AWS Services Cheat Sheet

by irohitpawar via cheatography.com/127546/cs/24837/

Comp​ute Comp​ute (cont) Comp​ute (cont)

Cate​‐ Serv​‐ Desc​rip​tion Lightsail Designed to be the Elastic Easily store,

gory ice easiest way to launch Container manage, & deploy
Inst​‐ EC2 Provides secure, & manage a virtual Registry container images.

ances resizable compute private server with (ECR) ECR

(Virtual capacity in the cloud. It AWS. An easy-t​o-use Elastic Fully managed
machi makes web-scale cloud cloud platform that Kubernetes Kubernetes
n​es) computing easier for offers everything need Service service. EKS
develo​pers. EC2 to build an applic​ation (EKS)
or website. Lightsail
EC2 Run fault-​tol​erant Fargate Serverless
Spot workloads for up to Batch Enables develo​pers, compute for contai​‐
90% off. EC2Spot scient​ists, & engineers ners. Fargate
to easily & effici​ently
EC2 Automa​tically add or Serv​‐ Lambda Run code without
run hundreds of
Autosc​ remove compute erl​ess thinking about
thousands of batch
aling capacity to meet servers. Pay only
computing jobs on
changes in demand. for the compute
AWS. Fully managed
EC2_AustoScaling time you consume.
batch processing at
Lamda
any scale. Batch
Edge Outposts Run AWS infras​tru​‐
Con Elastic Highly secure, reliable,
and cture & services on
t​ain​‐ Container & scalable way to run
hybrid premises for a truly
ers Service contai​ners. ECS
consistent hybrid
(ECS)
experi​ence.
Outposts
Snow Collect and process
Family data in rugged or
discon​nected edge
enviro​nments.
SnowFamily

By irohitpawar Published 17th October, 2020. Sponsored by ApolloPad.com

Last updated 18th October, 2020. Everyone has a novel in them. Finish
Page 1 of 21. Yours!
https://apollopad.com
cheatography.com/irohitpawar/
 AWS Services Cheat Sheet
by irohitpawar via cheatography.com/127546/cs/24837/

Comp​ute (cont) Storage (cont) Storage (cont)

Wavelength Deliver ultra-low latency Amazon Amazon Elastic Block Store is a AWS DataSync makes it simple &
applic​ation for 5G devices. EBS web service that provides DataSync fast to move large amounts of
Wavelenth block-​level storage volumes. data online between on-pre​‐
VMware Innovate faster, rapidly EBS mises storage & S3, EFS, or
Cloud on transition to the cloud, & Amazon EFS offers file storage for the FSx for Windows File Server.
AWS work securely from any EFS user’s Amazon EC2 instances. DataSync
location. VMware_On_AWS Storage It's kind of blob Storage. EFS AWS The Transfer Family provides
Local Run latency sensitive applic​‐ Amazon FSx supply fully managed 3rd- Transfer fully managed support for file
Zones ations closer to end-users. FSx party file systems with the native Family transfers directly into & out of
LocalZones compat​ibility & charac​ter​istic S3. Transfer_Family
sets for workloads. It's available AWS Highly​-se​cure, portable
Storage as FSx for Windows server Snow devices to collect & process
(Fully managed file storage built Family data at the edge, and migrate
Serv​‐ Desc​rip​tion
on Windows Server) & Lustre data into and out of AWS.
ice
(Fully managed high-p​erf​‐ Snow_Family
AWS S3 is the storehouse for the
ormance file system integrated
S3 internet i.e. object storage built to Clas​sif​ica​tion:
with S3). FSx_Windows
store & retrieve any amount of Object storage: S3
FSx_Lustre
data from anywhere S3 File storage servic​es: Elastic File System,
AWS Storage Gateway is a service FSx for Windows Servers & FSx for Lustre
AWS AWS Backup is an extern​all​y-a​‐
Storage which connects an on-pre​mises Block storage: EBS
Backup cce​ssible backup provider that
Gateway software appliance with cloud-​‐ Back​up: AWS Backup
makes it easier to align &
based storage. Data transf​er:
optimize the backup of data
Storage_Gateway Storage gateway --> 3 types: Tape, File,
across AWS services in the
Volume.
cloud. AWS_Backup
Transfer Family --> SFTP, FTPS, FTP.
Edge computing and storage and Snow
Family --> Snowcone, Snowball,
Snowmobile

Data​bases

Database Use Serv​‐ Desc​rip​‐

type cases ice tion

By irohitpawar Published 17th October, 2020. Sponsored by ApolloPad.com

Last updated 18th October, 2020. Everyone has a novel in them. Finish
Page 2 of 21. Yours!
https://apollopad.com
cheatography.com/irohitpawar/
 AWS Services Cheat Sheet
by irohitpawar via cheatography.com/127546/cs/24837/

Data​bases (cont) Data​bases (cont) Data​bases (cont)

Rela​‐ Tradit​ional Aurora, RDS is a In-m​‐ Caching, Elasti​Cache Elasti​Cache helps in Wide High Keyspaces
tio​‐ applic​‐ RDS, web emory session for setting up, managing, column scale (for Apache
nal ations, Redshift service that manage​‐ Memcached and scaling in-memory industrial Cassandra)
ERP, makes it ment, & Redis cache condit​ions. apps for
CRM, e- easier to gaming Memcached Redis equipment
commerce set up, leader​‐ mainte​‐
control, boards, nance,
and scale a geospatial fleet
relational applic​‐ manage​‐
database ations ment, and
in the Docu​‐ Content DocumentDB DocumentDB (with route
cloud. ment manage​‐ MongoDB compat​ibi​lity) optimi​‐
Aurora ment, is a quick, depend​able, zation
RDS catalogs, and fully-​managed
Redshift user database service that Graph Fraud Neptune
Key-​‐ High-t​‐ DynamoDB DynamoDB profiles makes it easy for you to detection,
value raffic web is a fully set up, operate, and social
apps, e- admini​‐ scale MongoD​B-c​omp​‐ networ​‐
commerce stered atible king,
systems, NoSQL databases.DocumentDB recomm​‐
gaming database end​ation
applic​‐ service that engines
ations offers quick
and reliable
perfor​‐
mance with
integrated
scalab​ility.
DynamoDB

By irohitpawar Published 17th October, 2020. Sponsored by ApolloPad.com

cheatography.com/irohitpawar/ Last updated 18th October, 2020. Everyone has a novel in them. Finish
Page 3 of 21. https://apollopad.com
 AWS Services Cheat Sheet
by irohitpawar via cheatography.com/127546/cs/24837/

Data​bases (cont) Data​bases (cont) Deve​loper Tools (cont)

Time IoT Timestream Timestream Ledger Systems Quantum QLDB is a CodeBuild CodeBuild is a fully
series applic​‐ is a fast, of Ledger fully managed service that
ations, scalable, record, Database managed assembles source
DevOps, and supply (QLDB) ledger code, runs unit tests, &
industrial serverless chain, database also generates
telemetry time series regist​‐ that artefacts ready to
database rat​ions, provides a deploy. CodeBuild
service for banking transp​‐ CodeGuru CodeGuru is a
IoT and transa​‐ arent, developer tool powered
operat​ional ctions immutable, by machine learning
applic​ations and that provides intell​igent
that makes crypto​gra​‐ recomm​end​ations for
it easy to phi​cally improving code quality
store and verifiable & identi​fying an applic​‐
analyze transa​ction ation’s most expensive
trillions of log ​owned lines of code.
events per by a CodeGuru
day. central
Cloud Cloud Develo​pment Kit
Timestream trusted
Develo​‐ (AWS CDK) is an open
authority.
pment Kit source software
QLDB
develo​pment
framework to define
Deve​loper Tools
cloud applic​ation
Serv​‐ Desc​rip​tion resources using familiar
ice progra​mming
Cloud9 Cloud9 is a cloud-​based IDE that languages. CDK
enables the user to write, run, and CodeCommit CodeCommit is a
debug code. Cloud9 version control service
CodeAr​ CodeAr​tifact is a fully managed that enables the user to
tifact artifact repository service that personally store &
makes it easy for organi​zations of manage Git archives in
any size to securely store, publish, the AWS cloud.
& share software packages used CodeCommit
in their software develo​pment
process. CodeArtifact

By irohitpawar Published 17th October, 2020. Sponsored by ApolloPad.com

Last updated 18th October, 2020. Everyone has a novel in them. Finish
Page 4 of 21. Yours!
https://apollopad.com
cheatography.com/irohitpawar/
 AWS Services Cheat Sheet
by irohitpawar via cheatography.com/127546/cs/24837/

Deve​loper Tools (cont) Migration & Transfer services Migration & Transfer services (cont)

CodeDeploy CodeDeploy is a fully Serv​ice Desc​rip​tion CloudE​‐ CloudE​ndure Migration simpli​‐

managed deployment Migration Build a data-d​riven business ndure fies, expedites, & reduces the
service that automates Evaluator case for AWS. ME Migration cost of cloud migration by
software deploy​ments to a offering a highly automated lift-
Migration Migration Hub provides a
variety of compute services &-shift solution. CloudEndure
Hub single location to track the
such as EC2, Fargate, VMware Refer compute section.
progress of app migrations
Lambda, & on-pre​mises Cloud on
across multiple AWS & partner
servers. CodeDeploy AWS
solutions. MigrationHub
CodePi​‐ CodePi​peline is a fully DataSync Refer storage section.
Applic​‐ Applic​ation Discovery Service
peline managed continuous
ation helps enterprise customers Transfer Refer storage section.
delivery service that helps
Discovery plan migration projects by Family
automate release pipelines
Service gathering inform​ation about Snow Refer storage section.
for fast & reliable app & infra
their on-pre​mises data centers. Family
updates. CodePipeline
ADS
CodeStar CodeStar enables to quickly
Server SMS is an agentless service Cost Management
develop, build, & deploy
Migration which makes it easier & faster
applic​ations on AWS. Use Capa​bil​‐ Serv​‐ Desc​rip​‐
Service to migrate thousands of on-
CodeStar cases ities ice tion
(SMS) pre​mises workloads to AWS.
CLI AWS CLI is a unified tool to SMS
manage AWS services &
Database DMS helps migrate databases
control multiple services
Migration to AWS quickly & securely.
from the command line &
Service DMS
automate them through
(DMS)
scripts. CLI
X-Ray X-Ray helps developers
analyze & debug produc​tion,
distri​buted applic​ations, such
as those built using a
micros​ervices archit​ecture.
X-Ray

By irohitpawar Published 17th October, 2020. Sponsored by ApolloPad.com

Last updated 18th October, 2020. Everyone has a novel in them. Finish
Page 5 of 21. Yours!
https://apollopad.com
cheatography.com/irohitpawar/
 AWS Services Cheat Sheet
by irohitpawar via cheatography.com/127546/cs/24837/

Cost Management (cont) Cost Management (cont) Cost Management (cont)

Organize Construct 1) Cost Cost Categories is Report Raise 1) Cost Cost & Usage Control Establish
cost Allocation a feature within awareness Explorer Report contains effective
allocation & Tags 2) AWS Cost & accoun​‐ 2) Cost the most compre​‐ governance
governance Cost Management tab​ility of & hensive set of mechanisms
foundation Categories product suite that your cloud Usage AWS cost & usage with the right
with your enables group cost spend with Report data available, guardrails in
own & usage inform​‐ the including additional place
tagging ation into detailed, metadata about
strategy meaningful allocable AWS services,
categories based cost data pricing, & reserv​‐
on needs. ations.
CostAllocationTags CostExplorer CUR
CostCategories Access Track 1) credits are applied
billing Consol​‐ to bills to help
inform​‐ idated cover costs that
ation Billing are associated
across the 2) with eligible
organi​‐ Credits services.
zation in a ConsolidatedBilling
consol​‐ Credits
idated
view

By irohitpawar Published 17th October, 2020. Sponsored by ApolloPad.com

cheatography.com/irohitpawar/ Last updated 18th October, 2020. Everyone has a novel in them. Finis
Page 6 of 21. https://apollopad.com
 AWS Services Cheat Sheet
by irohitpawar via cheatography.com/127546/cs/24837/

Cost Management (cont) Cost Management (cont) Cost Management (cont)

Forecast Estimate 1) Cost A forecast is a Purchase Leverage 1) Free RI provide a Rightsize Align
resource Explorer prediction of how free trials Tier 2) signif​icant service
utiliz​‐ (Self-​‐ much you will use & progra​‐ Reserved discount (up to allocation
ation & Ser​vice) AWS services over mmatic Instances 75%) compared to size to
spend 2) the forecast time discounts 3) Savings On-Demand actual
with Budgets period that you based on Plans 4) pricing. RI workload
forecast (Event​- selected, based on workload Spot FreeTier demand
dashbo​‐ Dr​iven) your past usage. pattern & Instances SavingsPlan
ards. Forecasting needs 5) SpotEC2
EventDrivenBudgets DynamoDB DynamoDBOD
Budget Keep 1) Budgets allows to On-
spend in Budgets set custom budgets demand
check 2) to track cost & Elasticity Scale & 1) Instance Trusted Advisor is
with Budget usage from the schedule Scheduler an online tool that
custom Alerts simplest to the most services 2) Redshift provides real time
budget via complex use cases. based on pause & guidance to help
threshold Chime Budgets expected resume 3) provision Inspect Stay up-to-
& auto & Slack BudgetAlerts utiliz​ation EC2 Auto resources date with
alert 3) ServiceCatalog pattern & Scaling 4) following AWS resource
notifi​‐ Service needs Trusted best practices. deployment
cation Catalog Advisor InstanceScheduler & cost
RedshiftP&R optimi​‐
EC2ASG zation
TrustedAdvisor opport​‐
unities

By irohitpawar Published 17th October, 2020. Sponsored by ApolloPad.com

cheatography.com/irohitpawar/ Last updated 18th October, 2020. Everyone has a novel in them. Fini
Page 7 of 21. https://apollopad.com
 AWS Services Cheat Sheet
by irohitpawar via cheatography.com/127546/cs/24837/

SDKs & Toolkits SDKs & Toolkits (cont) Netw​orking & Content Delivery (cont)

Serv​ice Desc​rip​tion Tools for developing Complete list of Connect Transit Transit Gateway
CDK CDK uses the famili​arity & and managing applic​‐ tools can be found VPCs and Gateway connects VPCs
expressive power of progra​‐ ations on AWS here: Tools on-pre​‐ & on-pre​mises
mming languages for mises networks through
modeling apps. CDK Netw​orking & Content Delivery networks a central hub.
through a This simplifies
Corretto Corretto is a no-cost, multip​‐ Use Func​tio​‐ Serv​ Desc​rip​‐
central hub network & puts
lat​form, produc​tio​n-ready cases nal​ity ice tion
an end to
distri​bution of the OpenJDK. Build a Define VPC VPC lets
complex peering
Corretto cloud and you
relati​ons​hips.
Crypto Crypto​graphy is hard to do network provision provision a
TransitGateway
Tools safely & correctly. The AWS a logically logically
Provide Privat​‐ Privat​eLink
Crypto Tools libraries are isolated isolated
private eLink provides private
designed to help everyone do network section of
connec​‐ connec​tivity
crypto​graphy right, even for your the AWS
tivity between VPCs &
without special expertise. AWS Cloud
between services hosted
Crypto Tools resources where you
VPCs, on AWS or on-
can launch
Serverless SAM is an open-s​ource
services, pre​mises,
AWS
Applic​‐ framework for building
and on- securely on the
resources
ation serverless applic​ations. It
pre​mises Amazon
in a virtual
Model provides shorthand syntax to
applic​‐ network.
network
(SAM) express functions, APIs,
ations PrivateLink
that you
databases, & event source
define.
mappings. SAM
VPC

By irohitpawar Published 17th October, 2020. Sponsored by ApolloPad.com

Last updated 18th October, 2020. Everyone has a novel in them. Finish
Page 8 of 21. Yours!
https://apollopad.com
cheatography.com/irohitpawar/
 AWS Services Cheat Sheet
by irohitpawar via cheatography.com/127546/cs/24837/

Netw​orking & Content Delivery (cont) Netw​orking & Content Delivery (cont) Netw​orking & Content
Delivery (cont)
Route Route 53 Route 53 is a highly Direct Global Global Accele​‐
users to available & scalable traffic Accele​ rator is a Protect WAF WAF is a
Internet cloud DNS web through rator networking your web applic​‐
applic​‐ service. Route53 the AWS service that web ation
ations with Global sends user’s applic​‐ firewall that
a network to traffic through ations helps
managed improve AWS’s global from protect your
DNS global network infras​tru​‐ common web applic​‐
service applic​‐ cture, improving web ations or
Scale Automa​‐ Elastic Elastic Load ation internet user exploits APIs
your tically Load Balancing automa​‐ perfor​‐ perfor​mance by against
network distribute Balancing tically distri​butes mance up to 60%. common
design traffic incoming applic​ation GlobalAccelerator web exploits
across a traffic across multiple Secure Safeguard Shield Shield is a that may
pool of targets, such as your applic​‐ managed Distri​‐ affect
resources, EC2's, contai​ners, IP network ations buted Denial of availa​bility,
such as addresses, & traffic running Service (DDoS) compromise
instances, Lambda functions. on AWS protection service security, or
contai​ners, ElasticLoadBalancing against that safeguards consume
IP DDoS applic​ations excessive
addresses, attacks running on AWS. resources.
and Shield WAF
Lambda
functions

By irohitpawar Published 17th October, 2020. Sponsored by ApolloPad.com

cheatography.com/irohitpawar/ Last updated 18th October, 2020. Everyone has a novel in them. Finish Yours!
Page 9 of 21. https://apollopad.com
 AWS Services Cheat Sheet
by irohitpawar via cheatography.com/127546/cs/24837/

Netw​orking & Content Delivery (cont) Netw​orking & Content Delivery Netw​orking & Content Delivery (cont)
(cont)
Centrally Firewall Firewall Content Securely CloudFront CloudFront
configure Manager Manager is a Create an (VPN) - Site-t​o-Site delivery deliver expedites
and security encrypted Site to VPN creates networks data, distri​bution
manage management connection Site a secure videos, of static &
firewall service between connection applic​‐ dynamic
rules which allows your between data ations, and web
to centrally network center or APIs to content.
configure & and your branch office customers CloudFront
manage Amazon & AWS cloud globally
firewall rules VPCs or resources. with low
across AWS site_to_site latency,
accounts & Transit and high
apps in AWS Gateways transfer
Organi​‐ Establish Direct Direct speeds
zation. link a private, Connect Connect is a Build a Provide App Mesh App Mesh
text dedicated cloud service network applic​ati​‐ makes it
Build a Connect (VPN) - VPN connection solution that for on-​level accessible
hybrid your Client solutions between makes it easy micros​‐ networking to guide &
IT users to establish AWS and to establish a ervices for control
network AWS or secure your dedicated archit​‐ containers micros​‐
on-pre​‐ connec​tions datace​‐ network ect​ures and ervices
mises between on- nter, connection micros​‐ operating on
resources pre​mises office, or from your ervices AWS.
using a networks, colocation premises to AppMesh
Virtual remote enviro​‐ AWS. Create, API API
Private offices, client nment DirectConnect maintain, Gateway Gateway
Network devices, & and allows the
the AWS secure user to
global APIs at design &
network. any scale expand their
VPN own REST
and
WebSocket
APIs at any
scale.
APIGateway

By irohitpawar Published 17th October, 2020. Sponsored by ApolloPad.com

cheatography.com/irohitpawar/ Last updated 18th October, 2020. Everyone has a novel in them. Finish Yours!
Page 10 of 21. https://apollopad.com
 AWS Services Cheat Sheet
by irohitpawar via cheatography.com/127546/cs/24837/

Netw​orking & Content Delivery (cont) Security, Identity, & Compliance (cont) Security, Identity, & Compliance
(cont)
Discover AWS Cloud Cloud Map permits Identity Cognito Cognito lets you
services Map the name & handles management add user sign- Simple, Resource Resource
connected to the cloud resources. for apps up, sign-in, & secure Access Access
your applic​ations CloudMap access control service to Manager Manager
to web & mobile share AWS (RAM) is a
Security, Identity, & Compliance apps quickly resources service
and easily. that
Cate​‐ Use Serv​ice Desc​rip​‐
Cognito enables
gory cases tion
Managed Directory AWS Managed you to
Identity Securely Identity & IAM is a
Microsoft Service Microsoft Active easily &
& manage Access web
Active Directory (AD) securely
access access to Management service
Directory enables your share AWS
manage​ services (IAM) for safely
direct​ory​-aware resources
ment and contro​‐
workloads & with any
resources lling
AWS resources AWS
access to
to use managed account or
AWS
Active Directory within
services.
(AD) in AWS. AWS
IAM
DirectoryService Organi​‐
Securely Single Sign- SSO zation.
manage On helps in RAM
access to simpli​‐
Central Organi​‐ Organi​‐
services fying,
governance zations zations
and managing
and helps you
resources SSO
management centrally
access to
across AWS govern
AWS
accounts your
accounts
enviro​‐
&
nment as
business
you grow
applic​‐
and scale
ations.
your
SSO
workloads
on AWS.
Orgs

By irohitpawar Published 17th October, 2020. Sponsored by ApolloPad.com

Last updated 18th October, 2020. Everyone has a novel in them. Finish
Page 11 of 21. Yours!
https://apollopad.com
cheatography.com/irohitpawar/
 AWS Services Cheat Sheet
by irohitpawar via cheatography.com/127546/cs/24837/

Security, Identity, & Compliance (cont) Security, Identity, & Compliance (cont) Security, Identity, & Compliance (cont)

Dete​ Unified Security Security Analyze Inspector Inspector is a Track user CloudTrail CloudTrail is
ction security Hub Hub gives a applic​‐ security vulner​‐ activity and a service
and compre​‐ ation ability API usage that enables
compliance hensive security assessment govern​ance,
center view of service compli​ance,
security improves the operat​ional
alerts & security & auditing, &
security compliance of risk auditing
posture the AWS of AWS
across AWS resources. account.
accounts. Inspector CloudTrail
SecurityHub Record Config Config is a Security IoT IoT Device
Managed GuardDuty GuardDuty and service that management Device Defender is
threat is a threat evaluate enables to for IoT Defender a fully
detection detection config​ura​‐ assess, audit, & devices managed
service service that tions of evaluate the service that
contin​‐ your AWS config​ura​tions helps secure
uously resources of AWS fleet of IoT
monitors for resources. devices.
malicious Config IoTDD
activity &
unauth​‐
orized
behavior to
protect
AWS
accounts,
workloads,
& data
stored in
S3.
GuardDuty

By irohitpawar Published 17th October, 2020. Sponsored by ApolloPad.com

Last updated 18th October, 2020. Everyone has a novel in them. Finish
Page 12 of 21. Yours!
https://apollopad.com
cheatography.com/irohitpawar/
 AWS Services Cheat Sheet
by irohitpawar via cheatography.com/127546/cs/24837/

Security, Identity, & Compliance (cont) Security, Identity, & Compliance (cont) Security, Identity, & Compliance (cont)

Infr​ast​‐ DDoS Shield Shield is a Filter Web WAF is a web Data Discover and Macie Macie is
ructure protection managed malicious Applic​‐ applic​ation protec​ protect your a fully
protec​‐ DDoS web traffic ation firewall that tion sensitive managed
tion protection Firewall helps protect data at scale data
service (WAF) web apps or (security
that APIs against &
safeguards common web privacy)
apps exploits that service
running. It may affect that uses
provides availa​bility, ML &
always-on compromise pattern
detection security, or matching
& consume to
automatic excessive discover
inline resources. WAF & protect
mitiga​tions Central Firewall Firewall sensitive
that management Manager Manager eases data.
minimize of firewall the user AWS Macie
applic​ation rules WAF admini​str​‐ Key storage Key KMS
downtime ation & mainte​‐ and Management makes it
& latency. nance activities management Service easy for
Shield over multiple (KMS) to create
accounts & &
resources. manage
FirewallManager crypto​‐
graphic
keys &
control
their use
across a
wide
range of
AWS
services
& in your
applic​‐
ations.
KMS

By irohitpawar Published 17th October, 2020. Sponsored by ApolloPad.com

cheatography.com/irohitpawar/ Last updated 18th October, 2020. Everyone has a novel in them. Finish Yours!
Page 13 of 21. https://apollopad.com
 AWS Services Cheat Sheet
by irohitpawar via cheatography.com/127546/cs/24837/

Security, Identity, & Compliance Security, Identity, & Compliance (cont) Security, Identity, & Compliance (cont)
(cont)
Rotate, Secrets Secrets Fast, CloudE​‐ Provides
Hardware CloudHSM CloudHSM manage, Manager Manager assist automated, ndure scalable,
based key is a and the user to cost- Disaster cost-e​ffe​‐
storage for cloud-​‐ retrieve safely encode, effective Recovery ctive
regulatory based secrets store, & recover disaster business
compliance hardware creden​tials for recovery continuity for
security any user’s physical,
module database & virtual, &
(HSM) that other services. cloud
enables SecretsManager servers.
you to Incident Invest​‐ Detective Detective makes CloudEndure
easily response igate it easy to Com No cost, Artifact Artifact is a
generate & potential analyze, invest​‐ p​lia​‐ self-s​ervice web service
use your security igate, & quickly nce portal for that enables
own issues identify the root on-demand the user to
encryption cause of access to download
keys. potential AWS’ AWS
CloudHSM security issues compliance security &
Provision, Certif​icate Certif​icate or suspicious reports compliance
manage, Manager Manager activi​ties. records.
and deploy is a Detective Artifact
public and service
private that easily Data Lakes & Analytics
SSL/TLS provision,
Cate​‐ Use Serv​‐ Desc​rip​tion
certif​icates manage, &
gory cases ice
deploy
public and
private
SSL/TLS
certs for
use with
AWS
services &
internal
connected
resources.
ACM

By irohitpawar Published 17th October, 2020. Sponsored by ApolloPad.com

cheatography.com/irohitpawar/ Last updated 18th October, 2020. Everyone has a novel in them. Finish Yours!
Page 14 of 21. https://apollopad.com
 AWS Services Cheat Sheet
by irohitpawar via cheatography.com/127546/cs/24837/

Data Lakes & Analytics (cont) Data Lakes & Analytics (cont) Data Lakes & Analytics (cont)

Anal​ Intera​ctive Athena Athena is Data Redshift The most popular & Operat​ional Elasti​‐ Elasti​csearch
ytics analytics an intera​‐ wareho​‐ fastest cloud data analytics csearch Service is a
ctive query using warehouse. Redshift Service fully managed
service that Real- Kinesis Kinesis makes it service that
makes it time easy to collect, makes it easy
easy to analytics process, & analyze to deploy,
analyze real-time, streaming secure, & run
data in S3 data so one can get Elasti​csearch
using timely insights. cost effect​ively
standard Kinesis at scale. ES
SQL. Dashboards Quicksight QuickSight is a
Athena & visual​iza​‐ fast, cloud-​‐
Big data EMR EMR is the tions powered
processing indust​ry-​‐ business intell​‐
leading igence service
cloud big that makes it
data easy to deliver
platform for insights to
processing everyone in
vast organi​zation.
amounts of QuickSight
data using
open source
tools such
as Apache
Spark, Hive,
HBase,​‐
Flink, Hudi,
& Presto.
EMR

By irohitpawar Published 17th October, 2020. Sponsored by ApolloPad.com

Last updated 18th October, 2020. Everyone has a novel in them. Finish
Page 15 of 21. Yours!
https://apollopad.com
cheatography.com/irohitpawar/
 AWS Services Cheat Sheet
by irohitpawar via cheatography.com/127546/cs/24837/

Data Lakes & Analytics (cont) Data Lakes & Analytics (cont) Data Lakes & Analytics (cont)

Data Real-time 1) MSK is a Data Object 1) S3 2) Lake Backup 1) S3 S3 Glacier &

movement data Amazon fully lake storage Lake Formation is a & Glacier 2) S3 Glacier
movement Managed managed Formation service that archive Backup Deep Archive
Streaming service makes it easy are a secure,
for that to set up a durable, &
Apache makes it secure data extremely low-
Kafka easy to lake in days. A cost S3 cloud
(MSK) 2) build & data lake is a storage
Kinesis run centra​lized, classes for
Data applic​‐ curated, & data archiving
Streams ations secured & long-term
3) Kinesis that use repository that backup.
Data Apache stores all data, S3Glacier
Firehose Kafka to both in its Data 1) Glue Refer as
4) Kinesis process original form & catalog 2)) Lake above.
Data streaming prepared for Formation
Analytics data. analysis. S3
Third-​‐ Data Data Exchange
5) Kinesis MSK LakeFormation
party Exchange makes it easy
Video KDS KDF
data to find,
Streams KDA KVS
subscribe to, &
6) Glue Glue
use third-​party
data in the
cloud.
DataExchange

By irohitpawar Published 17th October, 2020. Sponsored by ApolloPad.com

Last updated 18th October, 2020. Everyone has a novel in them. Finish
Page 16 of 21. Yours!
https://apollopad.com
cheatography.com/irohitpawar/
 AWS Services Cheat Sheet
by irohitpawar via cheatography.com/127546/cs/24837/

Data Lakes & Analytics (cont) Data Lakes & Analytics (cont) Containers (cont)

Pred​‐ Frameworks Deep Deep Learning Platform SageMaker SageMaker Run Fargate Fargate is a
ictive & interfaces Learning AMIs provide services is a fully containers serverless
analytics AMIs machine learning managed without compute
&& practi​tioners & service that managing engine for
machine resear​chers with provides servers containers that
learning the infras​tru​cture & every works with
tools to accelerate developer both ECS &
deep learning in & data EKS. Fargate
the cloud, at any scientist Run EC2 Refer compute
scale. with the containers section
DeepLearningAMIs ability to with
build, train, server​-
& deploy level
machine control
learning
Contai​‐ App2Co​ App2Co​ntainer
(ML)
nerize and ntainer (A2C) is a
models
migrate comman​d-line
quickly.
existing tool for
SageMaker
applic​‐ modern​izing
ations .NET & Java
Containers
applic​ations
Use cases Serv​ Desc​‐ into contai​‐
ice rip​tion nerized applic​‐
Store, encrypt, ECR Refer ations.
and manage compute App2Container
container images section Quickly Copilot Copilot is a
Run contai​nerized ECS Refer launch command line
applic​ations or compute and interface (CLI)
build micros​‐ section manage that enables
ervices contai​‐ customers to
nerized quickly launch
Manage EKS Refer
applic​‐ & easily
containers with compute
ations manage
Kubernetes section
contai​nerized
applic​ations on
AWS. Copilot

By irohitpawar Published 17th October, 2020. Sponsored by ApolloPad.com

Last updated 18th October, 2020. Everyone has a novel in them. Finish
Page 17 of 21. Yours!
https://apollopad.com
cheatography.com/irohitpawar/
 AWS Services Cheat Sheet
by irohitpawar via cheatography.com/127546/cs/24837/

Serverless Serverless (cont) Serverless (cont)

Cate​‐ Serv​ice Desc​rip​tion Aurora Aurora Serverless is Appl​‐ SNS SNS is a fully
gory Serverless an on-demand, auto- ication managed messaging
Comp​ Lambda Lambda lets s​caling config​uration integr​‐ service for both
ute you run code for Amazon Aurora ation system​-to​-system &
without provis​‐ (MySQL & Postgr​‐ app-to​-person (A2P)
ioning or eSQ​L-c​omp​atible commun​ica​tion.
managing editions), where the SQS SQS is a fully
servers. You database will managed message
pay only for the automa​tically start queuing service that
compute time up, shut down, & enables to decouple
you consume. scale capacity up or & scale micros​erv​‐
down based on your ices, distri​buted
Lambda@Edge Lambda​@Edge
applic​ation's needs. systems, & serverless
is a feature of
Amazon RDS RDS Proxy is a fully applic​ations.
CloudFront that Proxy managed, highly AppSync AppSync is a fully
lets you run available database managed service that
code closer to proxy for RDS that makes it easy to
users of your makes applic​ations develop GraphQL
applic​ation, more scalable, APIs by handling the
which improves resilient to database heavy lifting of
perfor​mance & failures, & more securely connecting
reduces secure. to data sources like
latency. API API API Gateway is a AWS DynamoDB,
Fargate Refer Proxy Gateway fully managed Lambda.
containers service that makes it
section easy for developers
to create, publish,
Stor​‐ S3 Refer storage
maintain, monitor, &
age section
secure APIs at any
EFS Refer storage
scale.
section
Data DynamoDB DynamoDB is a
stores key-value &
document
database that
delivers single​-
digit millis​econd
perfor​mance at
any scale.

By irohitpawar Published 17th October, 2020. Sponsored by ApolloPad.com

Last updated 18th October, 2020. Everyone has a novel in them. Finish
Page 18 of 21. Yours!
https://apollopad.com
cheatography.com/irohitpawar/
 AWS Services Cheat Sheet
by irohitpawar via cheatography.com/127546/cs/24837/

Serverless (cont) Applic​ation Integr​ation Applic​ation Integr​ation (cont)

EventBridge EventB​ridge is a Cate​‐ Serv​ice Desc​rip​tion Event EventBridge Build an event-​‐

serverless event bus gory bus driven archit​ecture
that makes it easy to Mess​‐ SNS Reliable high that connects
connect applic​ations aging throughput applic​ation data
together using data pub/sub, SMS, from your own
from apps, email, and mobile apps, SaaS, &
integrated SaaS push notifi​cations AWS services
apps, & AWS AppFlow Automate the flow
SQS Message queue
services. of data between
that sends, stores,
Orch​ Step Step Functions is a and receives SaaS applic​ations
est​‐ Functions serverless function messages between & AWS services at
rat​‐ orches​trator that applic​ation nearly any scale,
ion makes it easy to components at any without code.
sequence Lambda volume
functions & multiple Management & Governance
MQ Message broker for
AWS services into
Apache ActiveMQ Cate​‐ Serv​‐ Desc​rip​tion
busine​ss-​cri​tical
that makes gory ice
applic​ations.
migration easy and Enable Control The easiest way to set
Anal​ Kinesis Kinesis makes it enables hybrid Tower up and govern a new,
ytics easy to collect, archit​ectures secure multi-​account
process, & analyze
Work​‐ Step Coordinate multiple AWS enviro​nment.
real-time, streaming
flows Functions AWS services into ControlTower
data so one can get
serverless Organi​ Organi​zations helps
timely insights.
workflows so you zations centrally govern enviro​‐
Athena Athena is an intera​‐ can build and nment as you grow &
ctive query service update apps scale workloads on
that makes it easy to quickly AWS Organizations
analyze data in
API API Create, publish, Well- Well-A​rch​itected Tool
Amazon S3 using
manage​ Gateway maintain, monitor, A​rch​‐ helps review the state
standard SQL.
ment & secure APIs at itected of workloads &
any scale for Tool compares them to the
serverless latest AWS archit​‐
workloads & web ectural best practices.
apps WATool
AppSync Create a flexible
API to securely
access, manipu​‐
late, & combine
data from one or
more data sources

By irohitpawar Published 17th October, 2020. Sponsored by ApolloPad.com

Last updated 18th October, 2020. Everyone has a novel in them. Finish
Page 19 of 21. Yours!
https://apollopad.com
cheatography.com/irohitpawar/
 AWS Services Cheat Sheet
by irohitpawar via cheatography.com/127546/cs/24837/

Management & Governance (cont) Management & Governance (cont) Management & Governance (cont)

Budgets Budgets allows to set OpsWorks OpsWorks presents Systems Systems Manager to plan,
custom budgets to track a simple and flexible Manager proctor, & automate admini​str​‐
cost & usage from the way to create and ation tasks on the AWS
simplest to the most maintain stacks and resources. SystemsManager
complex use cases. applic​ations. Cost & Refer cost management
Budgets OpsWorks usage section
License License Manager Market​place Market​place is a report
Manager makes it easier to digital catalog with Cost Refer cost management
manage software thousands of explorer section
licenses from software software listings
Managed Operate your AWS infras​tru​‐
vendors such as from indepe​ndent
Services cture on your behalf.
Microsoft, SAP, Oracle, software vendors
ManagedServices
& IBM across AWS & that make it easy to
X Ray X-Ray
on-pre​mises enviro​‐ find, test, buy, &
nments. deploy software that
Recommend security best practices
LicenseManager runs on AWS.
Prov​ CloudF​‐ CloudF​orm​ation Marketplace Turn on multif​actor authen​tic​ation for the
ision orm​ation enables the user to Oper​ CloudWatch CloudWatch offers a “root” account
design & provision AWS ate reliable, scalable, & Turn on CloudTrail log file valida​tion.
infras​tru​cture deploy​‐ flexible monitoring Enable CloudTrail multi-​region logging.
ments predic​tably & solution that can
Integrate CloudTrail with CloudW​atch.
repeat​edly. easily start.
Enable access logging for CloudTrail S3
CloudFormation CloudWatch
buckets.
Service Service Catalog allows CloudTrail CloudTrail is a
Enable access logging for Elastic Load
Catalog organi​zations to create service that enables
Balancer (ELB).
& manage catalogs of govern​ance, compli​‐
IT services that are ance, operat​ional Enable Redshift audit logging.
approved for use on auditing, & risk Enable Virtual Private Cloud (VPC) flow
AWS. ServiceCatalog auditing of AWS logging.
account. CloudTrail
Require multif​actor authen​tic​ation (MFA) to
Config Config delete CloudTrail buckets
Enable CloudTrail logging across all AWS.
Turn on multi-​factor authen​tic​ation for IAM
users.
Enable IAM users for multi-mode access.
Attach IAM policies to groups or roles

By irohitpawar Published 17th October, 2020. Sponsored by ApolloPad.com

Last updated 18th October, 2020. Everyone has a novel in them. Finish
Page 20 of 21. Yours!
https://apollopad.com
cheatography.com/irohitpawar/
 AWS Services Cheat Sheet
by irohitpawar via cheatography.com/127546/cs/24837/

Recommend security best practices Recommend security best practices

(cont) (cont)

Rotate IAM access keys regularly, and Minimize the number of discrete security
standa​rdize on the selected number of days groups.
Set up a strict password policy. Reduce number of IAM groups.
Set the password expiration period to 90 Terminate unused access keys
days and prevent reuseC​ustomer Visual​‐ Disable access for inactive or unused IAM
force pages with standard headers users
Don’t use expired SSL/TLS certif​icates Remove unused IAM access keys
User HTTPS for CloudFront distri​butions Delete unused SSH Public Keys
Restrict access to CloudTrail bucket. Restrict access to AMIs.
Encrypt CloudTrail log files at rest Restrict access to EC2 security groups.
Encrypt Elastic Block Store (EBS) database. Restrict access to RDS instances.
Provision access to resources using IAM Restrict access to Redshift clusters.
roles.
Restrict outbound access.
Ensure EC2 security groups don’t have
Disallow unrest​ricted ingress access on
large ranges of ports open
uncommon ports.
Configure EC2 security groups to restrict
Restrict access to well-known ports such as
inbound access to EC2.
CIFS, FTP, ICMP, SMTP, SSH, Remote
Avoid using root user accounts. desktop
Use secure SSL ciphers when connecting Inventory & categorize all existing custom
between the client and ELB. apps by the types of data stored,
Use secure SSL versions when connecting compliance requir​ements & possible threats
between client and ELB. they face.
Use a standard naming (tagging) Involve IT security throughout the develo​‐
convention for EC2. pment process.
Encrypt RDS. Grant the fewest privileges as possible for
Ensure access keys are not being used with applic​ation users
root accounts. Enforce a single set of data loss prevention
Use secure CloudFront SSL versions. policies across custom applic​ations and all
other cloud services.
Enable the requir​e_ssl parameter in all
Redshift clusters. Encrypt highly sensitive data such as
protected health inform​ation (PHI) or
Rotate SSH keys period​ically.
personally identi​fiable inform​ation (PII).

By irohitpawar Published 17th October, 2020. Sponsored by ApolloPad.com

Last updated 18th October, 2020. Everyone has a novel in them. Finish
Page 21 of 21. Yours!
https://apollopad.com
cheatography.com/irohitpawar/