Free services

Services that are free to use but can provision AWS services that cost money:

  • CloudFormation
  • Elastic Beanstalk
  • Auto Scaling
  • Opsworks
  • Amplify
  • AppSync
  • CodeStar

    Free

  • Organisations and Consolidated Billing
  • AWS Cost Explorer
  • Amazon VPC
  • IAM
  • AWS Artifact

Services using Edge Location

CloudFront

Route 53

Requesting going to either CloudFront or Route 53 will be routed to the nearest edge location automatically.

CloudFront Origin can be an S3 Bucket, EC2 or ELB

S3 Transfer Acceleration

As the data arrives at an edge location, data is routed to Amazon S3 over an optimized network path.

API Gateway

API Gateway endpoint traffic also use the AWS Edge Network.

AWS Service Catalog

AWS Service Catalog allows organizations to create and manage catalogs of IT services that are approved for use on AWS. These IT services can include everything from virtual machine images, servers, software, and databases to complete multi-tier application architectures. AWS Service Catalog allows you to centrally manage commonly deployed IT services, and helps you achieve consistent governance and meet your compliance requirements, while enabling users to quickly deploy only the approved IT services they need.

Amazon Athena

Amazon Athena is an interactive query service that makes it easy to analyze data in Amazon S3 using standard SQL. Athena is serverless, so there is no infrastructure to manage, and you pay only for the queries that you run.

AWS Config

AWS Config is a managed service that provides AWS resource inventory information and enables you to record configuration change history to enable security and governance requirements. With AWS Config, you can discover both existing and deleted resources at any point in time.
AWS Config is a service that enables you to assess, audit, and evaluate the configurations of your AWS resources. Config continuously monitors and records your AWS resource configurations and allows you to automate the evaluation of recorded configurations against desired configurations.

Rekognition

Amazon Rekognition makes it easy to add image and video analysis to your applications using proven, highly scalable, deep learning technology that requires no machine learning expertise to use. With Amazon Rekognition, you can identify objects, people, text, scenes, and activities in images and videos, as well as detect any inappropriate content.

Macie

A machine learning-powered security service to discover, classify, and protect sensitive data.

Snowball: Physical solution.

Snowball offers a petabyte-scale data transport solution that uses devices designed to be secure to transfer large amounts of data into and out of the AWS Cloud.
They send you the physical device!

LightSail

Amazon Lightsail is the easiest way to get started with AWS if you just need virtual private servers. Lightsail includes everything you need to launch your project quickly – a virtual machine, SSD-based storage, data transfer, DNS management, and a static IP – for a low, predictable price.

Amazon WorkSpaces

Amazon Workspaces is a managed, secure, cloud desktop service. You can use Amazon WorkSpaces to provision either Windows or Linux desktops.

AWS Inspector

AWS Inspector is an agent you install on your EC2 Instance and run analysis to identify vulnerabilities

AWS CloudFormation

CloudFormation enables you to build a template of your infrastructure as code which you can configure to your exact specification that can be then be used to deploy servers that meet the configuration and security requirements for the business.
You can use JSON and YAML formats to design your CloudFormation templates
AWS CloudFormation itself is completely free; when CloudFormation is used to launch EC2 Instances from the template, those EC2 Instances will be chargeable - Similar to free Elastic Beanstalk service.

Amazon Simple Queue Service (SQS)

Amazon Simple Queue Service (SQS) is a fully managed message queuing service that enables you to decouple and scale microservices, distributed systems, and serverless applications.

Amazon API Gateway

Amazon API Gateway is a fully managed service that makes it easy for developers to create, publish, maintain, monitor, and secure APIs at any scale. APIs act as the “front door” for applications to access data, business logic, or functionality from your backend services. Using API Gateway, you can create RESTful APIs and WebSocket APIs that enable real-time two-way communication applications.

Route 53

Amazon Route 53 is a highly available and scalable cloud Domain Name System (DNS) web service.
DNS service is like the phone book of the Internet. Route 53 routes end users (who provide the domain name) to Internet applications.

Amazon Kinesis

Amazon Kinesis makes it easy to collect, process, and analyze real-time, streaming data so you can get timely insights and react quickly to new information.

Kinesis Video Streams

Capture, process, and store video streams

Kinesis Data Streams

Capture, process, and store data streams

Kinesis Data Firehose

Load data streams into AWS data stores

Kinesis Data Analytics

Analyze data streams with SQL or Java

AWS WAF(Web Application Firewall)

AWS WAF is a web application firewall that helps protect your web applications or APIs against common web exploits that may affect availability, compromise security, or consume excessive resources.

Consolidated Billing

Consolidated Billing enables you to link your accounts and take advantage of volume price discounts

Amazon SNS

Amazon Simple Notification Service (SNS) is a highly available, durable, secure, fully managed pub/sub messaging service that enables you to decouple microservices, distributed systems, and serverless applications.
Amazon SNS and Amazon CloudWatch are integrated so users can collect, view, and analyze metrics for every active SNS. Once users have configured CloudWatch for Amazon SNS, they can gain better insight into the performance of their Amazon SNS topics, push notifications, and SMS deliveries.
Amazon CloudWatch gives visibility into your filtering activity, and AWS CloudFormation enables you to deploy subscription filter policies in an automated and secure manner.

AWS Landing Zone

AWS Landing Zone is a solution that helps customers more quickly set up a secure, multi-account AWS environment based on AWS best practices.
This solution can help save time by automating the set-up of an environment for running secure and scalable workloads while implementing an initial security baseline through the creation of core accounts and resources. It also provides a baseline environment to get started with a multi-account architecture, identity and access management, governance, data security, network design, and logging.

AWS Resource groups

You can use resource groups to organize your AWS resources. You create groups with tags as your grouping criteria.

AWS Quick Starts

Quick Starts are built by AWS solutions architects and partners to help you deploy popular technologies on AWS, based on AWS best practices for security and high availability.
Each Quick Start includes AWS CloudFormation templates that automate the deployment and a guide that discusses the architecture and provides step-by-step deployment instructions.

AWS Cost and Usage Report

spread sheet for you to analyse your cost and usage

  • places the reports into S3
  • Uses Athena to turn report into queryable database
  • Use QuickSight to visualise as graphs

    AWS Cost Explorer

    AWS Cost Explorer has an easy-to-use interface that lets you visualize, understand, and manage your AWS costs and usage over time.

Amazon QuickSight

Amazon QuickSight is a fast, cloud-powered business intelligence (BI) service that makes it easy for you to deliver insights to everyone in your organization.
It generates create and publish interactive dashboards.

AWS Lake Formation

AWS Lake Formation is a service that makes it easy to set up a secure data lake in days. A data lake is a centralized, curated, and secured repository that stores all your data, both in its original form and prepared for analysis.

Amazon Simple Workflow

Amazon Simple Workflow (Amazon SWF) helps developers build, run, and scale background jobs that have parallel or sequential steps. You can think of Amazon SWF as a fully-managed state tracker and task coordinator in the cloud.

AWS Database Services

DynamoDB

NoSQL key/value database

DocumentDB

NoSQL Document database, MongoDB compatible

RDS

Relational Database Service that supports multiple engines:
MySQL, Postgres, Aurora, Oracle, Microsoft SQL Server, Maria DB

Aurora

MySQL(5* faster) and PostgreSQL(3* faster) database, fully managed
Better performance and redundancy. More expensive than other RDS options.
Amazon Aurora features a distributed, fault-tolerant, self-healing storage system that auto-scales up to 64TB per database instance. It delivers high performance and availability with up to 15 low-latency read replicas, point-in-time recovery, continuous backup to Amazon S3, and replication across three Availability Zones (AZs).

Aurora Serverless

Only runs when you need it, like AWS Lambda

Neptune

Managed Graph Database

Redshift

Columnar database, perabyte warehouse

ElastiCache

Redis or Memcached database
Amazon ElastiCache allows you to seamlessly set up, run, and scale popular open-Source compatible in-memory data stores in the cloud.

Provisioning Services

Elastic Beanstalk

Deploying and scaling web applications and services

OpsWorks

Configuration management service. provides managed instances of Chef and Puppet.

CloudFormation

Structured as JSON or YAML code.
Most flexible provision tools listed here.

AWS QuickStart

pre-make packages that can launch and configure your services required to deploy a workload on AWS.

AWS Marketplace

A digital catalogue of thousands of software listings from independent vendors. Find, buy, test and deploy software.
You can also buy managed EC2 instances here.

AWS Fargate

AWS Fargate is a serverless compute engine for containers that works with both Amazon Elastic Container Service (ECS) and Amazon Elastic Kubernetes Service (EKS).
You pay for the time it runs, just like Lambda.

AWS Batch

AWS Batch plans, schedules, and executes your batch computing workloads across the full range of AWS compute services and features, such as Amazon EC2 and Spot Instances.
There is no additional charge for AWS Batch. You only pay for the AWS resources (e.g. EC2 instances) you create to store and run your batch jobs.

AWS Glue

AWS Glue is a fully managed extract, transform, and load (ETL) service that makes it easy for customers to prepare and load their data for analytics.

AWS Storage Gateway

AWS Storage Gateway is a hybrid cloud storage service that gives you on-premises access to virtually unlimited cloud storage.

Tape Gateway

The Tape Gateway configuration is a cloud-based virtual tape library (VTL) that serves as a drop-in replacement for tape backup systems.

Volume Gateway

With a Volume Gateway configuration, you can take snapshots of your local volumes and store those snapshots in Amazon EBS.

File Gateway

The File Gateway helps you manage hybrid file and object workloads that run across both your organization and the AWS Cloud.

Business Centric Services

Amazon Connect

Call centre

WorkSpaces

Virtual remote desktop

Chime

Online conference

WorkDocs

content creation and collaboration

WorkMail

business email

Simple Email Service (SES)

marketing, notification, emails

Pinpoint

marketing campaign management system, sending targeted email, SMS, push notifications and voice messages

QuickSight

Business Intelligence service, visualisation

Enterprise Integration: Hybrid

Direct connect

Dedicated Gigabyte network connection from your premises to AWS.

VPN

secure connection to your AWS network

Storage Gateway

Hybrid storage service that allows your on-premises applications to use AWS cloud storage.

AWS Managed Microsoft AD (Active Directory)

AWS Directory Service for Microsoft Active Directory, also known as AWS Managed Microsoft AD, enables your directory-aware workloads and AWS resources to use managed Active Directory in the AWS Cloud.

AMAZON MSK (Managed Streaming for Apache Kafka)

Amazon MSK is a fully managed service that makes it easy for you to build and run applications that use Apache Kafka to process streaming data. Apache Kafka is an open-source platform for building real-time streaming data pipelines and applications.

Amazon Sumerian

Amazon Sumerian lets you create and run virtual reality (VR), augmented reality (AR), and 3D applications quickly and easily without requiring any specialized programming or 3D graphics expertise.

AWS Elemental MediaConnect

AWS Elemental MediaConnect is a high-quality transport service for live video.

AWS Elemental MediaConvert

AWS Elemental MediaConvert is a file-based video transcoding service with broadcast-grade features.

SNS vs SQS

both Connect APPs via Messages

SNS

pub/sub messaging model.
send messages to subscribers of topics while http, email, sqs, sms.
Good for webhooks, internal emails, triggering lambda functions.

SQS

queues up messages. Applications pull queue using AWS SDK.
Good for delayed tasks, queueing up emails.

Inspector vs Trusted Advisor

both security tools that perform autids

Inspector

audits a single EC2 instances, generate a report.

Trusted Advisor

does not generate a PDF report. Gives you a holistic review across multiple services on best practices.

ALB, NLB, CLB

Application Load Balancer

Level 7 requests
HTTP/HTTPS traffic
Can attach WAF.
If you are running web application, this is what you want to use.

Listener

Before you start using your Application Load Balancer, you must add one or more listeners. A listener is a process that checks for connection requests, using the protocol and port that you configure. You need to configure Listeners to specific ports that you will accept incoming traffic on and the ports you will use to forward traffic onto the EC2 Instances

Network Load Balancer

Layer 4 IP protocol data
TCP and TLS traffic where extreme performance is required.
Optimized for sudden and volatile traffic patterns while using a single statif IP address per Availability zone.

Classic load balancer

old. Layer 4 and 7.

SNS, SES

Simple Notification service: Practical and internal

plain text email.
pub/sub model
SNS is generally used for sending plain text emails triggered via other AWS services, for example, billing alarms.
Lots of AWS services trigger SNS for notifications.

SES: professional, marketing

html emails
can receive inbound emails
can create Email Templates
Monitor your email reputation
Custom domain name email

Storage Gateway vs AWS Site-to-Site VPN

Storage Gateway

AWS Storage Gateway is a hybrid cloud storage service that gives you on-premises access to virtually unlimited cloud storage.

AWS Site-to-Site VPN

AWS Site-to-Site VPN is a network service that enables you to connect your on-premises datacenter to your AWS VPC
Site-to-Site VPN supports Internet Protocol security (IPsec) VPN connections.

AWS CloudHSM

AWS CloudHSM is a cloud-based hardware security module (HSM) that enables you to easily generate and use your own encryption keys on the AWS Cloud.

With CloudHSM, you can manage your own encryption keys using FIPS 140-2 Level 3 validated HSMs.

CloudHSM protects your keys with exclusive, single-tenant access to tamper-resistant HSMs in your own Amazon Virtual Private Cloud (VPC).

Amazon RDS Read Replicas

Amazon RDS Read Replicas provide enhanced performance and durability for RDS database (DB) instances. They make it easy to elastically scale out beyond the capacity constraints of a single DB instance for read-heavy database workloads.

AWS IAM Identify Federation

Federation enables you to manage access to your AWS resources centrally. With federation, you can use single sign-on (SSO) to access your AWS accounts using credentials from your corporate directory. Federation uses open standards, such as Security Assertion Markup Language 2.0 (SAML), to exchange identity and security information between an identity provider (IdP) and an application.

AWS Cognito

Amazon Cognito lets you add user sign-up, sign-in, and access control to your web and mobile apps quickly and easily.
With Amazon Cognito, your users can sign in through social identity providers such as Google, Facebook, and Amazon, and through enterprise identity providers such as Microsoft Active Directory via SAML.

AWS X-RAY

AWS X-Ray enables you to analyze and debug distributed applications in and understand how your application and its underlying services are performing. You can then identify and troubleshoot the root cause of performance issues and errors.

AWS DeepLens

AWS DeepLens is a wireless-enabled video camera and development platform integrated with the AWS Cloud. It lets you use the latest Artificial Intelligence (AI) tools and technology to develop computer vision applications based on a deep learning model.

AWS Managed Services (AMS)

AWS Managed Services (AMS) operates AWS on your behalf, providing a secure and compliant AWS Landing Zone, a proven enterprise operating model, on-going cost optimization, and day-to-day infrastructure management.
AWS Managed Services follows ITIL, a popular IT service management framework used by many Enterprises.
AMS operates AWS infrastructure on behalf of enterprise customers and partners

ITIL, formerly an acronym for Information Technology Infrastructure Library, is a set of detailed practices for IT service management that focuses on aligning IT services with the needs of business

Global Tables: Multi-Region Replication with DynamoDB

Amazon DynamoDB global tables provide a fully managed solution for deploying a multiregion, multi-master database, without having to build and maintain your own replication solution.
When using Global Tables, you are charged based on the resources associated with each replica table. Write capacity for Global Tables is represented by replicated write capacity units (rWCUs) instead of standard write capacity units (WCUs)

Amazon EMR (Elastic MapReducer)

Amazon EMR is the industry leading cloud-native big data platform for processing vast amounts of data quickly and cost-effectively at scale.
Managed Hadoop.

AWS Infrastructure Event Management

AWS Infrastructure Event Management is a structured program available to Enterprise Support customers (and Business Support customers for an additional fee) that helps you plan for large-scale events such as product or application launches, infrastructure migrations, and marketing events.

With Infrastructure Event Management, you get strategic planning assistance before your event, as well as real-time support during these moments that matter most for your business.