toogle sidebar button
  • Compute
    • Amazon EC2
      • what is this
        • web service providing resizable compute capacity
        • provides dedicated virtual servers
        • have remote access via API accessible with SDK written in many languages
      • instances
        • types: memory optimized, compute optimized, storage and I/O optimized, GPU optimized, General Purpose
        • sizes: from Micro to x8 large
        • Amazon Machine Image (AMI) - allows to choose O/S, type, version, can create and manage own AMIs
    • Amazon EC2 Container Service ECS
      • build on top of EC2
      • supports building Docker based image clusters
      • allows to manipulate containers with API that allows:
        • launch / stop containers
        • check container status
        • access and manipulate features like: security groups, Elastic Load Balancing (ELB), EBS volumes, IAM roles
      • manage placement containers across the cluster
      • integrates own or thirdparty schedulers
      • no addiotional charge for EC2
    • AWS Lambda - event driven task compute service
      • no need to maintain addiotnal servers
      • only pay for computation
    • Auto Scalling - automatically scale Amazon EC2 capacity up or down
    • Elastic Load Balancing ELB - automatically distribute traffic across multiple Amazon EC2 instances
  • Storage
    • Amazon S3 - internet scale storage via API; cheap, high durability, high latency; object store that cannot be modified, dedicated for serving static flies like images and videos, backups, storing files for Hadoop for analysis; stored in one of several AWS Regions
    • Amazon Elastic Block Storage (EBS) - block storage for use with Amazon EC2; behaves like hard drive, can be modified, replicated in AZ
      • features
        • can store from 1GB to 16 Tb per volume
        • can create partitions format, boot OS
        • suite for apps that require DB, file system or block level storage
      • durability and backup
        • automatic replication across AZs
        • can snapshot be backed-up to S3
      • I/O provisioning - can scale up by provisioning specific level I/O performance
      • types
        • standard - bursty I/O workloads like O/S boot partitions
        • provisoned IOPS - I/O intense workloads like DBs
        • general puropse - moderate workloads like small DBs
    • Amazon Glacier - storage for archiving and backup; low cost, performance not critical
    • AWS Storage Gateway - allows to securely connect external services to AWS storage; examples: connects an on-premises software apps with cloud-based storage, securely upload data to AWS Cloud, backup data on the AWS, mirror on-premises data
    • AWS Import/Export Snowball - petabyte-scale data transport to/from AWS, low cost, secured with encryption
      • use cases
        • cloud migration
        • DR
        • Data Center decomission
        • Content Distribution
    • Amazon CloudFront - global CDN that integrates with other Amazon services
      • can deliver static / dynamic / streaming and interactive content
      • delivers content using global network of edge locations
      • no long term contract commitment
  • Database
    • Amazon Relational Database (RDS) - managed relational database service; available: MySQL, Oracle, Postgres, MsSQL
    • Amazon RDS For Aurora - newest MySQL compatibile relational DB engine
    • Amazon DynamoDB - managed NoSQL DB service
    • Amazon ElastiCache - in-memory caching service
    • Amazon Database Migration Service (DMS) - allows securelly migrate data to and from supportd DBs
      • supports homogenous migrations like Orale -> Oracle
      • supports heterogenous migrations like Postgres -> Oracle
      • stream data from supported sources to Redshift
  • Networking
    • Amazon VPC - private, isolated section of the AWS cloud; define private and public networks and control inbound and outbound traffic
      • control over
        • ip address range
        • public and private subnets
        • network topologies
        • route table and network gateway config
        • control access using NACLs and Security Groups
      • connect VPC to your IT infrastructure with encrypted VPN connection
      • attach an Elastic IP adress - make resources internet accessible
    • AWS Direct Connect - private connectivity between AWS and your data center
    • Amazon Route 53 - DNS web service
  • Security & Identify
    • AWS IAM - manage users, groups, permissions
      • create individual users
      • manage permissions with groups
      • configure a strong password policy
      • enable multifactor authentication (MFA) for priviliged users
      • use IAM roles for EC2 instances, to share access
      • rotate security credentials regularly
      • restrict priviliged access further with conditions
    • AWS Dirrectory Service - connecting existing on premises MS Directory
    • AWS CloudHSM - dedicated hardware security module appliances
    • AWS WAF - web app firewall
  • Monitoring and Usage Auditing
    • AWS CloudWatch - monitor system and custom resources, metrics, displays graphs
    • AWS CloudTrail - records AWS API calls for your account; account audits
    • AWS Config
      • resource inventory configuration history
      • track configuration on the timeline
      • can set up change notifications
  • Analytics
    • Amazon Redshift - fast, powerful, petabyte-scale data warehouse
    • Amazon Elastic MapReduce (EMR) - process large amounts of data, uses Hadoop
    • Amazon Kinesis - real-time data stream processing using SQL language
    • Amazon QuickSight - SPICE (superfast, parallel, in-memory, calculation, engine)
  • Application Services
    • Amazon AppStream - low latency service allowing stream resources to multiple receivers
    • Amazon Simple Queue Service (SQS)
    • Amazon Simple Notification Service (SNS)
    • Amazon Simple Email Service (SES)
    • Amazon CloudSearch
    • Amazon Elastic Transcoder
    • Amazon Gateway
      • hosts REST API to connect backend services
        • AWS Lambda
        • DynamoDB
        • S3
        • Kinesis
      • accept and process 100000 of PAI calls
      • monitors traffic
      • applies authorisation and access control
      • provides monitoring
      • supports API versioning
    • Amazon Simple Queue Service (SQS) - scalable message queuing system
  • Management Services
    • AWS Elastic Beanstalk (PaaS) - templated infrastructure provisioning for devs
      • automate resource management, deploying, scaling services
      • SDK written in JAVA, .Net, PHP, NodeJS, Python Ruby;
      • upload code and AWS EBS automatically handles deployment including: capacity provisioning, LB, auto-scaling, app health monitoring
    • AWS CodeCommit (CI) - private GIT hosting (GIT)
    • AWS CodePipeline (CI) - software release orchestration by building, testing, deploying every time there is a code change (Jenkins)
    • AWS CodeDeploy (CD) - deployment automation, avoid downtimes, handles application updates, coordinates deployments (Nolio)
    • AWS CloudFormation (Infrastructure) - templated AWS Infrastructure provisioning
      • templates in JSON format to deploy and manage
      • allows to create a collection of related AWS resources and provision them in an orderly and predictible fashion
      • for DevOps than for devs
      • templates can be stored in code repository and be versioned (infrastructure as a code)
    • AWS OpsWorks (Infrastructure) - configuration management
      • DevOps framework for app lifecycle management
      • allows to model and manage from LB to DBs
      • using Chef under the hood
      • define app architecture and spec of each component (for example package installation, software configuration, storage)
      • templates can be stored in code repository and be versioned (infrastructure as a code)
    • AWS Config (Infrastructure)
      • resource inventory
      • config history
      • config change notifications
    • AWS Trusted Advisor - helps further reducing costs by inspecting AWS environment and recommends opportunities or eliminates unused and idle resources, provides guidences in the realtime
      • recomendations in the categories
        • cost optimization
        • performance
        • security
        • fault tolerance
  • Mobile Services
    • Amazon Cognito - Amazon Cognito is a simple user identity and data synchronization service that helps you securely manage and synchronize app data for your users across their mobile devices.
    • AWS Device Farm - helps you improve the quality of your Android, Fire OS, and iOS apps by testing them against real phones and tablets in the AWS Cloud.
    • AWS IoT - is a managed cloud service that lets connected devices easily and securely interact with cloud applic¬≠ations and other devices. Supports: HTTP, WebSockets and MQTT ligweight communication protocol
  • Enterprise Applications
    • Amazon WorkSpaces - is a fully managed virtual desktop service in the cloud with strong administrative controls and feedback capabilities.
    • Amazon WorkDocs - is a fully managed, secure enterprise storage and sharing service with strong administrative controls and feedback capabilities that improve user productivity.
    • Amazon WorkMail - is a managed email and calendaring service that offers strong security controls and support for existing desktop and mobile clients.

Resources

  • https://www.cheatography.com/nire0510/cheat-sheets/aws-services/#downloads