Introduction to Security & Architecture on AWS

Introduction to Security & Architecture on AWS - Services List AWS Cloud Practitioner Exam

GuardDuty

Fully managed service that continually monitors your AWS account and resources for potential malicious behavior and anomalies

Quicksight

Fully managed Business Intelligence service for data dashboards

CloudSearch

Managed search service for custom applications

Translate

Text translation service with language detection

Transcribe

Audio transcription service for multiple languages

Glue

Fully managed serverless ETL service

Macie

Fully managed data classification, protection, and monitoring service for S3 data

Inspector

Automated security assessment service for EC2 instances

EMR

Big-data cloud based tool suite using open source tools

CodeCommit

Fully managed source control service using Git

Auto Scaling Group

Collection of EC2 instances grouped together for scaling and management purposes

Marketplace

Data Pipeline

Web service to automate the movement and transformation of data

Athena

Serverless querying of data stored in Amazon S3 using SQL

Artifact

Portal for self-service access to AWS compliance reports and agreements

Rekognition

Computer vision service for object detection in images and video

Identity and Access Management (IAM)

Service for controlling access to AWS resources. This is where you create IAM users, IAM groups, and roles. Policies are attached to identities for permission to access resources.

Cognito

Secure and scalable user authentication, authorization, and management for web and mobile apps

Storage Gateway

Hybrid-cloud storage service that connects on-prem envs to AWS cloud storage

DataSync

Automated data transfer service from local network to AWS

Shield

Managed DDoS protection service for apps on AWS

CodeBuild

Fully-managed build and test CI service

CodeDeploy

Fully-managed service for automation of application deployment across EC2, lambda and on-prem envs

Security Groups

Firewall-like controls for EC2 instances within a VPC that controls inbound and outbound traffic. Instances can have multiple security groups

CodePipeline

Fully-managed end-to-end CI/CD service for automating building, deploying, and testing

Network Access Control Lists (ACL)

Control for inbound and outbound traffic within a subnet in a VPC. Traffic can be allowed or denied based on custom rules

VPN

Service for encrypted tunnel into a VPC for site-to-site or client access

Secrets Manager

Service for managing and storing secrets

Service Catalog

Allows orgs to centrally manage, govern, and distribute approved IT services, applications, and resources as IaC templates

Knowledge Center

Helps answers FAQs and troubleshoot common issues across AWS

Security Hub

Centralized security dashboard to manage security across accounts and automate security checks

Security Blog

Best practices, updates, compliance, tech info

Web Application Firewall

Filter specific requests based on rules protecting web apps from exploits

Firewall Manager

Manage security rules in all accounts of org

Inspector

Automated security assessments, continuous scanning of infras (Lambda, EC2, imgs)

Cert Manager

Provision, manage and deploy SSL/TLS certs

Kineses

Managed service to stream and analyze big data in real time

OpenSearch Service

Managed service that lets you run and scale OpenSearch clusters