Intro to Security & Architecture on AWS - Services List Flashcards
(32 cards)
Service that enables you to continually monitor your resources for adherence to best practices
AWS Config
[COMPLIANCE SERVICES]
Portal that provides self-service access to AWS compliance reports and agreements you may have with AWS
AWS Artifact
[COMPLIANCE SERVICES]
Fully-managed service that continually monitors your AWS account and resources for potential malicious behavior and anomalies
Amazon GuardDuty
[COMPLIANCE SERVICES]
Service that controls access to AWS resources. This is where you create IAM users, IAM groups, and roles. Policies are attached to identities for permission to access resources.
AWS Identity and Access Management (IAM)
[IDENTITY SERVICES]
User directory service for custom applications that can also enable access to AWS resources for your custom applications
Amazon Cognito
[IDENTITY SERVICES]
Hybrid-cloud storage service that enables companies to take advantage of cloud storage on their local networks
AWS Storage Gateway
[DATA SERVICES]
Automated data transfer service that efficiently transfer data from your local network into AWS
AWS DataSync
[DATA SERVICES]
Fully-managed serverless extract, transform, and load (ETL) service
AWS Glue
[DATA SERVICES]
Big-data cloud-based tool suite using popular open source tools including Apache Spark, Apache Hive, Presto, and many others.
Amazon EMR
[DATA SERVICES]
Data workflow orchestration service that supports multiple AWS services providing extract, transform, and load (ETL) capabilities
AWS Data Pipeline
[DATA SERVICES]
Service that enables serverless querying of data stored within Amazon S3 using standard SQL queries
Amazon Athena
[DATA SERVICES]
Fully-managed Business Intelligence (BI) service enabling self-service data dashboards for data stored in the cloud
Amazon Quicksight
[DATA SERVICES]
Computer vision service powered by Machine Learning that can detect objects in images and video
Amazon Rekognition
[AI & ML SERVICES]
Text translation service powered by Machine Learning that can translate text (either streaming or in batch) into many different languages. It also provides language detection.
Amazon Translate
[AI & ML SERVICES]
Audio transcription service powered by Machine Learning that can transcribe audio (either streaming or in batch) in many different languages
Amazon Transcribe
[AI & ML SERVICES]
Managed Distributed Denial of Service (DDoS) protection service for apps running on AWS
AWS Shield
[SECURITY SERVICES]
Data classification, protection, and monitoring service powered by machine learning for Amazon S3 data
Amazon Macie
[SECURITY SERVICES]
Automated security assessment service for EC2 instances
Amazon Inspector
[SECURITY SERVICES]
EC2 capability that manages a group of EC2 instances that have rules for automated scaling and management which includes health checks for each member of the group
Auto Scaling Group
[EC2 AND VPC CAPABILITIES]
Service that supports routing traffic across multiple targets including EC2 instances, Lambda functions, as well as other targets on AWS
Elastic Load Balancing
[EC2 AND VPC CAPABILITIES]
Firewall-like controls for EC2 instances within a VPC that controls access for inbound and outbound traffic.
Security Groups
[EC2 AND VPC CAPABILITIES]
Control for inbound and outbound traffic within a specific subnet in a VPC. Traffic can be allowed or denied based on custom rules
Network Access Control Lists (ACL)
[EC2 AND VPC CAPABILITIES]
Service that supports an encrypted tunnel into a VPC. This can support either site-to-site (from your data center into the VPC) or client (from a single computer into the VPC)
AWS VPN
[EC2 AND VPC CAPABILITIES]
Service that manages secrets (such as passwords, keys, tokens, etc…) used in your custom applications on AWS. It also supports auto-rotation of credentials on supported AWS services
AWS Secrets Manager
[EC2 AND VPC CAPABILITIES]
