AWS Services

Amazon Services Overview

Find below a list of managed services and application systems Amazon offers on the Cloud.

28/01/2020

Cloud Infrastructure

Geographic Regions cover major geographies and contain AZ's

Each Amazon EC2 Region is designed to be completely isolated from the other Amazon EC2 Region. This achieves the greatest possible fault tolerance and stability. When you view your AWS resources, you'll only see the resources tied to the Region you've specified.
https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-regions-availability-zones.html#concepts-regions-availability-zones

Availability Zones - found in GR's have no physical connection other than low latency NW links to ensure redundancy and availability

https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-regions-availability-zones.html
You can see resources of multiple AZ's when you view your resources. The Architecture representations show where the AWS sits on which AZ1, AZ2, AZ3 etc. to enable Fault Tolerance

Edge Locations x100 across the world

AWS Elasticity is the ability to scale computing resources (up/down) with minimal friction

Shared responsibility model - https://aws.amazon.com/compliance/shared-responsibility-model/

What you will need

AWS account

Set it up. Some AWS is free only for 12 months - see more here.

AWS Systems Interfaces

There are 3 supported interfaced for AWS IT Infrastructure management

AWS Management Console - Web access to AWS via Amazon AWS website
AWS CLI (Command Line Interface) or AWS Shell or AWS Tools PowerShell - Access Key ID, AWS Secret
AWS API / SDK - Authenticate External to access via IAM temp credentials i.e. SSO with OAuth authentication via AWS Cognito and Google profile
Access other AWS Services

Note: CloudTrail audits all IAM user & role security access

Recommended Tools for AWS

Postman

AWS Cloud9 IDE - access via AWS Management Console (Goto tool with improved security)

AWS Supported Computing Models

Amazon provides all the computing models

IaaS - Infrastructure as a service e.g. EC2
PaaS - Platform as a service as a fully managed service e.g. RDS
SaaS - Software as a service e.g. Salesforce
Server-less Computing - e.g. Lambda

Use the AWS fully managed services.

AWS Services

Analytics

Amazon Athena - analyse data in S3 bucket interactively SQL query service

Amazon EMR - Hadoop framework to extract data from EC2, S3, and DynamoDB. Use EMR Notebooks to run adhoc queries, and do exploratory analysis.

Amazon EMR is a managed cluster platform that simplifies running big data frameworks, such as Apache Hadoop and Apache Spark, on AWS to process and analyze vast amounts of data. By using these frameworks and related open-source projects, such as Apache Hive and Apache Pig, you can process data for analytics purposes and business intelligence workloads. See: https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-what-is-emr.html

CloudSearch - set up a search solution for website or application. Support 34 languages.

Amazon ElasticSearch Service - scale real-time to search streaming data. Integrates with other AWS systems

Amazon Kinesis - collect real-time streaming data. To do analysis processing on data at scale of video, audio, logs, website click-streams, IoT telemetry data into ML and other applications. Amazon Kinesis Data Streams enables you to build custom applications that process or analyse streaming data for specialised needs. Kinesis Data Streams can continuously capture and store terabytes of data per hour from hundreds of thousands of sources such as website click-streams, financial transactions, social media feeds, IT logs, and location-tracking events.

Kinesis Data Firehose - load streaming data into data stores such as S3, Redshift, ElasticSearch, Splunk

Kinesis Data Analytics - analyse streaming data, and respond to customers in real-time

Kinesis Data Streams - real-time data-streaming service. Collect data from multiple sources to process and consume

Kinesis Video Stream - stream video to millions of devices. Plus index, encrypt, and store data. Playback for on-demand viewing

Redshift - a 10x faster big data warehouse on S3

Amazon QuickSight - a BI service with Dashboards

AWS Data Pipeline - move data between AWS compute and storage services and On-premises data sources. For S3, RDS, DymoDB, and EMR data sources

AWS Glue - fully manage and extract, tranform and load ETL service, and manage MetaData

AWS Lake Formation - setup and secure a data lake. Move away from Data Silos and centralise your data. Formation makes managing the Data Lake simple as it codifies the ETL processes.

Amazon MSK - Managed Streaming for Kafka - a managed service to run applications build on Kafka (realtime streaming pipelines and applications).

Application Integration

AWS Step Functions - co-ordinate app, and micro services for business rules in a WYSIWYG interface

Amazon MQ -

Amazon SQS (Simple Queue Service) - A queue for your architecture to enable asynchronous processing. Decouple applications from demand processes.

FIFO queues are designed to ensure that the order in which messages are sent and received is strictly preserved and that each message is processed exactly once - https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/FIFO-queues.html
ReceiveMessageWaitTimeSeconds (Long polling) helps reduce your cost of using Amazon SQS by reducing the number of empty responses. You can enable long polling using the AWS Management Console by setting a Receive Message Wait Time to a value greater than 0. See: https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/sqs-long-polling.html

Amazon SNS - full managed Pub/Sub to defined Topics requiring a notification service. SNS supports push notification for mobiles

Amazon SWF(Simple Workflow Service) - co-ordinate steps in a business process

AR and VR

Amazon Sumerian

AWS Cost Management

AWS Cost Explorer - investigate where costs are being wasted. https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/cost-explorer-what-is.html

AWS Budgets

AWS Cost & Usage Report

Reserved Instance Reporting (RI)

Blockchain

Amazon Managed Blockchain

Business Applications

Alexa for Business

Amazon WorkDocs

Amazon WorkMail

Amazon Chime

Compute

Move away from capacity management based on compute load and storage architecture. Rather scale horizontally with ELB (elastic load balancer) & EC2 Auto Scaling to dynamically meet demand.

Amazon EC2 - Default server instance. Setup an AMI (Amazon Managed Instance) and select Auto-assign Public IP.

The only difference, other than price, between On-Demand instances and Spot Instances is that Spot instances can be interrupted by EC2 with two minutes of notification when the EC2 needs the capacity back, or if the price changes above your bid price. https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-spot-instances.html
Note: You connect to your EC2 Windows instance using RDP. You connect to your EC2 Linux instance using SSH.
When you stop an instance, AWS shut it down. AWS don't charge usage for a stopped instance, or data transfer fees, but do charge for the storage for any Amazon EBS volumes.
You can only stop and restart your instance if it has an Amazon EBS volume as its root device.
https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Stop_Start.html
An EBS volume can be attached to only one instance at a time within the same Availability Zone. However, multiple volumes can be attached to a single instance. See: https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSVolumes.html
Use S3 to ensure data is accessible within seconds for the first 6 months and archive with AWS Glacier "up to a day" data to access after 6 months with a LifeCycle policy

Amazon EC2 Auto Scaling - Dynamically scale your instances up or down as needed based on conditions you set. Replace EC2 instances if not healthy. Define a scaling plan. It tells Auto Scaling when and how to scale. For example, you can base a scaling plan on the occurrence of specified conditions (dynamic scaling) or on a schedule. An Autoscaling policy defines how to scale and how much scaling to be applied. A scaling plan will reference a scaling policy

Amazon Elastic Container Registry

Amazon Elastic Container Service - Managed Cluster for Doco container

Amazon Elastic Container Service for Kubernites

Amazon Lightsail - Launch VPC's running applications with DNS & Storeage

AWS Batch

AWS Elastic Beanstalk - provides developers and systems administrators an easy, fast way to deploy and manage their applications without having to worry about AWS infrastructure - https://docs.aws.amazon.com/elasticbeanstalk/latest/dg/Welcome.html

AWS Fargate

AWS Lambda - serverless, run code like Python as needed. AWS Lambda is a serverless compute service that runs your code in response to events and automatically manages the underlying compute resources for you

AWS Serverless Application Repository

AWS Outposts

Customer Engagement

Amazon Connect - A pay as you go FMS service for customer self services - You create WYSIWYG process flows to support customers.

Amazon Pinpoint - send SMS, EMAIL, Mobile Push messages for targeted campaigns. Further send individual Direct Messages for order confirmations

Amazon SES (Simple Email Service) - bulk email send marking messages

you can send transnational email, marketing messages, or any other type of high-quality content and you only pay for what you use
https://aws.amazon.com/ses/

Database

Amazon Aurora - Amazons proprietary db

Amazon RDS (Relational Database Service) - A FMS to setup a db instance with MySQL, MS SQL, Oracle or other...

Manual Scaling
Auto software updates
Auto backups Amazon RDS enables automated backups of your DB Instance with a 7 day retention period. See: https://aws.amazon.com/rds/faqs/
3rd party licensing options include BYOL, and License included https://aws.amazon.com/rds/oracle/faqs/
You can run your RDS instance in several Availability Zones, an option called a Multi-AZ deployment. When you select this option, Amazon automatically provisions and maintains a synchronous standby replica of your DB instance in a different Availability Zone
When Multi-AZ is enabled on RDS, the standby replica instance will be located in a different availability zone.
https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Concepts.MultiAZ.html
When Multi-AZ is enabled on RDS, the standby replica instance will be located in a different availability zone.

Amazon RDS on VMWare

Amazon DynamoDB - No SQL db.

Store data on S3 see more https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/Introduction.html
A database is a collection of Tables. An Table is a collection of items and each item is a collection of attributes

Amazon Redshift - PostgreSQL data-warehouse for Petabytes of data

Amazon ElastiCache - fully in memory, reduce load on RDS instance

Amazon Neptune - a graph db engine - low latency

Amazon Quantum Ledger Database (QLDB)

Amazon DMS (Database Migration Service) orchestrates data migration to and from db's

Desktop and App Streaming

Amazon Workspaces - secure desktop as a service (including Windows 10). 30 min to setup a new users workspace

Amazon WorkDocs - support 35 file types, allow users to collaborate and share documents

WorkMail - Business email and calendar service

Amazon AppStream 2.0 - stream apps to HTML 5 browsers

Amazon Chime - Online Meeting for business, and can share content in and out the organisation

Developer Tools

AWS CodeCommit - git hub repository

AWS CodeBuild - compile, build, and create SW packages on AWS

AWS CodeDeploy - deploy to EC2

AWS CodePipeline - continuous integration continuous delivery and testing system

AWS CodeStar - Project Management Dashboard

Amazon Corretto. Easy manage and deploy. Manage issue tracking

AWS Cloud9 - A IDE for the AWS Cloud. Can deploy servers used for Developer Path mostly

AWS X-Ray - app performance impact analysis

Game Tech

Amazon GameLift - scale & manage dedicated game servers

Amazon Lumberyard - game AAA game engine on the AWS cloud

Internet of Things (IoT)

AWS IoT Core - Managed cloud platform - allow embedded devices to securely interact

Amazon FreeRTOS - micro controller device connection to AWS IoT services

AWS IoT Greengrass - SW to run local lambda, ML on IoT devices. Extends services to IoT devices

AWS IoT 1-Click

AWS IoT Analytics

AWS IoT Button

AWS IoT Device Defender

AWS IoT Device Management

AWS IoT Events

AWS IoT SiteWise

AWS IoT Things Graph

AWS IoT Partner Device Catalogue

Machine Learning

Amazon SageMaker

Amazon SageMaker Ground Truth - train ML models, and turn them into application backends for architecture

Amazon Comprehend - deep learning for text customer analysis, or document analysis

Amazon Lex - create chat bots for 1st line support

Amazon Polly - natural sounding text to speach

Amazon Rekognition - deep learning analysis of objects in video's & images

Amazon Translate - translate between languages

Amazon Transcribe - speech recognition (voice input), (text output) service

Amazon Elastic Inference

Amazon Forecast

Amazon Personalize

Amazon Deep Learning AMI's

AWS DeepLens - deep learning vision application system

AWS DeepRacer

Apache MXNet on AWS

TensorFlow on AWS

AWS Inferentia

Management & Governance

The AWS Management Tools control the provisioning, monitoring & logging, operations and configuration management for your Cloud IT

Amazon CloudWatch - set alarms for AWS scaling, monitoring or analytical insights on resources. Setup with ITTT like rules.

By default, Amazon EC2 sends metric data to CloudWatch in 5-minute periods. See: https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-cloudwatch.html
You can use Amazon CloudWatch logs to monitor, store, and access your log files from Amazon Elastic Compute Cloud (Amazon EC2) instances, AWS CloudTrail, Route 53, and other sources. You can then retrieve the associated log data from CloudWatch - https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/WhatIsCloudWatchLogs.html

AWS Auto Scaling

AWS Control Tower

AWS Systems Manager - Get operational data from multiple AWS resources or services, and automate tasks

AWS CloudFormation - A XAML/JSON txt file to manage a collection of AWS infrastructure resources as stacks (you can create, update, delete items from a collection) managed as a single unit. It's codified into a AWS CloudFormation template. When 1 of the resources in the stack fails in CloudFormation process "Automatic rollback on Error" starts - the provisioned resources are deleted and the stack creation is terminated. It simplifies system administration in layered solutions.

AWS CloudTrail - Creates a Log. The output is an Auditable trail of all access across the AWS account. The CloudTrail service that helps you enable governance, compliance, and operational and risk auditing of your AWS account. Actions taken by a user, role, or an AWS service are recorded as events in CloudTrail.

Events include actions taken in the AWS Management Console, AWS Command Line Interface, and AWS SDKs and APIs - https://docs.aws.amazon.com/awscloudtrail/latest/userguide/cloudtrail-user-guide.html

AWS Config - enables assess audit evaluate config across AWS account. Compliance, Security, changemanagement & control, trouble config on ASW resources

AWS OpsWorks - manage instances of chef and puppet that automate deployment of AWS resources

AWS Service Catalog - CMDB Governance & Compliance to control your catalog of IT resources that can be deployed

AWS Trusted Adviser - Online real-time AWS Best Practices guidance to help reduce cost, increase performance & security in your AWS Account - https://aws.amazon.com/premiumsupport/trustedadvisor/

AWS Personal Health Dashboard

AWS Managed Services

AWS Console Mobile Application

AWS License Manager

AWS Well-Architected Tool

Media Services

Broadcast media platform services on Amazon AWS

Amazon Elemental Media Convert - transcoding for video on demand

Amazon Elemental MediaPackage - Prepares Media for broadcast over the internet, can be used for DRM & License management over the internet

Amazon Elemental MediaTailor - Personalised content into video streams

Amazon Elemental MediaLive - Live video streaming to TV and streaming devices

Amazon Elemental MediaStore - Storage optimised for video

Amazon Video Stream - share video into AWS cloud to share for analytics & ML applications

Migration & Transfer

AWS Application Discovery Service - to connect, discover, and plan migration of systems into the cloud

DMS - Migrate dbs to and from on premise to cloud

AWS Server Migration Service - reduce downtime and migrate servers

AWS Snowball - HW device to move data into AWS S3 storage

Mobile

AWS Amplify -

Amazon SNS - setup to send push notifications to mobiles

AWS Mobile Hub - config & creates mobile config file for the cloud. Manage applications in one place

Amazon Cognito

Amazon Pinpoint

AWS Device Farm - test app against defined HW mobile devices (Android, IOS)

AWS AppSync - GraphQL mobile and web applications *Revolutionary way for managing data

Networking and Content Delivery

Amazon VPC (Virtual Private Cloud) - A private NW for the AWS account. Private space.

Security groups in a VPC specify which traffic is allowed to or from an Amazon EC2 instance - https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-network-security.html
Network ACLs operate at the subnet level and evaluate traffic entering and exiting a subnet - https://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_ACLs.html

Amazon CloudFront - * A CDN providing low latency DDos protected content across the globe, to deliver content Cache and manages Dynamic content to the EC2 instance across x100 AWS Edge Locations

https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/HowCloudFrontWorks.html
Amazon CloudFront is a global content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to your viewers with low latency and high transfer speeds from CloudFront around the World

Amazon Route 53 - Enterprise DNS send requests to defined endpoint

AWS PrivateLink

AWS Direct Connect - High speed Fibre Optic connection between corporate data-centre to AWS cloud where standard connection doesn't work creating a WAN into the AWS

AWS Global Accelerator

Amazon API Gateway - High availability API GW

AWS Transit GW

AWS App Mesh

AWS Cloud Map

ELB (Elastic Load Balancing) - sits in front of EC2 instances distributed across multiple AWS AZ's

Robotics

AWS RoboMaker

Satellite

AWS Ground Station

Security, Identity and Compliance

AWS Security Hub

Amazon Cognito - SSON for integrating Amazon and other online OAuth identity providers like Google, MS, FB for managing sing-up of users

Amazon Cloud Directory - Multi Data Hierachy of Directory Data unlike LDAP with only 1 dimension

AWS IAMs (Identity & Access Management) - control your users, and roles for AWS IT environment and enable MFA for users

Amazon GuardDuty

Amazon Inspector - an automated security assessment service to help identify vulnerabilities on AWS IT Infrastructure to improve security and compliance on AWS. It can assess applications for vulnerabilities or changes from best practices - https://aws.amazon.com/inspector/

Amazon Macie

AWS Artifact - Online artefact of security documentation of security auditing

AWS Certificate Manager - Manage SSL certs, and interfaces with R53, and CloudFront (Free SSL certs)

AWS CloudHSM - dedicated HW security module allows corp and reg compliance over using your own HSM module

AWS Directory Service - The Active Directory for Enterpise AWS Access

AWS Firewall Manager

AWS KMS (Key Management Service) - centrally manage and control AWS encryption Secret Information, including HW keys for MFA

AWS Orangisations - Manage Policies for multiple organisations in your AWS IT infrastructure used for large enterprises

AWS Secrets Manager

AWS Shield - DDOS protection (by default)

AWS Single Sign-On (SSO)

AWS WAF (Web Application Firewall) - protect for cross site scripting attacks

Storage

Instance Storage - An instance store provides temporary block-level storage for your instance. This storage is located on disks that are physically attached to the host computer. Instance store is ideal for temporary storage of information that changes frequently, such as buffers, caches, scratch data, and other temporary content, or for data that is replicated across a fleet of instances, such as a load-balanced pool of web servers. See: https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/InstanceStorage.html

Amazon S3 - The Dropbox like storage for IT architecture

A bucket name must be unique across all existing bucket names in Amazon S3. See: https://docs.aws.amazon.com/AmazonS3/latest/dev/BucketRestrictions.html
Storage class info https://docs.aws.amazon.com/AmazonS3/latest/dev/storage-class-intro.html
S3 STANDARD_IA - is optimised for long-lived and less frequent data access, but still supports high performance

Amazon EBS (Elastic Block Store) - select either SSD, or HDD storage for EC2 instances.

Amazon Elastic File System - a Shared block of storage like a company mapped / mounted drive

Amazon FSx for Lustre

Amazon FSx for Windows File Server

Amazon S3 Glacier - Archive S3 data for Long Term Storage - https://aws.amazon.com/blogs/aws/archive-s3-to-glacier/

AWS Storage Gateway - access corporate storage from your VPC

Connects an on-premises software appliance with cloud-based storage to provide seamless integration with data security features between your on-premises IT environment and the Amazon Web Services (AWS) storage infrastructure.
https://docs.aws.amazon.com/storagegateway/latest/userguide/WhatIsStorageGateway.html

AWS Snowball - Copy large volumes of data into AWS S3 using Snowball (actual device returned to AWS to migrate onto S3)

Page updated

Report abuse