Created by: Filipe Braga linkedin.

com/in/filbraga/
Management & Governance Performance
Advanced technologies, Global in minutes, SLS architectures, Experiment more often, Mechanical sympathy Developer Tools
Efficiency Security OF the Cloud Sared Responsibility Security IN the Cloud
Operations as code, Document code, Make frequent, small, reversible changes, Refine operations, Learn from and Anticipate failure
Organizations EC2 patches and updates, firewall, IA
Apply
Test recovery, automatically recover from failure, scale horizontally, stop guessing capacity, automate changes to infrastructure Infrastructure (Hardware, facilities, network Patch Managemen
Encrypting application data (client and server side
CodeCommit
Operational Pay only for what you use, measure efficiency, analyze expenses Managed Services (S3, Dynamo, RDS) Configuration Managemen
Users (also root Customer dat
Excellence Traceability, Layers, Protect data Awareness & Training
(SCP)
Roles
Networking traffic protection
Understand Impact, Reduce amout of energy
Service Control Don’t Apply:

• Master Acc
Stateless, subnet rules for
aaaaaa Policies
Reliability network traffic logs fixed public IPv4 inbound and outbound
Give internet access to private subnets
AWS Partner Network (APN)
Security, Identity, & Compliance Git Repo
Security Tools Audit:
“My Advisor is PerFaCSS” “Well PORCSS architecture” private access to provide Internet Access Consulting Partners are professional services firms
Root User privileges
Insight
Connect two VPC Network that help customers to migrate to AWS cloud Credentials Report (Account)
Cost AWS Services
& checklist
Per

Trusted Advisor Well-Archtected

P
Optimization
Address Technology Partners provide hardware, connectivity, or
software solutions hosted or integrated w/ AWS
Access Advisor (User)
(STS: AWS Abuse CodeBuild
NACL Translation
Fa
O

Access
Temporary
R

Security Keys Token credentials) Report suspected

S
C
AWS resources
S
U2F=USB
S Review your used for abusive or
Checklist architectures S Sustainability Roles
AWS Services
Virtual illegal purposes
Build & test
resource change hist
Compute Hardware
site that CloudFront uses to
Health Dashboard Config cache copies of the content for IAM Shield WAF CDK CodeDeploy
= + + + + + +
Set of rules that determine where

provision
faster delivery to users at any
User data

IaaC
network traffic from your subnet
Instance Type
Network Settings
Security Group
Storage
location
Bootstrap Script
or gateway is directed
Linux, macOS, Windows t3.micro VPC / SSH / HTTPs (Firewall) 1x 8GiB gp3 (OPTIONAL)
AWS service Config & Compliance Identity Access Cloud
to instances or
Personal

status Over time

Analytics App Integration Network Management DDoS Web App Firewall Development Kit functions
Health
build, test and deploy
Storage Database
Dashboard perform. / evnt / alert
Service Catalog CloudWatch EC2 EC2 Image Builder
Lambda S3 RDS DynamoDB Redshift API GW EventBridge VPC ELB GuardDuty Security Hub Network Firewall SDK CodePipeline
Glacier

Event-Driven

a-a global tables

interact
may

OLTP

OLAP

build to
deploy
SLS

SLS
SQL
impact
60s

SLS
you
Self-service Metrics Elastic Compute Automate Simple Storage Relational Database Key/Value &
Warehouse
Schedules, Event, Virtual Private Malicious Behavior Software
Virtual function create, publish, monitor, Distribute traffic VPC Firewall Orchestration
7 Core Checks products pre-defined Dashboard Cloud creation of AMI Service Service DAX cache data analyze and secure APIs Trigger, Rules Cloud in VPC, DNS Central security tool Development Kit
• S3 Bucket Permissions
account activity
• SG - Specific Ports Unrestricted
CloudFormation CloudTrail ASG Outpost Batch EBS Aurora DocumentDB EMR SNS Step Functions CloudFront Route 53 Cognito Identity Center Resource Access
CLI CodeStar

SSH (Secure Shell)

• IAM Use (one IAM user min)

Single ec2
Manager (RAM)

aws console
• MFA on Root Account

Hadoop

Cluster
IaaC

NoSQL

cache
OLTP

SSO
• EBS Public Snapshots
EC2
• RDS Public Snapshots
CDN (Content
on-premises AWS Relational DB JSON (Aurora for Simple Notification Visual workflow to DNS (Domain Name Share Resources w/
• Service Limits Deploy stacks Record API calls Auto Scaling Group Large data jobs Elastic Block Storage Elastic MapReduce Delivery Network)
Command Line
Infrastructure Management System MongoDB) Service orchestrate Lambda f System) App users Single sign-on other AWS accounts Interface CICD view
Full Checks
• Ability to set CloudWatch
alarms when reaching limits
OpsWorks Control Tower Compute Managed Blockchain
QLDB EFS Snowcone ElastiCache Glue SQS AppSync Transit GW Private Link Secrets Manager Directory Service ACM Cloud9 CodeArtifact
Multiple ec2
immutable journal

crypto verifiable
• Programmatic Access Optimizer

pc, printers
Hyperledger

db of obj
Elastic Network
data transfer

user acc,
Network Load
GraphQL
Ethereum

using AWS Support API

Recomme
ndations

Balancer

interface
ML

Cloud Adoption Framework

Chef and Puppet Quantum 8 TB HDD Peering thousands of Expose a Storing and rotate Microsoft Active AWS Certificate packages /
IDE (VSCode)
Easy Account Setup Elastic File System In-memory Extract Transform Message Queue sync mobile & web
↓ costs ↑ perf No need authority / 14 SSD Load apps data VPC / on-premises service secrets every x day Directory Manager dependencies
(AWS CAF) Ledger
Edge Computing

MQ
Business - Strategy Managemen Site-to-Site VPN
SSM Management Console
Beanstalk EKS ECS FSx Snowball Neptune Athena Pinpoint Direct Connect
KMS Inspector Artifact CloudShell WorkSpace

email sms push

encryption
People - Workforc

over private
operational

over public

Workloads
Governance - Risk Managemen data transfer
Manage &

2-way

network
insights

internet
operate

PaaS

End User Computing

SLS

DaaS

VDI
Platform - Architectur
Security - Protectio
Operations - Observability Elastic Kubernetes Elastic Container 80 TB
serverless S3 Marketing on-premises Key Management Find software Security and
Systems Manager Web App Console Deploying an app 3rd Party Graph DB Messaging Queue on-premises
AAAAA Browser shell
Service Service < 10 PB Query communications and AWS VPN to AWS Service vulnerabilities Compliance Reports Provision desktops
Containers / Kubernetes

Support Marketplace Lightsail Fargate ECR Storage GW Snowmobile DMS QuickSight Kinesis Connect Client VPN Global Accelerator
CloudHSM Detective Macie X-Ray AppStream

over public

with browse
internet
Basic
data transfer
sell SaaS

Logs

ML

ML
SLS

SLS
free, documentation AWS Plans Independent
little cloud Serverless Elastic Container Bridge on-premise > 10 PB
Database Migration Real-time Virtual Contact Connect your PC to Use AWS global encryption Hardware Root cause and Discovers Trace requests
Developer Pricing software vendors experience containers Registry data & cloud data < 100 PB Service dashboards Streaming Center AWS & on-premises network Security Module suspicious activities sensitive data visual analysis Desktop Streaming

email
OpsHub to manage Business App
snow family
Response times:
General: < 24 business hours Financial Compute Storage Backup Front-end Migration & Transfer Satellite Machine Learning Use
System: < 12 business hours Cost Explorer Cost and Usage
Reports
Local Zones Backup Amplify App Migration Migration Evaluator Ground Station
Rekognition Transcribe Polly Translate Lex Comprehend
Business Billing Dashboard:
Service (MGN)

Lift-and-shift
Extend VPC

Strategies
closer to
forecast

phone / chat access

users

NLP
high level overview + free tier dashboard Backup and Restor
Response times: Pilot Ligh
Cost Allocation Tags:
High level most compute & storage, automate Warm standb Migrating data-driven business face detection, Natural language
Production impaired: < 4 hour develop & deploy
Production down: < 1 hour tag resources to create detailed reports custom reports comprehensive set providing low latency backups Multi-site/ Hot-Site applications to AWS case for migration
Satellite
labeling audio to text text to audio Translations Chatbots processing
Enterprise Device Farm
App Discovery
DataSync
Cost Anomaly Detection
Budgets Savings Plans
Wavelenght DRS Service IoT Core SageMaker Textract Kendra Forecast CodeGuru Personalize
outside into aws

TAM

Block replication

incremental

detect unusual spends using ML

forecast

(Technical Account Manager)

Response times:
Business down: < 15 minutes
Service Quotas
tests app with pc, On-premises Data from on-
notify when close to service quota threshold Long-term 1-3 years
Elastic Disaster Dev machine ML-powered
5G networks
Budget Alarm mobile, tablet... migration plan premises to AWS Internet of Things Detect text and data highly accurate automated code
Recovery recommendations
learning in documents search engine forecasts reviews