SAA C03 - Service Summary

Chandra Lingam, Compute With Cloud Inc

AWS SAA C03 Exam Guide Appendix section has a list of services. This is a brief description of some of
the services and their purpose. Only basic knowledge about these services is needed for the exam.
Other more important services are covered in depth in the course.

Network Firewall
The Network Firewall is an Intrusion prevention system (IPS) that actively monitors and blocks suspicious
traffic to and from all your VPCs

This is a Stateful Firewall

Using Firewall Manager, you can centrally manage and apply mandatory security policies across newly
created accounts and VPCs

However, this service by itself does not mitigate volumetric attacks like DDoS. To protect from DDoS, use
a service like AWS Shield Advanced (managed DDoS Protection)

https://aws.amazon.com/network-firewall/faqs/

AWS Transfer Family

AWS Transfer Family is a managed file transfer service

You can transfer files using SFTP, FTP, FTPS, and AS2 Protocols into and out of AWS Storage Services like
S3 and EFS

Supports Multiple user authentication methods (LDAP, Active Directory, or custom credentials)

Support for regulated data like PCI, HIPAA, PII

AWS Wavelength
AWS Wavelength is a mobile edge computing infrastructure where EC2 and Storage services are
embedded within Communication Service Providers 5G networks (called Wavelength Zones)

Application traffic from 5G devices reach application servers running in Wavelength zones without
leaving the telecommunication network.

This avoids the latency that would result from application traffic traversing multiple hops across the
internet to reach its destination, which allows customers to take full advantage of the latency and
bandwidth benefits offered by modern 5G networks

Examples of applications that can benefit from Wavelength are IoT devices, game streaming,
autonomous vehicles, and live streaming

AWS Outposts
Using AWS Outpost, you can host AWS services inside your on-premises data center
This option is suitable for customers who want a low-latency cloud service in their on-premises data
center

For example, consider a hospital IT system

If you host the application in the cloud, there may be increased network latency and possible disruption
if connectivity goes down

For these mission-critical and latency-sensitive use cases, you can use outpost to bring cloud inside the
hospital data center

AWS Local Zones

AWS Local Zones are additional AWS locations closer to large populations and industries.

You run latency sensitive applications in local zones and keep them closer to end users.

For example, you can run video rendering and graphics intensive, virtual desktop applications in local
zones to minimize latency

AWS Local Zones are also connected to the parent region via Amazon’s redundant and very high
bandwidth private network, giving applications running in AWS Local Zones fast, secure, and seamless
access to the rest of AWS services

Local Zones are designed to bring the core services needed for the latency sensitive portions of your
workload closer to end-users, while Availability Zones provide access to the full array of AWS services

ECS Anywhere
Using ECS Anywhere, you can run and manage container workloads in your on-premises servers and
other cloud providers

So, you can use familiar ECS capabilities such as cluster management, workload management, and
monitoring no matter where you run your containers

AWS Cloud Map

Cloud Map provides a single registry for all your application services which you can define with custom
names.

This ensures that your development teams don’t have to constantly store, track, and update resource
name and location information or make changes directly within the application code.

You can give custom names for your ECS Tasks, EC2 instances, S3 buckets, DynamoDB tables, SQS
queues and more

AWS Data Exchange

AWS Data Exchange is a comprehensive collection of third-party datasets

Data is available as

- Files in S3
- Redshift Queries
o query data directly from vendor's databases
 o no need for ETL - data is ready for analysis
o access latest data with automatic refresh
- APIs
o Synchronous APIs for frequent retrieval of small data
o Downloadable SDKs and documentation

Data Exchange provides consolidated billing and subscription management

It currently has 3000+ data sets from 250+ data providers

Over 1000 free data sets

Here are some example datasets,

- Top US Businesses by revenue

- Satellite imagery
- Weather - historical and future trajectories
- Map - street-level imagery and foot traffic patterns
- Automotive supply chain dataset
- EV Charging Station Locations in US and Canada
- Global Supply Chain relationships
- Salesforce users in the UK

AI Services
- Amazon Polly - converts text to speech
- Amazon Transcribe - convert speech to text
- Amazon Translate - translate text from one language to another
- Amazon Comprehend - Natural language processing. Used for Sentiment analysis, parsing medical
data (Comprehend medical) to identify Personally identifiable information, and so forth
- Amazon Rekognition - Analyze images and videos
- Amazon Textract - extract text and structured data such as text, tables, and forms from
documents such as PDFs, Images
- Augmented AI (A2I) - add humans in the loop to the review low confidence machine learning
predictions to ensure accuracy and compliance of sensitive data (for example, humans review
loan decisions to ensure there is no bias)
- Amazon Lex – Use this service to build chatbots (Alexa is built using this service)
- Amazon Forecast – used for time-series forecasting. For example, how much stock to maintain in
a particular store
- Amazon Fraud detector - detect online frauds with machine learning. For example, this service
can flag suspicious online payments, detect new account fraud and incorporate additional
verification steps, account takeover detection, and so forth
- Amazon Kendra – Intelligent search service for your enterprise data and applications. It is
powered by Machine Learning and supports natural language interaction and questions
- Amazon SageMaker – Build, train and deploy Machine Learning models for any use case with fully
managed infrastructure, tools, and workflow

https://aws.amazon.com/machine-learning/ai-services/
AWS Batch
AWS Batch is useful for running non-interactive programs without any manual intervention. For
example, ETL jobs, Machine Learning training jobs, media transcoding, and animation tasks

AWS Batch handles job execution and provisions the required compute resources

Batch uses docker containers to package the job and run them. There are two ways to run the jobs –
using Fargate or EC2

It also supports spots and on-demand purchasing options

https://aws.amazon.com/batch/faqs/?nc=sn&loc=5

Amazon EMR
Using Amazon EMR, we can run Apache Spark, Hive, Presto, and other big data workloads

AWS manages the cluster, and you can configure Scaling Policies to scale out and scale in

Amazon EMR supports flexible data stores

- S3 integration with EMR FS

- HDFS
- DynamoDB
- Redshift
- Glacier
- RDS

https://aws.amazon.com/emr/features/

Data Pipeline
Data Pipeline is a Managed ETL Service

Read data, transform, and store results in S3, RDS, DynamoDB, EMR

Create data processing workloads that are fault-tolerant, repeatable, and highly available

Lake Formation
Lake Formation Helps you build a secure data lake

It can import data from existing databases in AWS (RDS, EC2, Oracle, SQL Server...)

Support for import from other databases using JDBC

Support for import of data files in S3, Logs from other AWS Services such as CloudTrail, ELB, VPC,
Detailed Billing Reports

It supports both bulk and incremental loading

Transform data to columnar formats like Parquet, ORC

Create custom transform jobs with Glue and Apache Spark

https://aws.amazon.com/lake-formation/features/
Amazon AppFlow
AppFlow is no code solution to automate data flow by securely integrating third-party applications and
AWS services

Securely transfer data from SaaS applications like Salesforce, SAP, Zendesk, Slack, and ServiceNow

AWS AppSync
Using AppSync, we can accelerate application development with serverless GraphQL and Pub/Sub APIs

GraphQL is a query language for APIs and a runtime for fulfilling those queries with your existing data

GraphQL provides a complete and understandable description of data in your API

It gives the power to clients to ask for exactly what they need.

While typical REST APIs require loading from multiple URLs, GraphQL APIs get all the data your app
needs in a single request.

Pub/Sub APIs make it easy to deliver real-time data to subscribed API clients by automatically publishing
data updates using WebSocket

https://graphql.org/

VMware Cloud on AWS

Migrate your on-premises VMware vSphere workload to the cloud. Simplify disaster recovery solutions.
Leverage VMware disaster recovery technologies

AWS Amplify
Using AWS Amplify, you can build full-stack web and mobile apps. Host static websites, single-page web
apps, and server-side rendered apps

AWS Device Farm

AWS Device Farm is an application testing service that lets you improve the quality of your web and
mobile apps by testing them across an extensive range of desktop browsers and real mobile devices;
without having to provision and manage any testing infrastructure

The service enables you to run your tests concurrently on multiple desktop browsers or real devices to
speed up the execution of your test suite and generates videos and logs to help you quickly identify
issues with your app

Amazon Pinpoint
Pinpoint is a multichannel marketing communication service

You can deliver messages through email, SMS, voicemail, or push notification

Support for transactional messages such as one-time passwords, purchase confirmations, or shipping
notifications

You can also receive SMS messages from customers. For example, in response to a doctor appointment
reminder, the customer can reply and confirm the appointment
In addition, you can also use this service for bulk communication to broadcast messages

Amazon Compute Optimizer

Amazon Compute Optimizer helps you identify the optimal AWS resource configurations such as
Instance types, EBS volume configurations, and Lambda function memory size and provides actionable
recommendations

The Cost explorer and compute optimizer use the same recommendation engine. However, cost
explorer provides a subset of these recommendations with a focus on saving cost, whereas the compute
optimizer provides all recommendations

https://aws.amazon.com/compute-optimizer/faqs/

AWS License Manager

License Manager makes it easier to manage your software licenses from vendors such as Microsoft, SAP,
Oracle, and IBM across AWS and on-premises environments

License Manager lets administrators create customized licensing rules that mirror the terms of their
licensing agreements (including the use of dedicated hosts)

You can gain control and visibility of all licenses using the license manager dashboard

Reduce risks of non-compliance, misreporting, and additional charges due to licensing overages

It also supports integration with licenses purchased via the aws marketplace

Amazon Managed Grafana

Amazon Managed Grafana is an open-source analytics platform to query, visualize, and understand your
metrics

With Amazon Managed Grafana, you can analyze metrics, logs, and traces without having to provision
servers and associated maintenance work

Unify your data (with visuals), not your database

Amazon-managed Grafana natively integrates with data sources such as CloudWatch, Elasticsearch
(OpenSearch), X-Ray, Time Stream, and so forth

https://grafana.com/grafana/

https://aws.amazon.com/grafana/

Amazon Managed Service for Prometheus

The Cloud Native Computing Foundation's Prometheus project is a popular open-source monitoring and
alerting solution optimized for container environments.

The service is integrated with Amazon Elastic Kubernetes Service (Amazon EKS), Amazon Elastic
Container Service (Amazon ECS), and AWS Distro for OpenTelemetry.

"Prometheus collects rich metrics and provides a powerful querying language; Grafana transforms
metrics into meaningful visualizations. Both are compatible with many, if not most, data source types."
https://www.opsramp.com/guides/prometheus-monitoring/prometheus-vs-grafana/

"Prometheus and Grafana are both built for time-series data. Prometheus excels in metric data
collection, whereas Grafana champions metric visualizations. Both tools are open source, free, and have
vibrant communities of open-source developers supporting their development. A combination of
Prometheus and Grafana can achieve favorable results, especially in microservices and container-based
systems and applications."

https://www.techtarget.com/searchitoperations/tip/Consider-Grafana-vs-Prometheus-for-your-time-
series-tools

https://aws.amazon.com/prometheus/

AWS Proton
AWS Proton is an Infrastructure as Code (IaC) deployment workflow tool.

With Proton, you provision environments and then configure services running in those environments

Environments and services are based on environment templates and service templates that you choose
in your AWS Proton versioned template library

Infrastructure provisioning is done with either CloudFormation or TerraForm

https://docs.aws.amazon.com/proton/latest/userguide/ag-works.html

AWS Well-Architected Tool

AWS Well-Architected Tool is a self-service review of your application architecture

This tool provides feedback on best practices and architectural guidance based on the well-architected
framework

To use this tool, you have to answer a series of foundational questions, and it identifies a list of issues
found in your workloads and step-by-step guidance to make improvements

Amazon Elastic Transcoder

Amazon Elastic Transcoder is a media transcoding service in the cloud to convert media files from their
source format into versions that will playback on devices like smartphones, tablets, and PCs

AWS Application Discovery Service

Enterprise customers can use the Application Discovery Service to inventory their on-premises server

AWS Migration Hub

The data collected by AWS Application Discovery Service is available in the Migration Hub

With Migration Hub, you can migrate the discovered servers and track their progress as they get
migrated to AWS

Migration Hub provides centralized tracking along with predefined workflow templates. The workflow is
recommended by this tool based on AWS experience migrating similar applications
AWS Server Migration Service
AWS Server Migration Service helps in migrating on-premises VMWare and Hyper-V-based virtualization
workloads

This service creates Amazon Machine Image using the on-premises image that you can use to launch EC2
instances in AWS

AWS Database Migration Service (DMS)

Database and data migration can be one of the most challenging aspects of migrating to the cloud

To help with this, AWS has a database migration service

You can use this service for migrating data from your source database to a target database running on
RDS or EC2 instances

You can use this service to do a one-time migration of data

You can also do a continuous data replication where all changes in the source are applied in a
transactionally consistent way to the target database

This service allows data migration from on-premises to AWS and reverses when you want to replicate
from AWS to on-premises.

DMS supports both Homogeneous and Heterogeneous migration. So, you could migrate between the
same database products such as Oracle to Oracle

or even across different database products such as Oracle to Amazon Aurora.

AWS Artifact
AWS Artifact is a self-service portal to access AWS compliance reports

For example, you can access Service Organization Control (SOC) reports, Payment Card Industry (PCI)
reports, and certifications from accreditation bodies across geographies and compliance verticals that
validate the implementation and operating effectiveness of AWS security controls

All agreements that you sign with AWS are also managed using AWS Artifact

AWS Audit Manager

AWS Audit Manager helps you continuously audit your AWS usage to simplify how you assess risk and
compliance with regulations and industry standards

AWS Audit Manager's prebuilt frameworks help translate evidence from cloud services into auditor-
friendly reports by mapping your AWS resources to the requirements in industry standards or
regulations, such as CIS AWS Foundations Benchmark, the General Data Protection Regulation (GDPR),
and the Payment Card Industry Data Security Standard (PCI DSS)

https://aws.amazon.com/audit-manager/