what AWS Compute Optimizer aims to facilitate. |
Rotate access keys on a reoccurring basis | Rotating access keys regularly is a recommended best practice in AWS security. It involves creating new keys and retiring the old ones periodically. This practice helps in reducing the risk if the keys are accidentally shared or become compromised. By changing keys regularly, you limit the window of opportunity for a compromised key to be used inappropriately. |
Rotate access keys on a reoccurring basis | Rotating access keys regularly is a recommended best practice in AWS security. It involves creating new keys and retiring the old ones periodically. This practice helps in reducing the risk if the keys are accidentally shared or become compromised. By changing keys regularly, you limit the window of opportunity for a compromised key to be used inappropriately. |
Route 53 | DNS, Domain Registration, Traffic Routing, AWS, Scalable |
S3 Glacier | Archiving, Low-cost, Long-term Storage, Data, AWS |
S3 One Zone-Infrequent Access (S3 One Zone-IA) | S3 One Zone-IA is designed for data that is accessed less frequently, but requires rapid access when needed. Unlike other S3 storage classes that store data in multiple Availability Zones (AZs), One Zone-IA stores data in a single AZ and costs less than S3 Standard-IA. This makes it a cost-effective choice for storing infrequently accessed data, especially when the data is not critical or can be recreated, as the data is not resilient to the loss of the single AZ in which it's stored. |
S3 One Zone-Infrequent Access (S3 One Zone-IA) | S3 One Zone-IA is designed for data that is accessed less frequently, but requires rapid access when needed. Unlike other S3 storage classes that store data in multiple Availability Zones (AZs), One Zone-IA stores data in a single AZ and costs less than S3 Standard-IA. This makes it a cost-effective choice for storing infrequently accessed data, especially when the data is not critical or can be recreated, as the data is not resilient to the loss of the single AZ in which it's stored. |
S3 Transfer Acceleration | S3 Transfer Acceleration is a feature that utilizes Amazon CloudFront's globally distributed edge locations to accelerate the upload of objects to an S3 bucket. It optimizes data transfer by using Amazon's backbone network, reducing latency and improving speeds when transferring files over long distances. |
S3 Transfer Acceleration | S3 Transfer Acceleration is a feature that utilizes Amazon CloudFront's globally distributed edge locations to accelerate the upload of objects to an S3 bucket. It optimizes data transfer by using Amazon's backbone network, reducing latency and improving speeds when transferring files over long distances. |
Saving Plans | because it is predictable, non-interruptable (so non-Spot) and most cost-effective (dedicated & on-demand cost more). |
Saving Plans | because it is predictable, non-interruptable (so non-Spot) and most cost-effective (dedicated & on-demand cost more). |
Savings Plans | Savings Plans: Savings Plans offer flexible pricing and savings on your AWS usage, with discounts of up to 72% compared to On-Demand pricing. With Savings Plans, you commit to a certain amount of usage (measured in dollars per hour) for a one- or three-year term, and receive a lower rate for that usage. |
Savings Plans | Savings Plans are a flexible pricing model that offer low prices on EC2 usage, in exchange for a commitment to a consistent amount of usage, measured in dollars per hour, for a term of 1 or 3 years. Savings Plans can reduce your EC2 costs by up to 72% compared to On-Demand prices. Key phrases to support C - Savings Plans: "uninterruptible application" and "usage is expected to continue to grow for years." Savings Plans is a flexible pricing model that can help you reduce your bill by up to 72% compared to On-Demand prices |
Savings Plans | Savings Plans: Savings Plans offer flexible pricing and savings on your AWS usage, with discounts of up to 72% compared to On-Demand pricing. With Savings Plans, you commit to a certain amount of usage (measured in dollars per hour) for a one- or three-year term, and receive a lower rate for that usage. |
Savings Plans | Savings Plans are a flexible pricing model that offer low prices on EC2 usage, in exchange for a commitment to a consistent amount of usage, measured in dollars per hour, for a term of 1 or 3 years. Savings Plans can reduce your EC2 costs by up to 72% compared to On-Demand prices. Key phrases to support C - Savings Plans: "uninterruptible application" and "usage is expected to continue to grow for years." Savings Plans is a flexible pricing model that can help you reduce your bill by up to 72% compared to On-Demand prices |
Scalability | High availability = minimal downtime = recovery quickly from failure. Agility is about how quickly something is deployed. https://aws.amazon.com/marketplace/solutions/infrastructure-software/high-availability |
Scalability | High availability = minimal downtime = recovery quickly from failure. Agility is about how quickly something is deployed. https://aws.amazon.com/marketplace/solutions/infrastructure-software/high-availability |
Security groups | Security groups are stateful firewalls that control inbound and outbound traffic at the instance level. You can configure security groups to allow or deny specific types of network traffic to and from your instances. |
Security groups | |
Security groups | Security groups in AWS act as a virtual firewall for EC2 instances to control inbound and outbound traffic. They allow you to specify the types of traffic that are allowed to reach the instances and the types that can leave the instances. Security groups are associated with EC2 instances and provide a high level of control over the network traffic to and from these instances. |
Security groups | Security Groups: Firewall attached to the EC2 instance |
Security groups | Security groups are stateful firewalls that control inbound and outbound traffic at the instance level. You can configure security groups to allow or deny specific types of network traffic to and from your instances. |
Security groups | |
Security groups | Security groups in AWS act as a virtual firewall for EC2 instances to control inbound and outbound traffic. They allow you to specify the types of traffic that are allowed to reach the instances and the types that can leave the instances. Security groups are associated with EC2 instances and provide a high level of control over the network traffic to and from these instances. |
Security groups | Security Groups: Firewall attached to the EC2 instance |
Security validation | This refers to processes and tools used to ensure that cloud deployments meet security standards and requirements. It is not directly related to what AWS Compute Optimizer does. |
Security validation | This refers to processes and tools used to ensure that cloud deployments meet security standards and requirements. It is not directly related to what AWS Compute Optimizer does. |
Shared Controls | Shared Controls – Controls which apply to both the infrastructure layer and customer layers, but in completely separate contexts or perspectives. In a shared control, AWS provides the requirements for the infrastructure and the customer must provide their own control implementation within their use of AWS services. |
Shared Controls | Shared Controls – Controls which apply to both the infrastructure layer and customer layers, but in completely separate contexts or perspectives. In a shared control, AWS provides the requirements for the infrastructure and the customer must provide their own control implementation within their use of AWS services. |
Shared responsibility model (AWS) | 1. **Infrastructure Security**: AWS is responsible for protecting the infrastructure that runs all of the services offered in the AWS Cloud. This includes hardware, software, networking, and facilities that run AWS Cloud services. 2. **Physical Security of Data Centers**: AWS takes charge of the physical security of its data centers. This encompasses a range of measures like surveillance, security staff, fencing, secure access protocols, and more. 3. **Compute, Storage, Database, and Network Services Security**: AWS handles the security configuration of its managed services like Amazon Elastic Compute Cloud (EC2), Amazon Simple Storage Service (S3), and Amazon Relational Database Service (RDS). 4. **Security Patching of Core Services**: AWS is responsible for patching and fixing flaws in the infrastructure and managed services. This includes updates to the underlying operating system of managed services. 5. **Compliance of Infrastructure**: AWS ensures that its infrastructure is compliant with various standards and regulations, which can include certifications like ISO 27001, SOC 1, SOC 2, PCI DSS, etc. 6. **Isolation of Customer Environments**: AWS is responsible for maintaining separation and isolation between different customer environments within its infrastructure. 7. **Disaster Recovery**: AWS ensures the resilience of its infrastructure by implementing and managing disaster recovery processes and redundancy for its services. 8. **Global Infrastructure Security**: AWS is responsible for the overall security and integrity of its global cloud infrastructure, including regions, availability zones, and edge locations. 9. **Managed Service Security**: For fully managed services like Amazon RDS or AWS Lambda, AWS manages additional layers of security (such as database patching, application scaling, etc.). 10. **Network Infrastructure Security**: AWS secures the networking infrastructure, including routers, switches, and networking protocols. 11. **Identity and Access Control for AWS Services**: AWS is responsible for the security of the technology that powers Identity and Access Management (IAM) within AWS, although customers must manage IAM in their accounts. |
Shared responsibility model (AWS) | 1. **Infrastructure Security**: AWS is responsible for protecting the infrastructure that runs all of the services offered in the AWS Cloud. This includes hardware, software, networking, and facilities that run AWS Cloud services. 2. **Physical Security of Data Centers**: AWS takes charge of the physical security of its data centers. This encompasses a range of measures like surveillance, security staff, fencing, secure access protocols, and more. 3. **Compute, Storage, Database, and Network Services Security**: AWS handles the security configuration of its managed services like Amazon Elastic Compute Cloud (EC2), Amazon Simple Storage Service (S3), and Amazon Relational Database Service (RDS). 4. **Security Patching of Core Services**: AWS is responsible for patching and fixing flaws in the infrastructure and managed services. This includes updates to the underlying operating system of managed services. 5. **Compliance of Infrastructure**: AWS ensures that its infrastructure is compliant with various standards and regulations, which can include certifications like ISO 27001, SOC 1, SOC 2, PCI DSS, etc. 6. **Isolation of Customer Environments**: AWS is responsible for maintaining separation and isolation between different customer environments within its infrastructure. 7. **Disaster Recovery**: AWS ensures the resilience of its infrastructure by implementing and managing disaster recovery processes and redundancy for its services. 8. **Global Infrastructure Security**: AWS is responsible for the overall security and integrity of its global cloud infrastructure, including regions, availability zones, and edge locations. 9. **Managed Service Security**: For fully managed services like Amazon RDS or AWS Lambda, AWS manages additional layers of security (such as database patching, application scaling, etc.). 10. **Network Infrastructure Security**: AWS secures the networking infrastructure, including routers, switches, and networking protocols. 11. **Identity and Access Control for AWS Services**: AWS is responsible for the security of the technology that powers Identity and Access Management (IAM) within AWS, although customers must manage IAM in their accounts. |
Shared responsibility model (Customer) | 1. **Data Security**: Customers are responsible for securing their data. This includes encrypting data, managing keys, and implementing access controls. 2. **Identity and Access Management**: Customers must manage and secure their AWS account credentials. This involves setting up user accounts, roles, and permissions within the AWS environment. 3. **Operating System and Network Configuration**: While AWS manages the underlying infrastructure, customers are responsible for managing the operating system and network configuration of their instances (e.g., EC2 instances). 4. **Application Security**: The security of the applications that customers deploy on AWS is their responsibility. This includes application-level firewall configurations, patch management, and application updates. 5. **Client-Side Security**: Protecting client-side devices accessing AWS services, like ensuring endpoint security and securing data in transit, is a customer responsibility. 6. **Compliance and Audit**: Customers are responsible for understanding the specific regulatory requirements that apply to their business and ensuring that their use of AWS services is compliant. 7. **Data Integrity and Backup**: Customers must implement appropriate data backup strategies to ensure data integrity and recovery in case of loss. 8. **Security Configuration**: AWS provides tools and features for security, but customers are responsible for configuring these features to meet their specific requirements. 9. **Incident Response**: While AWS manages the infrastructure, customers are responsible for responding to incidents within their AWS environments, like security breaches or service interruptions. 10. **Physical Security of Client Devices**: Ensuring the physical security of devices accessing AWS services is a customer responsibility. 11. **Encryption Management**: While AWS offers encryption capabilities, customers must manage and implement these capabilities as per their requirements. 12. **Network Traffic Protection**: Customers are responsible for implementing protection measures for their network traffic within AWS, such as firewall rules and intrusion detection/prevention systems. |
Shared responsibility model (Customer) | 1. **Data Security**: Customers are responsible for securing their data. This includes encrypting data, managing keys, and implementing access controls. 2. **Identity and Access Management**: Customers must manage and secure their AWS account credentials. This involves setting up user accounts, roles, and permissions within the AWS environment. 3. **Operating System and Network Configuration**: While AWS manages the underlying infrastructure, customers are responsible for managing the operating system and network configuration of their instances (e.g., EC2 instances). 4. **Application Security**: The security of the applications that customers deploy on AWS is their responsibility. This includes application-level firewall configurations, patch management, and application updates. 5. **Client-Side Security**: Protecting client-side devices accessing AWS services, like ensuring endpoint security and securing data in transit, is a customer responsibility. 6. **Compliance and Audit**: Customers are responsible for understanding the specific regulatory requirements that apply to their business and ensuring that their use of AWS services is compliant. 7. **Data Integrity and Backup**: Customers must implement appropriate data backup strategies to ensure data integrity and recovery in case of loss. 8. **Security Configuration**: AWS provides tools and features for security, but customers are responsible for configuring these features to meet their specific requirements. 9. **Incident Response**: While AWS manages the infrastructure, customers are responsible for responding to incidents within their AWS environments, like security breaches or service interruptions. 10. **Physical Security of Client Devices**: Ensuring the physical security of devices accessing AWS services is a customer responsibility. 11. **Encryption Management**: While AWS offers encryption capabilities, customers must manage and implement these capabilities as per their requirements. 12. **Network Traffic Protection**: Customers are responsible for implementing protection measures for their network traffic within AWS, such as firewall rules and intrusion detection/prevention systems. |
Simple Storage Service (S3) | Storage, Object, Scalable, Data, AWS |
Six advantages of cloud computing | Trade fixed expense for variable expense – Instead of having to invest heavily in data centers Benefit from massive economies of scale – By using cloud computing, you can achieve a lower variable cost than you can get on your own. Stop guessing capacity – Eliminate guessing on your infrastructure capacity needs. When you make a capacity decision prior to deploying an application, you often end up either sitting on expensive idle resources or dealing with limited capacity. Increase speed and agility – In a cloud computing environment, new IT resources are only a click away, which means that you reduce the time to make those resources available to your developers from weeks to just minutes. Stop spending money running and maintaining data centers – Focus on projects that differentiate your business, not the infrastructure. Go global in minutes – Easily deploy your application in multiple regions around the world with just a few clicks. |
Six advantages of cloud computing | Trade fixed expense for variable expense – Instead of having to invest heavily in data centers Benefit from massive economies of scale – By using cloud computing, you can achieve a lower variable cost than you can get on your own. Stop guessing capacity – Eliminate guessing on your infrastructure capacity needs. When you make a capacity decision prior to deploying an application, you often end up either sitting on expensive idle resources or dealing with limited capacity. Increase speed and agility – In a cloud computing environment, new IT resources are only a click away, which means that you reduce the time to make those resources available to your developers from weeks to just minutes. Stop spending money running and maintaining data centers – Focus on projects that differentiate your business, not the infrastructure. Go global in minutes – Easily deploy your application in multiple regions around the world with just a few clicks. |
Spot Instances | Spot Instances are a good fit for stateless, fault-tolerant workloads that can be interrupted without any impact on the overall job. |
Spot Instances | Spot Instances are a good fit for stateless, fault-tolerant workloads that can be interrupted without any impact on the overall job. Testing can be interrupted and does not need to run continuously. |
Spot Instances | Spot Instances are the most cost-effective option for workloads that can be flexible about when they run. They allow you to use spare Amazon EC2 capacity at a significantly lower price compared to On-Demand Instances. Spot Instances are ideal for workloads like batch processing, data analysis, and machine learning jobs that can be interrupted or scheduled flexibly |
Spot Instances | The pricing model that will interrupt a running Amazon EC2 instance if capacity becomes temporarily unavailable is C. Spot Instances. Spot Instances allow you to request unused EC2 capacity at a potentially lower price than On-Demand Instances. However, these instances can be interrupted by Amazon EC2 with just a two-minute notification if AWS needs the capacity back or the market price exceeds your bid. This feature makes them suitable for flexible and fault-tolerant applications but not ideal for workloads that require uninterrupted running time. |
Spot Instances | Spot Instances allow you to request unused EC2 capacity at significant discounts, up to 90% off the On-Demand price. The availability and pricing of Spot Instances fluctuate based on supply and demand for EC2 capacity. They are suitable for flexible, stateless, fault-tolerant, or time-insensitive tasks, as they can be interrupted by AWS with a two-minute notification if the capacity is needed elsewhere. |
Spot Instances | While Spot Instances can offer up to 90% discount compared to On-Demand pricing, they are best for flexible, stateless, fault-tolerant, or time-insensitive workloads because they can be terminated by AWS with a two-minute warning when AWS needs the capacity back. This makes them unsuitable for stateful, long-term workloads. |
Spot Instances | Spot Instances allow customers to take advantage of unused EC2 capacity in the AWS cloud at a significant discount compared to the On-Demand price. They are ideal for stateless, fault-tolerant, or flexible applications that can withstand interruptions, such as batch processing jobs, background processing tasks, and optional workloads. Spot Instances can provide the cost optimization the company is seeking, especially since their workloads can accommodate the possibility of instances being terminated when AWS needs the capacity back. |
Spot Instances | Spot Instances are a good fit for stateless, fault-tolerant workloads that can be interrupted without any impact on the overall job. |
Spot Instances | Spot Instances are a good fit for stateless, fault-tolerant workloads that can be interrupted without any impact on the overall job. Testing can be interrupted and does not need to run continuously. |
Spot Instances | Spot Instances are the most cost-effective option for workloads that can be flexible about when they run. They allow you to use spare Amazon EC2 capacity at a significantly lower price compared to On-Demand Instances. Spot Instances are ideal for workloads like batch processing, data analysis, and machine learning jobs that can be interrupted or scheduled flexibly |
Spot Instances | The pricing model that will interrupt a running Amazon EC2 instance if capacity becomes temporarily unavailable is C. Spot Instances. Spot Instances allow you to request unused EC2 capacity at a potentially lower price than On-Demand Instances. However, these instances can be interrupted by Amazon EC2 with just a two-minute notification if AWS needs the capacity back or the market price exceeds your bid. This feature makes them suitable for flexible and fault-tolerant applications but not ideal for workloads that require uninterrupted running time. |
Spot Instances | Spot Instances allow you to request unused EC2 capacity at significant discounts, up to 90% off the On-Demand price. The availability and pricing of Spot Instances fluctuate based on supply and demand for EC2 capacity. They are suitable for flexible, stateless, fault-tolerant, or time-insensitive tasks, as they can be interrupted by AWS with a two-minute notification if the capacity is needed elsewhere. |
Spot Instances | While Spot Instances can offer up to 90% discount compared to On-Demand pricing, they are best for flexible, stateless, fault-tolerant, or time-insensitive workloads because they can be terminated by AWS with a two-minute warning when AWS needs the capacity back. This makes them unsuitable for stateful, long-term workloads. |
Spot Instances | Spot Instances allow customers to take advantage of unused EC2 capacity in the AWS cloud at a significant discount compared to the On-Demand price. They are ideal for stateless, fault-tolerant, or flexible applications that can withstand interruptions, such as batch processing jobs, background processing tasks, and optional workloads. Spot Instances can provide the cost optimization the company is seeking, especially since their workloads can accommodate the possibility of instances being terminated when AWS needs the capacity back. |
Support concierge | Users receive access to a support concierge at the "Enterprise Support" level. This level of support typically offers the most comprehensive range of services, including direct access to a dedicated support concierge or team, who can provide personalized assistance and guidance. |
Support concierge | Users receive access to a support concierge at the "Enterprise Support" level. This level of support typically offers the most comprehensive range of services, including direct access to a dedicated support concierge or team, who can provide personalized assistance and guidance. |
The responsibility of AWS when using AWS services | AWS is responsible for maintaining the physical and environmental controls of its data centers, including the security and reliability of the infrastructure. This includes aspects such as power, cooling, and physical security |
The responsibility of AWS when using AWS services | AWS is responsible for maintaining the physical and environmental controls of its data centers, including the security and reliability of the infrastructure. This includes aspects such as power, cooling, and physical security |
Transparent Data Encryption (TDE) | TDE is typically used in databases (like Oracle and SQL Server) to perform real-time I/O encryption and decryption of the data and log files at rest. It is not a method used for encrypting objects within Amazon S3. |
Transparent Data Encryption (TDE) | TDE is typically used in databases (like Oracle and SQL Server) to perform real-time I/O encryption and decryption of the data and log files at rest. It is not a method used for encrypting objects within Amazon S3. |
Versioning | Versioning in Amazon S3 is a means of keeping multiple variants of an object in the same bucket. You can use the S3 Versioning feature to preserve, retrieve, and restore every version of every object stored in your buckets. Versioning-enabled buckets can help you recover objects from accidental deletion or overwrite. For example, if you delete an object, Amazon S3 inserts a delete marker instead of removing the object permanently. https://docs.aws.amazon.com/AmazonS3/latest/userguide/Versioning.html |
Versioning | Versioning in Amazon S3 is a means of keeping multiple variants of an object in the same bucket. You can use the S3 Versioning feature to preserve, retrieve, and restore every version of every object stored in your buckets. Versioning-enabled buckets can help you recover objects from accidental deletion or overwrite. For example, if you delete an object, Amazon S3 inserts a delete marker instead of removing the object permanently. https://docs.aws.amazon.com/AmazonS3/latest/userguide/Versioning.html |
Virtual Private Cloud (VPC) | Networking, Isolated, Customizable, AWS, Secure |
VPC endpoint | VPC endpoints enable private connections between your VPC and AWS services without requiring access over the internet, through a NAT device, a VPN connection, or AWS Direct Connect. VPC endpoints are primarily used for private connections to AWS services and do not provide internet access. |
VPC endpoint | VPC endpoints enable private connections between your VPC and AWS services without requiring access over the internet, through a NAT device, a VPN connection, or AWS Direct Connect. VPC endpoints are primarily used for private connections to AWS services and do not provide internet access. |
VPC Flow Logs | VPC flow logs is a feature that enables you to capture information about the IP traffic going to and from network interfaces in your VPC. Flow logs data can be published to either Amazon CloudWatch Logs or Amazon S3. You can monitor your VPC flow logs to gain operational visibility about your network dependencies and traffic patterns, detect anomalies and prevent data leakage, or troubleshoot network connectivity and configuration issues. https://aws.amazon.com/vpc/faqs/#:~:text=VPC%20flow%20logs%20is%20a,network%20interfaces%20in%20your%20VPC. |
VPC Flow Logs | VPC Flow Logs enable you to capture information about the IP traffic going to and from network interfaces in your VPC. This tool allows for the monitoring of the traffic that is entering and leaving your VPC, which can be vital for security, network troubleshooting, and performance analysis. Flow logs can be published to Amazon CloudWatch Logs and Amazon S3 for further analysis. |
VPC Flow Logs | VPC flow logs is a feature that enables you to capture information about the IP traffic going to and from network interfaces in your VPC. Flow logs data can be published to either Amazon CloudWatch Logs or Amazon S3. You can monitor your VPC flow logs to gain operational visibility about your network dependencies and traffic patterns, detect anomalies and prevent data leakage, or troubleshoot network connectivity and configuration issues. https://aws.amazon.com/vpc/faqs/#:~:text=VPC%20flow%20logs%20is%20a,network%20interfaces%20in%20your%20VPC. |
VPC Flow Logs | VPC Flow Logs enable you to capture information about the IP traffic going to and from network interfaces in your VPC. This tool allows for the monitoring of the traffic that is entering and leaving your VPC, which can be vital for security, network troubleshooting, and performance analysis. Flow logs can be published to Amazon CloudWatch Logs and Amazon S3 for further analysis. |
VPC Internet Gateway | "Connect to the internet using an internet gateway" https://docs.aws.amazon.com/vpc/latest/userguide/VPC_Internet_Gateway.html |
VPC Internet Gateway | "Connect to the internet using an internet gateway" https://docs.aws.amazon.com/vpc/latest/userguide/VPC_Internet_Gateway.html |
Amazon AppStream 2.0 | Amazon AppStream 2.0 is a fully managed application streaming service that allows you to stream desktop applications from AWS to any device with a web browser. It's suitable for providing access to applications without the need to manage full desktop environments. |
Amazon AppStream 2.0 | Amazon AppStream 2.0 is a fully managed application streaming service that allows you to stream desktop applications from AWS to any device with a web browser. It's suitable for providing access to applications without the need to manage full desktop environments. |
Amazon Athena | Query, Serverless, Interactive, Analysis |
Amazon Athena | Amazon Athena is a serverless, interactive analytics service built on open-source frameworks, supporting open-table and file formats. Athena provides a simplified, flexible way to analyze petabytes of data where it lives. Analyze data or build applications from an Amazon Simple Storage Service (S3) data lake and 30 data sources, including on-premises data sources or other cloud systems using SQL or Python. Athena is built on open-source Trino and Presto engines and Apache Spark frameworks, with no provisioning or configuration effort required. |
Amazon Athena | Amazon Athena is a serverless, interactive analytics service built on open-source frameworks, supporting open-table and file formats. Athena provides a simplified, flexible way to analyze petabytes of data where it lives. Analyze data or build applications from an Amazon Simple Storage Service (S3) data lake and 30 data sources, including on-premises data sources or other cloud systems using SQL or Python. Athena is built on open-source Trino and Presto engines and Apache Spark frameworks, with no provisioning or configuration effort required. |
AWS Compute Service | ||||||||||||||||||||||||||||||||||||||||
|
AWS Storage | ||||||||||||||||||||||||||||||||||||||||
|
AWS Database | ||||||||||||||||||||||||||||||||||||||||
|
AWS Networking | ||||||||||||||||||||||||||||||||||||||||
|
AWS Security | ||||||||||||||||||||||||||||||||||||||||
|
AWS Pricing | ||||||||||||||||||||
|
- Get link
- Other Apps
Comments
Post a Comment