![](https://codelido.com/assets/files/2023-06-09/1686289887-62757-image.png)
๐ Analytics
- Amazon Athena:
- Interactive query service for analyzing data directly from Amazon S3 using standard SQL queries.
- Serverless service with no infrastructure management required.
- Supports various data formats like CSV, JSON, Parquet, and more.
- Enables exploration and analysis of large datasets without upfront data loading or transformation.
- Amazon Kinesis:
- Platform for real-time streaming data processing.
- Three main services:
- Amazon Kinesis Data Streams: Capture and process streaming data in real time.
- Amazon Kinesis Data Firehose: Simplifies loading streaming data into AWS data stores and analytics services.
- Amazon Kinesis Data Analytics: Process and analyze streaming data using SQL queries.
- Amazon QuickSight:
- Cloud-based business intelligence (BI) service.
- Create interactive dashboards, perform ad-hoc analysis, and generate insights from data.
- Integrates with various data sources, including AWS services and on-premises databases.
- Features drag-and-drop visualizations, smart suggestions, and ML-powered anomaly detection.
๐ฅ๏ธ Application Integration
- Amazon Simple Notification Service (Amazon SNS):
- SNS is a fully managed messaging service that enables the publishing and delivery of messages to various endpoints.
- It follows a publish-subscribe model, where messages are published to topics, and subscribers receive the messages.
- Supports various communication protocols, including HTTP, HTTPS, email, SMS, mobile push notifications, and more.
- SNS can be used for various use cases such as event notifications, application monitoring, and distributing messages to multiple subscribers.
- Amazon Simple Queue Service (Amazon SQS):
- SQS is a fully managed message queuing service that decouples the components of a distributed system.
- Messages are sent to and stored in a queue, and consumers retrieve and process them asynchronously.
- Supports two types of queues: Standard Queue and FIFO Queue (First-In-First-Out), providing different delivery guarantees and ordering options.
- SQS enables building fault-tolerant and scalable applications by ensuring reliable message delivery and providing automatic scaling.
๐ธ Cloud economies and billing
There are three fundamental drivers of cost with AWS: compute, storage, and outbound data transfer. These characteristics vary somewhat, depending on the AWS product and pricing model you choose.
- Compute
- Charged per hour/second
- varies by instance type
- Storage
- Data Transfer
- Outbound is aggregated and charged
- Inbound has no charge (with some exceptions)
- Charged per GB
The Utility Style Pricing Model includes:
- Pay for what you use
- Pay less when you reserve
- AURI - All upfront Reserved Instance (Cheapest)
- PURI - Partial Upfront Reserved Instance
- NURI - No Upfront Payments Reserved Instance (Expensive)
- Pay less when you use more
- Tiered pricing for services like S3 or Elastic Block Storage (EBS),the more you use, the less you pay.
- Economies of scale.
- Pay even less as AWS grows
- Custom pricing
- If none of the AWS pricing models suits your project, custom pricing is available.
- But only for high-volume projects with unique requirements.
AWS Fee Tier
- Free usage tier for new customers for up to 1 year.
- Can run EC2 (T2.Micro), Free tier S3, EBS, ELB, AWS data transfer, etcโฆ
Services with no charge
- Amazon Virtual Private Cloud (VPC) - logically isolated section of AWS cloud to launch resources.
- AWS Identity and Access Management (IAM) - controls your usersโ access to AWS services and resources.
- Consolidated Billing
- Consolidates billings for multiple AWS accounts or multiple Amazon Internet Services Private Limited accounts
- One bill for multiple account
- Easily track each accountโs charges
- Consolidate and get tiered benefits
- AWS Elastic Beanstalk - Deploy and manage apps easily
- AWS CloudFormation - Gives Devs and SysAdmins an easy way to create a collection of related AWS resources and provision them in an orderly and predictable fashion.
- Automatic Scaling
- AWS OpsWorks - Deploy and operate apps of all shapes and sizes (application management service) easily.
Total Cost of Ownership Considerations
- Server costs
- Storage costs
- Network costs
- IT Labor costs
AWS Pricing Calculator
- AWS Pricing Calculator estimates are broken into
- Total for your first 12 months
- Total upfront
- Total Monthly
- Estimate monthly costs of AWS services
- Identify opportunities for cost reduction
- Model your solutions before building them
- Explore price points and calculations behind your estimate
- Find the available instance types and contract terms that meet your needs
AWS Organizations
- Create service control policies (SCPs) that centrally control AWS services across multiple AWS accounts.
- Create groups of accounts and then attach policies to a group to ensure that the correct policies are applied across the accounts.
- Simplify account management by using application programming interfaces (APIs) to automate the creation and management of new AWS accounts.
- Simplify the billing process by setting up a single payment method for all the AWS accounts in your organization. With consolidated billing, you can see a combined view of charges that are incurred by all your accounts, and you can take advantage of pricing benefits from aggregated usage.
- Consolidated billing provides a central location to manage billing across all of your AWS accounts, and the ability to benefit from volume discounts.
List of the AWS Organizations limits:
- Number of roots (1)
- Number of OUs (1,000)
- Number of policies (1,000)
- Max size of control policy document (5,120 bytes)
- Max nesting of BUs (5 levels of BUs under a root)
- Invitations sent per day (20)
- Member accounts created concurrently (5), and entities to which
you can attach a policy (unlimited)
AWS Supports
- Proactive Guidance - Technical Account Managers (TAMs) - can provide guidance, architectural review, and continuous ongoing communication to keep you informed and prepared as you plan, deploy, and optimize your solutions.
- Best Practices - AWS Trusted Advisor - checks for opportunities to reduce monthly expenditures and increase productivity.
- Account Assistance - AWS Support Concierge - Billing and account expert
๐ฅ๏ธ Compute and Serverless
- AWS Batch:
- AWS Batch is a fully managed service for running batch computing workloads in the cloud.
- It helps you optimize and automate the execution of batch jobs at any scale.
- You can specify dependencies and resource requirements for your jobs, and AWS Batch manages the underlying infrastructure for you.
- Amazon EC2 (Elastic Compute Cloud):
- EC2 provides resizable compute capacity in the cloud and is the foundation of many AWS workloads.
- It allows you to provision virtual servers (instances) with various configurations and operating systems.
- EC2 instances can be customized based on your specific requirements, and you have full control over the underlying infrastructure.
- Each EC2 instance type offers different combinations of CPU, memory, storage, and networking capacity to cater to various application requirements.
- On-Demand Instances:
- Pay-as-you-go pricing model with no upfront commitments.
- Ideal for applications with unpredictable workloads, short-term projects, and testing/development environments.
- Provides flexibility to start and stop instances as needed.
- Reserved Instances:
- Offers significant cost savings compared to On-Demand instances.
- Customers commit to a specific instance type and term length (1 or 3 years) in exchange for discounted hourly rates.
- Recommended for steady-state workloads with predictable usage.
- Spot Instances:
- Allows customers to bid on unused EC2 capacity, enabling cost savings of up to 90% compared to On-Demand instances.
- Suitable for fault-tolerant and flexible applications that can withstand interruptions.
- Pricing fluctuates based on supply and demand.
- Dedicated Hosts:
- Provides physical EC2 servers dedicated to a single customerโs use.
- Offers full control over the underlying infrastructure, including instance placement and host affinity.
- Ideal for compliance requirements, licensing restrictions, and specialized hardware needs.
- Dedicated Instances:
- Runs instances on hardware dedicated to a single customer but without the control over underlying infrastructure like Dedicated Hosts.
- Provides an isolated and single-tenant environment.
- Suitable for customers who require instance-level isolation for compliance purposes.
- AWS Elastic Beanstalk:
- Elastic Beanstalk is a fully managed platform as a service (PaaS) that makes it easy to deploy and run applications in multiple languages.
- It automatically handles the underlying infrastructure setup, including capacity provisioning, load balancing, and application deployment.
- You can focus on developing your application code while Elastic Beanstalk takes care of the environment management.
- AWS Lambda:
- Lambda is a serverless computing service that lets you run your code without provisioning or managing servers.
- It allows you to execute code in response to events or on a scheduled basis.
- With Lambda, you pay only for the actual compute time consumed by your code, making it highly cost-effective.
- Amazon Lightsail:
- Lightsail provides an easy way to launch and manage virtual private servers (VPS) in the cloud.
- It offers pre-configured server instances with a simple pricing structure, suitable for small-scale workloads or beginner users.
- Lightsail includes features such as SSD storage, data transfer, DNS management, and integrated monitoring.
- Amazon WorkSpaces:
- WorkSpaces is a fully managed desktop-as-a-service (DaaS) solution.
- It allows you to provision cloud-based virtual desktops that can be accessed from anywhere using various devices.
- WorkSpaces provides a Windows-like desktop experience and supports customization, security features, and integration with other AWS services.
โ Containers
- Amazon Elastic Container Service (Amazon ECS):
- Fully managed container orchestration service for running Docker containers.
- Supports launching and scaling containerized applications on a cluster of Amazon EC2 instances.
- Offers features such as task definitions, service scaling, and integration with other AWS services.
- Provides flexibility and control over containerized applications without managing the underlying infrastructure.
- Amazon Elastic Kubernetes Service (Amazon EKS):
- Managed service for running Kubernetes on AWS.
- Simplifies the deployment, management, and scaling of containerized applications using Kubernetes.
- Integrates with other AWS services, such as Elastic Load Balancing and AWS Identity and Access Management (IAM).
- Offers automatic updates, scalability, and high availability for Kubernetes clusters.
- AWS Fargate:
- Serverless compute engine for containers that allows running containers without managing the underlying infrastructure.
- Eliminates the need to provision and manage EC2 instances for running containers.
- Provides on-demand scaling, automated container management, and reduced operational overhead.
- Compatible with both Amazon ECS and Amazon EKS, enabling you to focus on your applications rather than the infrastructure.
๐ Customer Engagement
- Amazon Connect:
- Cloud-based contact center service.
- Enables businesses to provide customer support via voice and chat.
- Offers features like intelligent routing, real-time analytics, and integration with other AWS services.
- Provides flexibility and scalability to handle customer interactions efficiently.
๐๏ธ Database
- Amazon Aurora (Database):
- MySQL and PostgreSQL-compatible relational database service.
- Provides the performance and availability of commercial-grade databases at a lower cost.
- Offers features like automated backups, read replicas, and multi-region replication.
- Highly scalable and fault-tolerant, suitable for various use cases, including OLTP (Online Transaction Processing) and analytics.
- Amazon DynamoDB (Database):
- Fully managed NoSQL database service.
- Delivers single-digit millisecond latency at any scale.
- Provides automatic scaling, built-in security, and data durability.
- Ideal for applications requiring low-latency data access, high scalability, and flexible schema.
- Amazon ElastiCache (Database):
- In-memory data store service.
- Supports two engines: Redis and Memcached.
- Enhances application performance by caching frequently accessed data.
- Helps reduce database load and latency, especially for read-heavy workloads.
- Amazon RDS (Relational Database Service):
- Managed relational database service.
- Supports various database engines like MySQL, PostgreSQL, Oracle, SQL Server, and MariaDB.
- Simplifies database administration tasks such as provisioning, patching, and backups.
- Provides high availability, automated backups, and automated software patching.
- Amazon Redshift (Database):
- Fully managed data warehousing service.
- Optimized for online analytic processing (OLAP) workloads and large-scale data analysis.
- Offers columnar storage, parallel query execution, and automatic scaling.
- Enables running complex analytical queries across large datasets.
๐งโ๐ป Developer tools
- AWS CodeBuild:
- Fully managed continuous integration and continuous delivery (CI/CD) service.
- Compiles source code, runs tests, and produces deployable artifacts.
- Supports integration with other AWS services and third-party tools.
- Enables building, testing, and deploying applications quickly and securely.
- AWS CodeCommit:
- Fully managed source control service based on Git.
- Provides secure and scalable repositories for hosting private Git repositories.
- Offers features like code versioning, access control, and branch management.
- Integrates with other AWS developer tools and third-party Git tools.
- AWS CodeDeploy:
- Fully managed deployment service for automating application deployments.
- Simplifies the process of deploying applications to Amazon EC2 instances, Lambda functions, and on-premises servers.
- Supports both blue/green and in-place deployments.
- Enables automated rollback and monitoring of application health during deployments.
- AWS CodePipeline:
- Fully managed continuous integration and continuous delivery (CI/CD) service.
- Provides a workflow for building, testing, and deploying applications.
- Integrates with other AWS services, allowing you to create end-to-end CI/CD pipelines.
- Enables automation, collaboration, and scalability in the software release process.
- AWS CodeStar:
- Fully managed service for quickly developing, building, and deploying applications on AWS.
- Offers project templates, integrated development environments (IDEs), and pre-configured pipelines.
- Supports various programming languages and popular frameworks.
- Streamlines the setup and management of development tools and resources.
๐๏ธ Management, Monitoring, and Governance
- AWS Auto Scaling:
- Automates the scaling of AWS resources based on demand.
- Helps maintain performance, optimize costs, and achieve high availability.
- Supports scaling of Amazon EC2 instances, Amazon ECS tasks, and other resources.
- AWS Budgets:
- Enables you to set cost and usage budgets for your AWS resources.
- Provides cost and usage tracking, alerts, and forecasts.
- Helps you monitor and control your AWS spending.
- AWS CloudFormation:
- Infrastructure as Code (IaC) service for provisioning and managing AWS resources.
- Defines resources in templates using a JSON or YAML format.
- Automates resource provisioning and handles dependencies.
- Enables consistent and repeatable deployments.
- AWS CloudTrail:
- Service for logging and monitoring API activity within your AWS account.
- Provides audit trail of actions performed by users, services, or resources.
- Helps with compliance, security analysis, and troubleshooting.
- Amazon CloudWatch:
- Monitoring and observability service for AWS resources and applications.
- Collects and tracks metrics, logs, and events.
- Enables alarms, dashboards, and automated actions based on predefined conditions.
- Supports monitoring of EC2 instances, RDS databases, Lambda functions, and more.
- AWS Config:
- Service for assessing and auditing the configuration of AWS resources.
- Tracks resource configurations and changes over time.
- Provides configuration snapshots, compliance checks, and resource relationships.
- AWS Cost and Usage Report:
- Detailed report that provides comprehensive cost and usage information.
- Enables analyzing and optimizing AWS spending.
- Can be used to create custom reports and perform cost allocation.
- Amazon EventBridge (formerly Amazon CloudWatch Events):
- Serverless event bus service that integrates with various AWS services.
- Provides event-driven architecture and allows event routing and processing.
- Enables automation and orchestration of workflows.
- AWS License Manager:
- Helps manage software licenses and maintain compliance in AWS.
- Tracks software licenses and usage across accounts and regions.
- Provides controls to ensure license compliance and optimize costs.
- AWS Managed Services:
- Offers managed services for operating AWS infrastructure on your behalf.
- Helps with ongoing management, monitoring, and troubleshooting of AWS resources.
- Provides guidance and support for best practices.
- AWS Organizations:
- Service for managing multiple AWS accounts within an organization.
- Enables centralized management, billing, and security controls.
- Helps implement and enforce policies across accounts.
- AWS Secrets Manager:
- Securely stores and retrieves sensitive information like API keys, passwords, and database credentials.
- Integrates with other AWS services and supports automatic rotation of secrets.
- Helps protect and manage access to sensitive data.
- AWS Systems Manager:
- Provides a unified interface for managing AWS resources.
- Offers features like inventory management, patch management, and automation.
- Helps with operational insights, resource configuration, and system maintenance.
- AWS Systems Manager Parameter Store:
- Securely stores and manages configuration data and secrets.
- Enables central management and retrieval of parameter values.
- Supports both plaintext and encrypted parameters.
- AWS Trusted Advisor:
- Provides best practice recommendations to optimize AWS resources.
- Offers guidance in areas like cost optimization, security, and performance.
- Helps improve operational efficiency and cost effectiveness.
๐ Networking and Content Delivery
- Amazon API Gateway:
- Fully managed service for creating, publishing, and securing APIs.
- Enables building scalable and serverless architectures.
- Supports RESTful and WebSocket APIs.
- Provides features like authentication, throttling, and caching.
- Amazon CloudFront:
- Content delivery network (CDN) service.
- Accelerates delivery of web content and APIs globally.
- Distributes content from edge locations to reduce latency.
- Offers features like caching, SSL/TLS termination, and DDoS protection.
- AWS Direct Connect:
- Dedicated network connection between your on-premises data centers and AWS.
- Provides a private and dedicated connection for improved performance and security.
- Helps reduce network costs and offers consistent network performance.
- Amazon Route 53:
- Scalable domain name system (DNS) web service.
- Routes internet traffic to AWS resources and provides DNS services.
- Supports domain registration, health checks, and traffic routing policies.
- Enables high availability and fault tolerance for applications.
- Amazon VPC (Virtual Private Cloud):
- Virtual network service that provides isolated environments in AWS.
- Allows you to define a logically isolated network within AWS.
- Offers control over IP addressing, subnets, routing, security, and network gateways.
- Provides integration with other AWS services and supports VPN connections.
๐ก๏ธ Security, Identity, and Compliance
- AWS Artifact:
- Provides on-demand access to AWS compliance reports and agreements.
- Offers a central location to download AWS compliance reports.
- Helps with regulatory and audit requirements.
- AWS Certificate Manager (ACM):
- Manages and deploys SSL/TLS certificates for AWS resources.
- Simplifies the process of obtaining and renewing certificates.
- Supports both public and private certificates.
- Integrates with other AWS services like Elastic Load Balancing and CloudFront.
- AWS CloudHSM:
- Hardware Security Module (HSM) service in the cloud.
- Provides secure key storage and cryptographic operations.
- Helps meet compliance and regulatory requirements.
- Integrates with various AWS services for secure key management.
- Amazon Cognito:
- Provides user sign-up, sign-in, and access control for web and mobile apps.
- Supports authentication with social identity providers, such as Facebook and Google.
- Offers user directory management and user profile synchronization.
- Amazon Detective:
- Investigative service for analyzing and visualizing security data.
- Automatically analyzes log data from AWS resources.
- Helps identify and understand potential security issues and threats.
- Amazon GuardDuty:
- Threat detection service that analyzes AWS logs and network traffic.
- Provides intelligent threat detection and continuous monitoring.
- Helps identify and respond to security threats and vulnerabilities.
- AWS Identity and Access Management (IAM):
- Manages user access and permissions to AWS resources.
- Enables identity federation, multi-factor authentication, and fine-grained access controls.
- Centralizes user management and security policies.
- Amazon Inspector:
- Automated security assessment service.
- Helps identify security vulnerabilities and deviations from best practices.
- Assists in improving security and compliance of applications deployed on AWS.
- AWS License Manager:
- Helps manage software licenses and maintain compliance in AWS.
- Tracks software licenses and usage across accounts and regions.
- Provides controls to ensure license compliance and optimize costs.
- Amazon Macie:
- AI-powered data discovery and security service.
- Helps identify and protect sensitive data.
- Offers data classification, access control, and data loss prevention capabilities.
- AWS Shield:
- Managed Distributed Denial of Service (DDoS) protection service.
- Protects web applications and content on AWS.
- Provides network and application-layer protection against DDoS attacks.
- AWS WAF (Web Application Firewall):
- Web application firewall service that helps protect applications from web-based attacks.
- Provides customizable rules to filter and block malicious traffic.
- Offers protection against common web vulnerabilities.
๐ซ Storage
- AWS Backup:
- Fully managed backup service for AWS resources.
- Provides centralized backup management and automation.
- Supports backup and restore of Amazon EBS volumes, Amazon RDS databases, and more.
- Amazon Elastic Block Store (Amazon EBS):
- Block-level storage service for Amazon EC2 instances.
- Provides persistent, low-latency block storage volumes.
- Supports different volume types, including SSD and HDD.
- Allows for snapshot creation and encryption of volumes.
- Amazon Elastic File System (Amazon EFS):
- Fully managed file storage service for EC2 instances.
- Offers scalable and highly available file storage.
- Supports multiple EC2 instances accessing the same file system concurrently.
- Automatically scales storage capacity based on demand.
- Amazon S3 (Simple Storage Service):
- Object storage service for storing and retrieving large amounts of data.
- Provides high durability, availability, and scalability.
- Supports various storage classes, including Standard, Intelligent-Tiering, and Glacier.
- Amazon S3 Glacier:
- Low-cost archival storage service within Amazon S3.
- Designed for long-term data archival and backup.
- Offers configurable retrieval times for archived data.
- Supports lifecycle policies for automatic data transfer to Glacier.
- AWS Snowball Edge:
- Petabyte-scale data transfer and edge computing device.
- Enables offline data transfer to and from AWS.
- Provides storage and compute capabilities at the edge.
- Supports local data processing and storage.
- AWS Storage Gateway:
- Hybrid cloud storage service that connects on-premises environments with AWS.
- Offers file, volume, and tape-based storage interfaces.
- Enables seamless integration of on-premises storage with AWS storage services.
Note these categorizations are not limited to the above writings and was curated by having the AWS CP Exam in point of view. Make sure to drill deeper by referring docs and training courses.