Cheat sheet for AWS Certified Solutions Architect - Associate, SAA-C03Short descriptions/definitions of all AWS services included in the SAA-C03 exam, according to the official exam guide. Optimised for Chrome browser. |
||||
|---|---|---|---|---|
|
0
|
Service | Description | ||
|
1
|
Analytics | Amazon Athena | Amazon Athena is a serverless, interactive analytics service. Point to your data lake in Amazon S3, define the schema, and start querying with standard SQL. Removes need for complex ETL jobs to prepare data for analysis. Out of the box integrations with AWS Glue Data Catalog. |
|
|
2
|
AWS Data Exchange | Data marketplace in the cloud, including many third-party data sets. | ||
|
3
|
AWS Data Pipeline | Automate data movement and transformation. AWS Data Pipeline is a web service that helps you reliably process and move data between different AWS compute and storage services, as well as on-premises data sources, at specified intervals. With AWS Data Pipeline, you can regularly access your data where it’s stored, transform and process it at scale, and efficiently transfer the results to AWS services such as Amazon S3, Amazon RDS, Amazon DynamoDB, and Amazon EMR. | ||
|
4
|
Amazon EMR | EMR, originally Elastic Map-Reduce, is used for big data processing. It's a cloud solution for petabyte-scale data processing, interactive analytics, and machine learning. | ||
|
5
|
AWS Glue | AWS Glue - Extract, Transform, Load (ETL). AWS Glue is a serverless data integration service that makes it easier to discover, prepare, move, and integrate data from multiple sources for analytics, machine learning (ML), and application development. | ||
|
6
|
Amazon Kinesis | Amazon Kinesis is for real-time analytics. It cost-effectively processes and analyzes streaming data at any scale as a fully managed service. With Kinesis, you can ingest real-time data, such as video, audio, application logs, website clickstreams, and IoT telemetry data, for machine learning (ML), analytics, and other applications. | ||
|
7
|
AWS Lake Formation | Build, manage, and secure data lakes easily for wide-ranging analytics. | ||
|
8
|
Amazon MSK | Amazon MSK (Amazon Managed Streaming for Apache Kafka) provides real time analytics of streaming data. | ||
|
9
|
Amazon OpenSearch Service (prev Elasticsearch) | Amazon OpenSearch Service (Log and search analytics) makes it easy for you to perform interactive log analytics, real-time application monitoring, website search, and more. | ||
|
10
|
Amazon QuickSight | Build visualizations and deliver insights, interactive dashboards, reports, data exploration. | ||
|
11
|
Amazon Redshift | Data Warehouse tool which uses SQL to analyze structured and semi-structured data across data warehouses, operational databases, and data lakes. | ||
|
12
|
Application Integration | Amazon AppFlow | Automate bi-directional data flows between SaaS applications (like GA, SAP, Salesforce, etc) and AWS services in just a few clicks. Supports data preparation with transformations, partitioning, and aggregation. | |
|
13
|
AWS AppSync | AWS AppSync creates serverless GraphQL (app-to-AWS) and Pub/Sub (AWS-to-app) APIs that simplify application development through a single endpoint to securely query, update, or publish data. | ||
|
14
|
Amazon EventBridge (CloudWatch Events) | Easily build loosely coupled, event-driven architectures to help you deploy new features faster. Create point-to-point integrations between event producers and consumers without needing to write custom code or managing and provisioning servers. Connect AWS services, software-as-a-service (SaaS) applications, and custom applications as event producers to launch workflows. | ||
|
15
|
Amazon MQ | Amazon MQ is a managed message broker service which allows software systems across different programming languages and platforms to communicate and exchange information. | ||
|
16
|
Amazon Simple Notification Service (Amazon SNS) | Amazon SNS sends notifications two ways, A2A and A2P. A2A provides high-throughput, push-based, many-to-many messaging between distributed systems, microservices, and event-driven serverless applications. These applications include Amazon Simple Queue Service (SQS), Amazon Kinesis Data Firehose, AWS Lambda, and other HTTPS endpoints. A2P functionality lets you send messages to your customers with SMS texts, push notifications, and email. | ||
|
17
|
Amazon Simple Queue Service (Amazon SQS) | Amazon SQS lets you send, store, and receive messages between software components at any volume, without losing messages or requiring other services to be available.
|
||
|
18
|
AWS Step Functions | AWS Step Functions is a visual workflow service that helps developers use AWS services to build distributed applications, automate processes, orchestrate microservices, and create data and machine learning (ML) pipelines. | ||
|
19
|
AWS Cost Management | AWS Budgets | AWS Budgets enables setting custom budgets to track costs and usage, as well as alerts that may trigger SNS notifications when thresholds are exceeded. | |
|
20
|
AWS Cost and Usage Report (AWS CUR) | With AWS CUR, you can review, itemize, and organize the most comprehensive cost and usage data for your account. | ||
|
21
|
AWS Cost Explorer | AWS Cost Explorer lets you visualize, understand, and manage your AWS costs and usage over time. | ||
|
22
|
Savings Plans | Savings Plans is a flexible pricing model that can help you reduce your bill by up to 72% compared to On-Demand prices, in exchange for a one- or three-year hourly spend commitment. AWS offers three types of Savings Plans: Compute Savings Plans, EC2 Instance Savings Plans, and Amazon SageMaker Savings Plans. | ||
|
23
|
Compute | AWS Batch | AWS Batch supports running hundreds of thousands of batch and ML computing jobs while optimizing compute resources. | |
|
24
|
Amazon Elastic Compute Cloud (AWS EC2) | Amazon EC2 offers the broadest and deepest compute platform, with over 600 instances and a choice of the latest processor, storage, networking, operating system and purchase model. Use IP 169.254.169.254 to get metadata about running EC2 instances. | ||
|
25
|
Amazon EC2 Auto Scaling | Amazon EC2 Auto Scaling helps you maintain application availability and lets you automatically add or remove EC2 instances using scaling policies that you define. | ||
|
26
|
AWS Elastic Beanstalk | AWS Elastic Beanstalk deploys web applications. Basically a set of predefined configuration templates for AWS Cloudformation. | ||
|
27
|
AWS Outposts | Extend AWS compute, networking, security, and other services on premises for low latency, local data processing, and data residency needs. | ||
|
28
|
AWS Serverless Application Repository | The AWS Serverless Application Repository is a managed repository for third-party shared serverless applications. | ||
|
29
|
VMware Cloud on AWS | VMware Cloud is a managed service that combines compute, network and storage capabilities in a fully supported, ready-to-run service. | ||
|
30
|
AWS Wavelength | AWS Wavelength embeds AWS compute and storage services within 5G networks, providing mobile edge computing infrastructure for developing, deploying, and scaling ultra-low-latency applications. | ||
|
31
|
Containers | Amazon Elastic Container Registry (Amazon ECR) | Amazon ECR is a fully managed container registry which hosts Docker images in a highly available and scalable architecture, to share and deploy containers for applications reliably. Amazon ECR is integrated with Amazon Elastic Container Service (Amazon ECS), Amazon Elastic Kubernetes Service (Amazon EKS), AWS Lambda and IAM, simplifying your development to production workflow. |
|
|
32
|
Amazon Elastic Container Service (Amazon ECS) | Amazon ECS is a fully managed container orchestration service that simplifies the deployment, management, and scaling of containerized applications. Describe your application and the resources required, and Amazon ECS will launch, monitor, and scale your application across flexible compute options with automatic integrations to other supporting AWS services that your application needs. Perform system operations such as creating custom scaling and capacity rules, and observe and query data from application logs and telemetry. | ||
|
33
|
Amazon ECS Anywhere | Amazon Elastic Container Service (ECS) Anywhere is a feature of Amazon ECS that lets you run and manage container workloads on your infrastructure. This feature helps you meet compliance requirements and scale your business without sacrificing your on-premises investments. | ||
|
34
|
Amazon Elastic Kubernetes Service (Amazon EKS) | Amazon EKS is a managed Kubernetes service designed to run in the cloud and in on-premises data centers. In the cloud, Amazon EKS automatically manages the availability and scalability of the Kubernetes control plane nodes responsible for scheduling containers, managing application availability, storing cluster data, and other key tasks. With Amazon EKS, you can take advantage of all the performance, scale, reliability, and availability of AWS infrastructure, as well as integrations with AWS networking and security services. On-premises, EKS provides a consistent, fully-supported Kubernetes solution with integrated tooling and simple deployment to AWS Outposts, virtual machines, or bare metal servers. | ||
|
35
|
Amazon EKS Anywhere | Amazon EKS Anywhere lets you create and operate Kubernetes clusters on your own infrastructure. Amazon EKS Anywhere builds on the strengths of Amazon EKS Distro and provides open-source software that’s up to date and patched so you can have an on-premises Kubernetes environment that’s more reliable than a self-managed Kubernetes offering. | ||
|
36
|
Amazon EKS Distro | Amazon Elastic Kubernetes Service (EKS) uses Amazon EKS Distro, a Kubernetes distribution built and maintained by AWS. Amazon EKS Distro makes it easier to create reliable and secure clusters. | ||
|
37
|
Database | Amazon Aurora | Relational database with unparalleled high performance and availability at global scale with full MySQL and PostgreSQL compatibility. Amazon Aurora provides built-in security, continuous backups, serverless compute, up to 15 read replicas, automated multi-Region replication, and integrations with other AWS services. | |
|
38
|
Amazon Aurora Serverless | Amazon Aurora Serverless is an on-demand, autoscaling configuration for Amazon Aurora. It automatically starts up, shuts down, and scales capacity up or down based on your application's needs. You can run your database in the cloud without managing any database instances. You can also use Aurora Serverless v2 instances along with provisioned instances in your existing or new database clusters. | ||
|
39
|
Amazon DocumentDB | Amazon DocumentDB (with MongoDB compatibility) is a fully managed native JSON document database that makes it easy and cost effective to operate critical document workloads at virtually any scale without managing infrastructure. Amazon DocumentDB simplifies your architecture by providing built-in security best practices, continuous backups, and native integrations with other AWS services. | ||
|
40
|
Amazon DynamoDB | Amazon DynamoDB is a fully managed, serverless, key-value NoSQL database designed to run high-performance applications at any scale. DynamoDB offers built-in security, continuous backups, automated multi-region replication, in-memory caching, and data import and export tools. | ||
|
41
|
Amazon ElastiCache | Amazon ElastiCache is a fully managed, Redis- and MemcacheD-compatible service delivering real-time, cost-optimized performance for modern applications. ElastiCache scales to hundreds of millions of operations per second with microsecond response time, and offers enterprise-grade security and reliability. | ||
|
42
|
Amazon Keyspaces | Amazon Keyspaces for Apache Cassandra enables you to use the Cassandra Query Language (CQL) API code, Cassandra drivers, and developer tools that you already use. Updating applications to use Amazon Keyspaces is as easy as changing the Cassandra hostname to the Amazon Keyspaces service endpoint. | ||
|
43
|
Amazon Neptune | Amazon Neptune is a fully managed database service built for the cloud that makes it easier to build and run graph applications. Neptune provides built-in security, continuous backups, serverless compute, and integrations with other AWS services. | ||
|
44
|
Amazon Quantum Ledger Database (Amazon QLDB) | Amazon QLDB is a fully managed ledger database that provides a transparent, immutable, and cryptographically verifiable transaction log. | ||
|
45
|
Amazon RDS | Amazon RDS (Relational Database Service) is a collection of managed services that makes it simple to set up, operate, and scale databases in the cloud. Choose from seven popular engines — Amazon Aurora with MySQL compatibility, Amazon Aurora with PostgreSQL compatibility, MySQL, MariaDB, PostgreSQL, Oracle, and SQL Server — and deploy on-premises with Amazon RDS on AWS Outposts. RDS Proxy is a managed connection pool for RDS. | ||
|
46
|
Amazon Redshift | Amazon Redshift is a data warehouse tool which uses SQL to analyze structured and semi-structured data across data warehouses, operational databases, and data lakes, using AWS-designed hardware and machine learning to deliver the best price performance at any scale. | ||
|
47
|
Amazon Timestream | Amazon Timestream is a fast, scalable, and serverless time-series database service that makes it easier to store and analyze trillions of events per day up to 1,000 times faster. Amazon Timestream automatically scales up or down to adjust capacity and performance, so that you don’t have to manage the underlying infrastructure. | ||
|
48
|
Developer Tools | AWS X-Ray | AWS X-Ray provides a complete view of requests as they travel through your application and filters visual data across payloads, functions, traces, services, APIs, and more with no-code and low-code motions. | |
|
49
|
AWS Amplify | AWS Amplify is a complete solution that lets frontend web and mobile developers easily build, ship, and host full-stack applications on AWS, with the flexibility to leverage the breadth of AWS services as use cases evolve. No cloud expertise needed. | ||
|
50
|
Amazon API Gateway | Build RESTful APIs optimized for serverless workloads and HTTP backends using HTTP APIs. HTTP APIs are the best choice for building APIs that only require API proxy functionality. If your APIs require API proxy functionality and API management features in a single solution, API Gateway also offers REST APIs. | ||
|
51
|
AWS Device Farm | Run your Selenium tests in parallel on multiple hosted versions of Chrome, Internet Explorer and Firefox. | ||
|
52
|
Amazon Pinpoint | Amazon Pinpoint offers marketers and developers one customizable tool to deliver customer communications across channels, segments, and campaigns at scale. | ||
|
53
|
Machine Learning | Amazon Comprehend | Amazon Comprehend is a natural-language processing (NLP) service that uses machine learning to uncover valuable insights and connections in text. | |
|
54
|
Amazon Forecast | Amazon Forecast is a time-series forecasting service based on machine learning (ML) and built for business metrics analysis. | ||
|
55
|
Amazon Fraud Detector | Amazon Fraud Detector is a fully managed service to identify potentially fraudulent online activities. | ||
|
56
|
Amazon Kendra | Find accurate information faster. Amazon Kendra is an intelligent enterprise search service that helps you search across different content repositories with built-in connectors. | ||
|
57
|
Amazon Lex | Build chatbots and virtual agents. Amazon Lex is a fully managed artificial intelligence (AI) service with advanced natural language models to design, build, test, and deploy conversational interfaces in applications. | ||
|
58
|
Amazon Polly | Give your apps a voice. Amazon Polly uses deep learning technologies to synthesize natural-sounding human speech, and to convert text to speech. Features dozens of voices and a broad set of languages. | ||
|
59
|
Amazon Rekognition | Analyze images and videos. Amazon Rekognition offers pre-trained and customizable computer vision (CV) capabilities to extract information and insights from your images and videos. | ||
|
60
|
Amazon SageMaker | Amazon SageMaker is a fully managed service to build, train, and deploy machine learning (ML) models for any use case with fully managed infrastructure, tools, and workflows. | ||
|
61
|
Amazon Textract | Extract text and data. Amazon Textract is a machine learning service that automatically extracts text, handwriting, and data from scanned documents. It goes beyond simple optical character recognition (OCR) to identify, understand, and extract data from forms and tables. | ||
|
62
|
Amazon Transcribe | Automate speech recognition. Automatically convert speech to text, and extract key business insights from customer calls, video files, clinical conversations, and more. | ||
|
63
|
Amazon Translate | Engage audiences in every language. Amazon Translate is a neural machine translation service that delivers fast, high-quality, affordable, and customizable language translation. | ||
|
64
|
Management and Governance | AWS Auto Scaling | AWS Auto Scaling monitors your applications and automatically adjusts capacity to maintain steady, predictable performance at the lowest possible cost. | |
|
65
|
AWS CloudFormation | AWS CloudFormation lets you model, provision, and manage AWS and third-party resources by treating infrastructure as code. | ||
|
66
|
AWS CloudTrail | AWS CloudTrail monitors and records account activity across your AWS infrastructure, giving you control over storage, analysis, and remediation actions. | ||
|
67
|
Amazon CloudWatch | Amazon CloudWatch collects and visualizes real-time logs, metrics, and event data in automated dashboards to streamline your infrastructure and application maintenance. | ||
|
68
|
AWS Command Line Interface (AWS CLI) | The AWS CLI is a unified tool to manage your AWS services and automate them through scripts. | ||
|
69
|
AWS Compute Optimizer | AWS Compute Optimizer helps avoid overprovisioning and underprovisioning four types of AWS resources based on your utilization data: Amazon EC2 instance types, Amazon EBS volumes, Amazon ECS services on AWS Fargate and AWS Lambda functions. | ||
|
70
|
AWS Config | AWS Config continually assesses, audits, and evaluates the configurations and relationships of your resources on AWS, on premises, and on other clouds. | ||
|
71
|
AWS Control Tower | AWS Control Tower simplifies AWS experiences by orchestrating multiple AWS services on your behalf while maintaining the security and compliance needs of your organization. | ||
|
72
|
AWS License Manager | AWS License Manager makes it easier for you to manage your software licenses from vendors, such as Microsoft, SAP, Oracle, and IBM, across AWS and your on-premises environments. | ||
|
73
|
Amazon Managed Grafana | Amazon Managed Grafana is a fully managed service for Grafana analytics platform that enables you to query, visualize, and alert on your metrics, logs, and traces. | ||
|
74
|
Amazon Managed Service for Prometheus | Amazon Managed Service for Prometheus is a Prometheus-compatible service that monitors and provides alerts on containerized applications and infrastructure at scale. The service is integrated with Amazon Elastic Kubernetes Service (EKS), Amazon Elastic Container Service (ECS), and AWS Distro for OpenTelemetry. | ||
|
75
|
AWS Management Console | Everything you need to access and manage the AWS Cloud in one web interface | ||
|
76
|
AWS Organizations | AWS Organizations lets you create new AWS accounts at no additional charge. With accounts in an organization, you can easily allocate resources, group accounts, and apply governance policies to accounts or groups. | ||
|
77
|
AWS Personal Health Dashboard | The AWS Health Dashboard provides a personalized view of the AWS service status of your applications. | ||
|
78
|
AWS Proton | AWS Proton is a deployment workflow tool (CI/CD) for modern applications that helps platform and DevOps engineers achieve organizational agility. | ||
|
79
|
AWS Service Catalog | AWS Service Catalog allows IT administrators to create, manage, and distribute catalogs of approved products to end users, who can then access the products they need in a personalized portal. AWS Service Catalog provides central management of cloud resources to achieve governance at scale of your infrastructure as code (IaC) templates, written in CloudFormation or Terraform. |
||
|
80
|
AWS Systems Manager | AWS Systems Manager allows you to centralize operational data from multiple AWS services and automate tasks across your resources on AWS, and in multicloud and hybrid environments. | ||
|
81
|
AWS Trusted Advisor | Trusted Advisor analyzes your AWS environment and recommends actions to follow best practices. | ||
|
82
|
AWS Well-Architected Tool | The AWS Well-Architected Tool is designed to help you review the state of your applications and workloads against architectural best practices, identify opportunities for improvement, and track progress over time. | ||
|
83
|
Media Services | Amazon Elastic Transcoder -> MediaConvert (New) | Amazon Elastic Transcoder is media transcoding in the cloud. | |
|
84
|
Amazon Kinesis Video Streams | Collect, process, and analyze video and data streams in real time - at any scale, as a fully managed service. With Kinesis, you can ingest real-time data, such as video, audio, application logs, website clickstreams, and IoT telemetry data, for machine learning (ML), analytics, and other applications. | ||
|
85
|
Migration and Transfer | AWS Application Discovery Service | AWS Application Discovery Service helps you plan cloud migration projects by gathering information about your on-premises data centers. | |
|
86
|
AWS Application Migration Service (CloudEndure Migration) | Application Migration Service is the next generation of CloudEndure Migration. It minimizes time-intensive, error-prone manual processes by automating the conversion of your source servers to run natively on AWS. It also simplifies application modernization with built-in and custom optimization options. | ||
|
87
|
AWS Database Migration Service (AWS DMS) | AWS DMS is a managed migration and replication service for databases and analytics workloads. AWS DMS supports migration between 20-plus database and analytics engines, such as Oracle to Amazon Aurora MySQL-Compatible Edition, MySQL to Amazon Relational Database (RDS) for MySQL, Microsoft SQL Server to Amazon Aurora PostgreSQL-Compatible Edition, MongoDB to Amazon DocumentDB (with MongoDB compatibility), Oracle to Amazon Redshift, and Amazon Simple Storage Service (S3). | ||
|
88
|
AWS DataSync | AWS DataSync is a secure, online service that automates and accelerates moving data between on premises and AWS Storage services. DataSync can copy data between Network File System (NFS) shares, Server Message Block (SMB) shares, Hadoop Distributed File Systems (HDFS), self-managed object storage, AWS Snowcone, Amazon Simple Storage Service (Amazon S3) buckets, Amazon Elastic File System (Amazon EFS) file systems, Amazon FSx for Windows File Server file systems, Amazon FSx for Lustre file systems, Amazon FSz for OpenZFS file systems, and Amazon FSx for NetApp ONTAP file systems. | ||
|
89
|
AWS Migration Hub | AWS Migration Hub provides a central location to collect server and application inventory data for the assessment, planning, and tracking of migrations to AWS. Migration Hub can also help accelerate application modernization following migration. | ||
|
90
|
AWS Server Migration Service (AWS SMS) | Migrate any workload – applications, websites, databases, storage, physical or virtual servers – and even entire data centers from an on-premises environment, hosting facility, or other public cloud to AWS. | ||
|
91
|
AWS Snow Family | Snowcone, Snowball and Snowmobile are purpose-built devices to cost-effectively move petabytes of data, offline. Lease a Snow device to move your data to the cloud. Capacity:
|
||
|
92
|
AWS Transfer Family | AWS Transfer Family securely scales your recurring business-to-business file transfers to AWS Storage services using SFTP, FTPS, FTP, and AS2 protocols. | ||
|
93
|
Networking and Content Delivery | Amazon CloudFront | Amazon CloudFront is a content delivery network (CDN) service built for high performance, security, and developer convenience. | |
|
94
|
AWS Direct Connect | Link on-premises and AWS networks, extend your existing network. Use SiteLink to send data between your locations. | ||
|
95
|
Elastic Load Balancing (ELB) | Elastic Load Balancing (ELB) automatically distributes incoming application traffic across multiple targets in one or more Availability Zones (AZs), but not across Regions.
OSI Layers:
|
||
|
96
|
AWS Global Accelerator | AWS Global Accelerator is a networking service that helps improve the availability, performance, and security of public AWS applications. Global Accelerator provides two global static public IPs that act as a fixed entry point to application endpoints, such as Application Load Balancers, Network Load Balancers, Amazon Elastic Compute Cloud (EC2) instances, and elastic IPs. | ||
|
97
|
AWS PrivateLink | AWS PrivateLink is the feature that powers VPC endpoints. PrivateLink provides private connectivity between virtual private clouds (VPCs), supported AWS services, and your on-premises networks without exposing your traffic to the public internet. Interface VPC endpoints, powered by PrivateLink, connect you to services hosted by AWS Partners and supported solutions available in AWS Marketplace. | ||
|
98
|
Amazon Route 53 | Amazon Route 53 is a highly available and scalable DNS (Domain Name System) service. Route 53 connects user requests to internet applications running on AWS or on-premises, performs health checks of those applications, and can be used for DNS failover. | ||
|
99
|
AWS Transit Gateway | AWS Transit Gateway connects Amazon Virtual Private Clouds (VPCs) and on-premises networks through a central hub - like a highly scalable cloud router. | ||
|
100
|
Virtual Private Cloud (Amazon VPC) | Amazon VPC gives you full control over your virtual networking environment, including resource placement, connectivity, and security. Secure and monitor connections, screen traffic, and restrict instance access inside your virtual network. VPCs can communicate with each other across accounts, Availability Zones, or AWS Regions.
VPC Components
|
||
|
101
|
AWS VPN | AWS Client VPN is used by your remote workforce to securely access resources both on AWS and within your on-premises networks. AWS Site-to-Site VPN creates encrypted connections between your locations (such as data centers and remote offices) and your AWS resources. | ||
|
102
|
Security Identity and Compliance | AWS Artifact | AWS Artifact is a central resource for compliance-related information. It provides on-demand access to security and compliance reports from AWS and ISVs who sell their products on AWS Marketplace. | |
|
103
|
AWS Audit Manager | Continually audit your AWS usage to simplify risk and compliance assessment. Use Audit Manager to map your compliance requirements to AWS usage data with prebuilt and custom frameworks and automated evidence collection. | ||
|
104
|
AWS Certificate Manager ACM | Use AWS Certificate Manager (ACM) to provision, manage, and deploy public and private SSL/TLS certificates for use with AWS services and any internal connected resources. | ||
|
105
|
AWS CloudHSM | HSM = Hardware Security Module. AWS CloudHSM lets you manage and access your keys on FIPS-validated hardware, protected with customer-owned, single-tenant HSM instances that run in your own Virtual Private Cloud (VPC). Compared to AWS KMS, CloudHSM is single-tenant, provides fine-grained control but is also more maintenance-demanding and more costly. FIPS 140-2 Compliance: 3. | ||
|
106
|
Amazon Cognito | Amazon Cognito provides a scalable identity store which can add user sign-up and sign-in features and control access to web and mobile applications. | ||
|
107
|
Amazon Detective | Amazon Detective simplifies the investigative process and helps security teams conduct faster and more effective investigations. | ||
|
108
|
AWS Directory Service | AWS Directory Service for Microsoft Active Directory, also known as AWS Managed Microsoft AD, activates your directory-aware workloads and AWS resources to use managed AD on AWS. | ||
|
109
|
AWS Firewall Manager | AWS Firewall Manager is a security management service that allows you to centrally configure and manage firewall rules across your accounts and applications in AWS Organizations. | ||
|
110
|
Amazon GuardDuty | Amazon GuardDuty is a threat detection service that continuously monitors your AWS accounts and workloads for malicious activity and delivers detailed security findings for visibility and remediation. Expose threats quickly using anomaly detection, ML, behavioral modeling, and threat intelligence feeds from AWS and leading third parties. | ||
|
111
|
AWS Identity and Access Management IAM | With AWS Identity and Access Management (IAM), you can specify who or what can access services and resources in AWS, centrally manage fine-grained permissions, and analyze access to refine permissions across AWS. | ||
|
112
|
Amazon Inspector | Amazon Inspector is an automated vulnerability management service that continually scans AWS workloads for software vulnerabilities and unintended network exposure. | ||
|
113
|
AWS Key Management Service (AWS KMS) | AWS KMS lets you create, manage, and control cryptographic keys across your applications and AWS services. Multi-tenant, and low maintenance, cheaper alternative to Cloud HSM. FIPS 140-2 Compliance: 2 (3 in some ares). | ||
|
114
|
Amazon Macie | Amazon Macie is a data security service that uses machine learning and pattern matching to discover and help protect your sensitive data. | ||
|
114
|
AWS Network Firewall | With AWS Network Firewall, you can define firewall rules that provide fine-grained control over network traffic. | ||
|
116
|
AWS Resource Access Manager (AWS RAM) | AWS RAM helps you securely share your resources across AWS accounts, within your organization or organizational units (OUs), and with IAM roles and users for supported resource types. Examples include sharing VPC subnets and private certificate authorities across accounts. | ||
|
117
|
AWS Secrets Manager | AWS Secrets Manager helps you manage, retrieve, and rotate database credentials, API keys, and other secrets throughout their lifecycles. | ||
|
118
|
AWS Security Hub | AWS Security Hub is a cloud security posture management (CSPM) service that performs security best practice checks, aggregates alerts, and enables automated remediation. | ||
|
119
|
AWS Shield | AWS Shield is a managed DDoS protection service that safeguards applications running on AWS. | ||
|
120
|
AWS IAM Identity Center | AWS IAM Identity Center helps you securely create or connect your workforce identities and manage their access centrally across AWS accounts and applications. For Roles, a permissions policy enables the role to carry out certain tasks on a resource. A trust policy specifies who is allowed to assume the role. Security Token Service is a no-cost extension of IAM, which is used to request temporary, limited-privilege credentials. |
||
|
121
|
AWS WAF | AWS WAF helps you protect against common web exploits like SQL injection and cross-site-scripting. AWS WAF can be deployed on CloudFront, Application Load Balancer (ALB), API Gateway, and AppSync. | ||
|
122
|
Serverless | AWS AppSync | AWS AppSync creates serverless GraphQL and Pub/Sub APIs that simplify application development through a single endpoint to securely query, update, or publish data. | |
|
123
|
AWS Fargate | AWS Fargate is a serverless, pay-as-you-go compute engine that lets you focus on building applications without managing servers. AWS Fargate is compatible with both Amazon Elastic Container Service (Amazon ECS) and Amazon Elastic Kubernetes Service (Amazon EKS). Select any OCI-compliant container image, define memory and compute resources, and run the container with serverless compute. With multiple CPU architectures and operating systems supported, you can enjoy the benefits across a wide variety of applications. | ||
|
124
|
AWS Lambda | AWS Lambda is a serverless, event-driven compute service that lets you run code for virtually any type of application or backend service without provisioning or managing servers. You can trigger Lambda from over 200 AWS services and software as a service (SaaS) applications, and only pay for what you use. | ||
|
125
|
Storage | AWS Backup | AWS Backup is a cost-effective, fully managed, policy-based service that simplifies data protection at scale. | |
|
126
|
Amazon Elastic Block Store (Amazon EBS) | Amazon EBS is an easy-to-use, scalable, high-performance block-storage service designed for Amazon Elastic Compute Cloud (Amazon EC2). Use cases include DAS, SAN, persistent storage for EC2. | ||
|
127
|
Amazon Elastic File System (Amazon EFS) | Amazon EFS automatically grows and shrinks as you add and remove files with no need for management or provisioning. Use cases include network-based file systems, NFS, hybrid access (VPN or Direct Connect) and Linux instances. | ||
|
128
|
Amazon FSx | Scalable, fully managed file systems in the cloud.
Supports four file systems: NetApp ONTAP, OpenZFS, Windows File Server, and Lustre. |
||
|
129
|
Amazon S3 | Amazon Simple Storage Service (Amazon S3) is an object storage service. Stores objects in resources called Buckets, which can be up to 5TB in size, but there are no total limits to the# of objects stored. Designed to provide 99.999999999% durability (11 nines) and up to 99.99% availability. Supports three types of server-side encryption: SSE-S3, SSE-KMS, SSE-C as well as client-side encryption. |
||
|
130
|
Amazon S3 Glacier | The Amazon S3 Glacier storage classes are purpose-built for data archiving, providing you with the highest performance, most retrieval flexibility, and the lowest cost archive storage in the cloud. The S3 Glacier storage classes deliver options for the fastest access to your archive data (milliseconds) and the lowest-cost archive storage in the cloud (12h retrieval). |
||
|
131
|
AWS Storage Gateway | AWS Storage Gateway is a set of hybrid cloud storage services that provide on-premises access to virtually unlimited cloud storage. | ||