AWS Services Overview
AWS includes many cloud services that can all be used in combination to meet specific business or organizational requirements. This section outlines the main AWS services, sorted by category.
NOTE: This article provides a brief overview about AWS services. It is a good introduction to all certifications. It is however more relevant and important for the AWS Cloud Practitioner Certification Exam.
Common Features
AWS Identity Access Management (IAM) can allow access to almost all of the features.
AWS services are Scalable and Highly Available. No changes are required by the userAWS Access
AWS allows you to access its services via unified tools
AWS Management Console – A simple and intuitive user interface
AWS Command Line Interface – Programatic access via scripts
AWS Software Development Kits – Programatic access through Application Program Interface. AWS Mobile SDK is tailored for programming language (Java.NET, Node.js.php, Python, Ruby. Go, C++) or platform (Android Browser, iOS).Security Identity and Compliance
Amazon Cloud Directory
It allows you to create flexible, cloud-native directories that can organize hierarchies of data in multiple dimensions. Traditional directory solutions are limited to a single directory.
It allows you to create directories for a variety use cases such as organizational charts and course catalogs.
This allows you to securely manage access to AWS resources and services for users.
Allows creation of AWS users, groups, and roles and allows you to use permissions to allow or deny access to AWS resources
Helps manage IAM users and their access using individual security credentials such as passwords, access keys, and multi-factor authentication device, or request temporary credentials to provide users
Helps with role creation and management of permissions to control which operations may be performed by the entity or AWS service that assumes the role
It enables identity federation, which allows existing identities (users groups and roles) to access AWS Management Console, call AWS APIs, and access resources without the need for creating an IAM user.
This service automates security assessments and helps to improve compliance and security of applications on AWS.
Automatically assesses applications for vulnerabilities and deviations from best practices
AWS Certificate Manager produces a detailed list with security findings sorted by severity.
Helps to provision, manage, deploy Secure Sockets Layer/Transport Layer Security certificates (SSL/TLS), for use with AWS services such as ELB
It eliminates the tedious manual process of purchasing, uploading and renewing SSL/TLS certificate certificates.
Use of dedicated Hardware Security Module (HSM), appliances within AWS Cloud, helps to meet compliance requirements for data security from corporate and contractual entities.
Allows encryption keys to be protected within HSMs. This is designed and validated according to government standards for key management.
Allows you to comply with stringent key management requirements without compromising application performance.
Microsoft Active Directory (Enterprise Edition), also called AWS Microsoft AD, enables directory-aware workloads to use AWS resources and managed Active Directory in AWS Cloud.AWS Key Management Service
It is a managed service that makes creating and controlling encryption keys for your data easy.
Uses HSMs to protect your keys.
Allows creation of AWS account groups to make it easier to manage security and automation settings together
Helps to centrally manage multiple accounts in order to scale.
AWS Shield allows you to manage which AWS services are available to each account, automate new accounts creation, and simplify billing.
i
