(PART 2) In the previous blog post, I covered the first 15 services listed below. This blog post is in continuation of the previous blog.
Do you agree with this list? What would you add or remove? Please comment below.
Networking and Content Delivery
- Amazon CloudFront – global content delivery network (CDN)
- Securely delivers content with low latency and high transfer speeds to users across the globe. This service co-resides near the edge caching networking locations of the users.
- Caches and serves static and dynamic content.
- Example Use Case – Deliver fast, secure websites with built in data compressions and field level encryption.
- Amazon Route 53 – scalable domain name system (DNS)
- Routes end users to your internet applications running on AWS or on-premises with globally dispersed DNS servers with automatic scaling.
- Monitors the health and performance of you application as well as web servers and other resources.
- Example Use Case – Reliable and secure traffic management by routing users to the best endpoint for your application based on proximity, latency, health, etc.
- Amazon Virtual Private Cloud (VPC) – launch AWS resources in logically isolated virtual network
- Provides a dedicated network inside an AWS account to help you define when and how different applications can access, retrieve data or make outbound calls.
- Provides complete control over your virtual networking environment, including selection of IP address range, creation of subnets and configuration of route tables and network gateways.
- Example Use Case – Improve security posture by enforcing rules on inbound and outbound connections.
- Amazon Elastic Load Balancing (ELB) – distribute network traffic to various targets
- Automatically distributes incoming application traffic across multiple targets and virtual appliances in one or more Availability Zones.
- Adds or removes machines according to spike in incoming traffic. Monitors the health of each of your services behind the load balancer.
- Example Use Case – Load balance across AWS and on-premises resources using single load balancer.
- Amazon API Gateway – build, deploy and manage APIs
- Fully managed service that handles all the requests involved in accepting and processing thousands of API calls to access data or business logic from your backend services.
- Supports containerized and serverless workloads, as well as web applications.
- Supports authentication, access control, monitoring and tracing of API requests.
- Example Use Case – Build serverless HTTP APIs wherein API Gateway acts as your API server, managing the schema of your HTTP API and handling authentication and throttling.
Management and Governance
- AWS CloudFormation – create and manage resources with templates
- Model, provision and manage AWS and third-party resources by treating infrastructure as code.
- Template describes your resources and its dependencies so you can launch and configure them together as a stack.
- Example Use Case – Manage infrastructure with DevOps: Automate, test and deploy infrastructure templates with continuous delivery (CI/CD) automations.
- AWS Auto Scaling – application scaling to optimize performance and costs
- Manages scaling for multiple resources across multiple services.
- Monitors your applications and automatically adjusts capacity to maintain steady, predictable performance.
- Provides a simple GUI to build scaling plans for resources including EC2, ECS, DynamoDB tables and indexes, and Amazon Aurora replicas.
- Example Use Case – An e-commerce web application that receives variable traffic through the day.
- Amazon CloudWatch – monitor resources and applications
- Collects and visualizes real-time logs, metrics and event data in automated dashboards.
- Monitors applications, responds to performance changes, optimizes resource use, and provides insights into operational health.
- Provides visibility into system-wide performance and allows users to set alarms, automatically react to changes, and gain a unified view of operational health.
- Example Use Case – Visualize performance data, create alarms and correlate data to understand and resolve the root cause of performance issues in your AWS resources.
- AWS Config – track resources inventory and changes
- Continually assess, monitor and record resource configuration changes to simplify change management.
- Check resource compliance with custom and managed AWS config rules before and after provisioning.
- Example Use Case – Operational troubleshooting and change management.
- AWS CloudTrail – track user activity and API changes
- Monitors and records user activity and API calls across your AWS infrastructure as events.
- Enables auditing, security monitoring, and operational troubleshooting. View recent events in the AWS CloudTrail console.
- Example Use Case – Store audit worthy events for seven years and validate activity events for authenticity. Easily generate audit reports required by internal policies and external regulations.
Security, Identity, & Compliance
- AWS Identity and Access Management (IAM) – who or what can access services and resources in AWS.
- Allows admins to manage AWS users and groups across single AWS accounts or centrally connect identities to multiple AWS accounts.
- Generate least-privilege policies, verify external and unused access to resources and continually analyze to rightsize permissions.
- Example Use Case – Create granular permissions based on user attributes – such as department, job role and team name – by using attribute-based access control.
- Amazon Cognito – identity management for your apps
- Provides fully managed user authentication and authorization capabilities for web and mobile applications. Allows users to register and sign-in to your applications.
- Federate sign-in by using OpenID Connect or SAML 2.0 and connect to AWS services and resources.
- Example Use Case – Allows customers to sign in directly, or through social or enterprise identity providers, to a hosted UI with your branding.
- AWS Key Management Service (KMS) – create and control keys used to encrypt or digitally sign your data
- Create, manage, and control cryptographic keys across your applications and AWS services.
- Your KMS keys never leave AWS FIPS 140-validated HSMs unencrypted and you control who can access and control them.
- Automate monitoring to receive event alerts and audit who used which keys, on which resources and when.
- Example Use Case – Activate server-side encryption with AWS KMS using KMS keys to encrypt data at test.
- AWS IAM Identity Center – manage single sign-on access to multiple AWS accounts and applications
- It is the recommended approach for workforce authentication and authorization on AWS for organizations of any size and type.
- Allows you to enforce MFA for all users, including the requirement for the users to set up MFA devices during sign-in.
- Example Use Case – Configure single sign-on access to applications that support SAML 2.0. It provides preconfigured settings for many cloud applications, including Salesforce and Microsoft 365.
- AWS Security Hub – automate AWS security checks and centralize security alerts
- Automate security best practice checks, aggregate security alerts into a single place and format.
- Understand and visualize overall security posture across all of your AWS accounts.
- Supports industry recognized security standards including CIS AWS Foundations Benchmark and Payment Card Industry Data Security Standard (PCI DSS).
- Example Use Case – Search, correlate, aggregate and fine-tune diverse security findings by accounts and resources as well as visualize findings in the Security Hub dashboard.