Scribd
Upload
117 views3 pages

AWS KeyWords

The AWS SAA-C03 Keyword-to-Service Mapping Study Guide provides a comprehensive overview of AWS services categorized by their functions, including storage, networking, compute, security, and cost optimization. Each category outlines specific use cases and corresponding AWS services, such as S3 for storage solutions and Route 53 for networking. This guide serves as a resource for understanding how to effectively utilize AWS services for various workloads and operational needs.

Uploaded by

sourabhshrivastava258
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as TXT, PDF, TXT or read online on Scribd
117 views3 pages

AWS KeyWords

The AWS SAA-C03 Keyword-to-Service Mapping Study Guide provides a comprehensive overview of AWS services categorized by their functions, including storage, networking, compute, security, and cost optimization. Each category outlines specific use cases and corresponding AWS services, such as S3 for storage solutions and Route 53 for networking. This guide serves as a resource for understanding how to effectively utilize AWS services for various workloads and operational needs.

Uploaded by

sourabhshrivastava258
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as TXT, PDF, TXT or read online on Scribd

AWS SAA-C03 Keyword-to-Service Mapping Study Guide

🔹 1. Storage & Databases

Predictable access pattern (30/60/90 days) → S3 Lifecycle Policies (Standard →


Standard-IA → Glacier)

Unpredictable / Analytics workload → S3 Intelligent-Tiering

Archive, rarely accessed, lowest cost → S3 Glacier Deep Archive

Archive, but faster retrieval → S3 Glacier Flexible Retrieval

Replication across regions (compliance/DR) → S3 Cross-Region Replication (CRR)

File system shared with Linux servers → Amazon EFS

File system for Windows apps → Amazon FSx for Windows

HPC file system / high throughput → Amazon FSx for Lustre

Relational DB, global low-latency reads → Aurora Global Database

Relational DB, read scaling → Aurora / RDS Read Replicas

Relational DB, failover in same Region → RDS Multi-AZ

NoSQL DB with global multi-region writes → DynamoDB Global Tables

DynamoDB caching → DAX (DynamoDB Accelerator)

In-memory cache → ElastiCache (Redis/Memcached)

🔹 2. Networking & Content Delivery

Deliver content globally (static/dynamic) → CloudFront (CDN)

Route to closest healthy endpoint → Route 53 Latency-based Routing

Automatic failover (primary/secondary) → Route 53 Failover Routing

Weighted traffic split (A/B testing) → Route 53 Weighted Routing

Global TCP/UDP apps, low latency → AWS Global Accelerator

Anycast static IPs + failover → AWS Global Accelerator

Accelerated S3 uploads/downloads → S3 Transfer Acceleration

Private connection to AWS services → VPC Endpoints (Gateway/Interface)

Extend on-premises to AWS privately → Direct Connect

Secure internet VPN to AWS → Site-to-Site VPN

Hub-and-spoke multi-VPC networking → AWS Transit Gateway

🔹 3. Compute & Modernization

Gradual migration monolith → microservices → Strangler Fig Pattern (API Gateway +


Lambda/ECS)

Lift & shift monolith into containers → App2Container + ECS/EKS

Event-driven workloads → AWS Lambda

Serverless container scaling → AWS Fargate

Managed containers → ECS / EKS

Quick deploy (PaaS model) → Elastic Beanstalk

Consistent workload → Reserved Instances / Savings Plans

Unpredictable workload → On-Demand Instances

Batch/fault-tolerant jobs → Spot Instances

High-performance batch → AWS Batch

🔹 4. Security & IAM

Restrict services/regions in accounts → Service Control Policies (SCPs)

Enforce tagging/encryption compliance → AWS Config Rules

Detect & remediate drift → AWS Config + Systems Manager Automation

Short-term credentials → IAM Role + STS

Cross-account access → IAM Role assumption

Store/manage secrets → AWS Secrets Manager

Encrypt data at rest → AWS KMS

Manage encryption keys centrally → AWS KMS / CloudHSM

DDoS protection → AWS Shield (Advanced)

Web firewall → AWS WAF

Threat detection → Amazon GuardDuty

Compliance dashboard → AWS Security Hub

Real-time config compliance → Amazon Detective

🔹 5. Cost Optimization & Operations

Cost visibility → Cost Explorer / Trusted Advisor

Central account mgmt → AWS Organizations

Landing zone, guardrails → AWS Control Tower

Centralized logs → CloudTrail, CloudWatch Logs

Monitor metrics & alerts → CloudWatch


Operational automation → Systems Manager (SSM)

Patch/maintenance automation → Systems Manager Patch Manager

Incident response → AWS Systems Manager + Lambda

You might also like