Amazon Cognito
A managed service that enables you to handle authentication and aspect of authorization for your custom web and mobile applications through AWS
User directory service for custom applications
Provides UI components for many platforms
Provides security capa
AWS Storage Gateway
is a hybrid storage service that enables your on-premises applications to seamlessly use storage in the AWS Cloud. You can use the service for backup and archiving, disaster recovery, cloud bursting, storage tiering, and migration.Integrates cloud storage
Tape Gateway
Enables tape backup processes to store data in the cloud on virtual tapes. One of storage gateway types
Volume Gateway
Provides cloud based iSCSI volumes to local application. One of storage gateway types
File Gateway
Stores files in Amazon S3 while providing cached low- latency local access. One of storage gateway types
AWS DataSync
Leverages the agent deployed as a VM on your network
Integrates with S3, EFS and FSx for Windows File Server on AWS
Greatly improved speed of transfer due to custom protocol and optimizations
Charged per GB of data transferred
AWS Glue
Fully Managed ETL service on AWS
Supports data in Amazon RDS, DynamoDB, Redshift, and S3
Supports as server less model of execution. Processing Data Method
Amazon EMR
Big-data cloud processing on Amazon EC2 and S3
Supports popular open-source frameworks and tools
Operates in a clustered environment without additional configuration
Supports many different big-data use cases. Apache spark, hive link, base, hudi and prest
AWS Data pipeline
Data workflow orchestration service across AWS services
Managed ETL service on AWS
Supports S3, EMR, Redshift, DynamoDB, and RDS. Processing Data Method
Amazon Athena
Fully managed server less service
Enables query of large scale data within Amazon S3. Data lake approach
Query are written using standard SQL
Charged based on data scanned for query. Analyzing data method
Amazon QuickSight
is a fast, cloud-powered business analytics service that makes it easy to
build visualizations, perform ad-hoc analysis, and quickly get business insights from your
data. Fully managed BI service
Enables dynamic data dashboard based on data stored in AWS
Amazon Cloudsearch
Fully managed search service on AWS
Support scaling of search infrastructure to meet demand
Charged per hour and instance type of search infrastructure
Enables developers to integrate search into custom applications. Analyzing data method
Amazon Rekognition
Computer vision service powered by ML
Fully managed image and video recognition deep learning service
Identifies objects in images
Identifies objects and actions in videos
Can detect specific people using facial analysis
Supports custom labels for your bu
Amazon Translate
Text translation service powered by ML
Currently supports 54 languages
Can perform language identification
Work both in batch and real-time
Amazon Transcribe
speech to text solution using ML
recorded speech is converted into text into custom applications
Includes a specific sub service for medical use
Supports batch and real time transcription
Currently supports 31 languages
Backup and Restore
copies selected files or the contents of an entire storage medium to another storage location.Production data is backed up into Amazon S3
Data can be stored in either standard or archival storage classes
EBS data can be stored as snapshots in Amazon S3 al
Pilot Light
Key infrastructure components are kept running in the cloud
Designed to reduce recovery time over the Backup and Restore approach
Does incur the cost of this infrastructure continually running in the cloud
AMI's are prepared for additional systems and can
Warm Standby
A scaled down version of the full environment is running in the cloud
Critical systems can be running on less capable instance types
Instance types and other systems can be ramped up for disaster recovery event
Does incur cost of this infrastructure conti
Multi Site
Full environment is running in the cloud at all times
Utilizes instances type needed for production not just recovery
Provides a near seamless recovery process
Incurs the most cost over the other approaches
Recovery Time Objective (RTO)
Time it takes to get your systems back up and running to the ideal business state after a disaster recovery event
Recovery Point Objective(RPO)
The amount of data loss (in terms of time) for a production system during a disaster recovery event
Auto Scaling Group
Launch template defines the instance configuration for the group
Defines the minimum, maximum and desired number of instances
Performs health checks on each instance
Exists within 1 or more availability zones in a single region
Works with on demand and sp
AWS Secrets Manager
Secure way to integrate credentials, API, keys, tokens and other secret content
Integrates natively with RDS, DocumentDB and Redshift
Can auto rotate credentials with integrated services
Enables fine grained access control to secrets
Security Groups
Security in Amazon VPC.Enables firewall like controls for resources within the VPC
Serve as a firewall for your EC2 instances
Control inbound and outbound traffic
Works at the instance level
EC2 instances can belong to multiple security groups
VPC's have
Network ACL's
Controls inbound and outbound traffic for subnets within the VPC
Works at the subnet level with a VPC
Enables you to allow and deny traffic
Each VPC has a default ACL that allows all inbound and outbound traffic
Custom ACL's deny all traffic until rules a
AWS VPN
Secure access to an entire VPC using an encrypted tunnel
Creates an encrypted tunnel into your VPC
Can be used to connect your data center or even individual client machines
Supported in two services: Site-to-site VPN, Client VPN
AWS Shield
Managed DDoS protection service for apps on AWS
Enables on going threat detection and mitigation
2 different service levels: Standard, Advanced. Protecting Infrastructure from Attacks
Amazon Macie
Data protection service powered by ML
Utilized ML to analyze data stored in Amazon S3
It can detect personal information and intellectual property in S3
Provides dashboards that show how the data is being stored and accessed
Enables alerts if it detects a
Amazon Inspector
Automated security assessment service for EC2 instances
Enables scanning of Amazon EC2 instances for security vulnerabilities
Charged by instance per assessment run
2 types of rules packages: Network reachability assessment, Host assessment
AWS Service Catalog
managed catalog of IT services on AWS for an organization
Targeted to serve as an organizational service catalog for the cloud
Can include single server image to multi tier custom applications
Enables organizations to leverage services that meet complianc
AWS Marketplace
Catalog of software to run on AWS from 3rd party providers
Curated catalog of third party solutions for customers to run on AWS
Provides AMI's, CloudFormation stacks, and SaaS based solutions
Enables different pricing options to overcome licensing in the
AWS CodeCommit
a fully-managed source control service that makes it easy for companies to host secure and highly scalable private Git repositories.
AWS CodeBuild
a fully managed build service that compiles source code, runs tests, and produces software packages that are ready to deploy.Fully managed build and continuous integration services on AWS
Don't have to worry about maintaining infrastructure
Charged per mi
AWS CodeDeploy
Service to automate code deployments to EC2 instances
Allows you to deploy reliably and rapidly
Release new features rapidly and avoid downtime during deployment.Managed deployment service for deploying your custom applications
Deploys to Amazon EC2, AWS
AWS CodePipeline
Fully managed continuous delivery service on AWS
Provides the capabilities to automate building, testing, and deploying
Integrates with other developer tools as well as Github
AWS CodeStar
Workflow tool that automates the use of the other developer services
Creates a complete continuous delivery toolchain for a custom application
Provides custom dashboards and configuration in the AWS console
You only are charged for the other services you