AWS Services
AWS Services By Category.
These are the relevant AWS categories.
AWS Compute Services
| Service | Purpose | Example Use Case | AWS Well-Architected Framework | Interactions |
|---|
| Amazon EC2 | Scalable virtual servers for compute workloads. | Hosting a web application with variable traffic. | Cost Optimization: Use reserved or spot instances for savings. Performance Efficiency: Autoscaling for optimal performance. | Works with Auto Scaling, Elastic Load Balancing (ELB), S3 for storage, RDS for databases, and VPC for network security. |
| Amazon Lightsail | Simplified compute service for small-scale applications. | Running a personal blog or a small e-commerce store. | Operational Excellence: Easy to set up and manage. Reliability: Includes built-in backup capabilities. | Interacts with S3 for backup, Route 53 for domain name management, and CloudFront for content delivery. |
| AWS Lambda | Serverless compute for running code in response to events. | Executing a function when a new object is uploaded to an S3 bucket. | Cost Optimization: Pay only for the compute time used. Performance Efficiency: Automatic scaling and availability. | Integrates with S3, DynamoDB, API Gateway, EventBridge, and CloudWatch for monitoring. |
| Amazon ECS | Fully managed container orchestration service. | Running microservices architecture with Docker containers. | Reliability: Supports multi-AZ deployments. Performance Efficiency: Autoscaling of containers. | Works with Fargate for serverless container execution, VPC for networking, and CloudWatch for monitoring. |
| Amazon EKS | Managed Kubernetes service for containerized applications. | Deploying a scalable, highly available Kubernetes cluster for web services. | Reliability: Multi-AZ support. Operational Excellence: Fully managed Kubernetes control plane. | Works with IAM for authentication, CloudWatch for monitoring, and EBS for persistent storage. |
| AWS Batch | Enables batch computing jobs at scale. | Processing thousands of video files for transcoding. | Performance Efficiency: Dynamically provisions the optimal compute resources. Cost Optimization: Scales based on job requirements. | Integrates with EC2 Spot Instances, ECS, and S3 for data input/output. |
| Amazon Elastic Beanstalk | Platform as a Service (PaaS) for deploying and managing applications. | Deploying a Java-based web application without managing infrastructure. | Operational Excellence: Simplified application management. Performance Efficiency: Built-in load balancing and scaling. | Works with ELB, RDS, S3, and CloudWatch for logging and monitoring. |
| AWS Fargate | Serverless compute engine for containers. | Running containers without managing the underlying EC2 instances. | Cost Optimization: Pay only for the resources consumed. Performance Efficiency: Scales automatically to meet demands. | Works with ECS and EKS for container orchestration and IAM for security. |
| Amazon Outposts | Brings AWS services to on-premises environments. | Running low-latency applications like video processing on-premises with AWS APIs. | Performance Efficiency: Local processing reduces latency. Reliability: Extends AWS regions to on-premises environments. | Works with S3, EBS, RDS, and EC2 for local services and connectivity to the AWS Cloud. |
| AWS Wavelength | Enables ultra-low latency applications at the edge. | Delivering AR/VR applications or autonomous vehicle data processing with minimal latency. | Performance Efficiency: Reduces latency by placing compute resources close to end users. Reliability: Fully integrated with AWS Regions. | Integrates with EC2, ECS, Lambda, and CloudFront for edge computing capabilities. |
| AWS Elastic GPU | Adds GPU acceleration to EC2 instances. | Running machine learning inference or high-performance graphics applications. | Performance Efficiency: Pay for GPU resources as needed. Cost Optimization: Use only GPU resources on demand. | Works with EC2 and integrates with SageMaker for ML workloads or high-performance graphics rendering. |
| AWS Serverless Application Repository (SAR) | A repository for serverless application blueprints. | Quickly deploying pre-built serverless applications like chatbots or CRMs. | Operational Excellence: Simplifies deployment of serverless architectures. Reliability: Community-reviewed templates ensure quality. | Works with Lambda, API Gateway, DynamoDB, and other serverless AWS services. |
| VMware Cloud on AWS | Runs VMware workloads on AWS infrastructure. | Migrating legacy VMware workloads to the cloud while maintaining existing tools. | Reliability: Ensures continuity of operations. Cost Optimization: Optimizes on-demand scaling for VMware resources. | Integrates with S3, EBS, and RDS for hybrid workloads and AWS Direct Connect for low-latency connectivity. |
AWS Storage
| Service | Purpose | Example Use Case | AWS Well-Architected Framework | Interactions |
|---|
| Amazon S3 | Scalable object storage for any type of data. | Storing and retrieving unstructured data like images, videos, or backups. | Reliability: Highly durable (11 nines). Cost Optimization: Tiered storage options like S3 Glacier. | Works with Athena for querying, Lambda for processing, and CloudFront for content delivery. |
| Amazon S3 Glacier | Low-cost storage for long-term data archiving. | Archiving infrequently accessed financial records for compliance. | Cost Optimization: Lowest cost for cold storage. Security: Encrypts archived data automatically. | Integrated with S3 lifecycle policies and AWS Backup for automated archiving. |
| Amazon EBS | Block storage for use with EC2 instances. | Storing a database volume for an RDS or self-hosted MySQL server. | Performance Efficiency: High throughput for applications. Cost Optimization: Snapshots reduce redundancy. | Works with EC2 for storage, RDS for backups, and AWS Backup for automated snapshot management. |
| Amazon EFS | Fully managed, shared file storage for Linux workloads. | Hosting shared application configuration files or logs across multiple EC2 instances. | Reliability: Regional redundancy. Performance Efficiency: Scales automatically with workload demand. | Works with EC2 for shared storage and AWS Backup for automated snapshots. |
| Amazon FSx for Windows | Fully managed file storage for Windows-based applications. | Hosting Windows file shares for corporate applications or active directory. | Reliability: Integrates with Active Directory. Operational Excellence: Fully managed Windows file system. | Works with Active Directory, EC2, and RDS for Windows applications. |
| Amazon FSx for Lustre | High-performance file system optimized for compute-intensive workloads. | Running HPC workloads for genomics or financial modeling. | Performance Efficiency: Optimized for high-throughput applications. Reliability: Built-in data protection. | Works with S3 for persistent storage and EC2 for compute-intensive workloads. |
| AWS Storage Gateway | Hybrid cloud storage service for on-premises integration. | Backing up on-premises data to S3 using the File Gateway or Tape Gateway. | Reliability: Bridges on-premises and cloud. Operational Excellence: Simplifies hybrid storage management. | Works with S3, Glacier, and Backup for archiving and DR solutions. |
| AWS Snow Family | Physical devices for offline data transfer to AWS. | Migrating petabytes of data from on-premises data centers to S3. | Reliability: Enables migration in areas with limited connectivity. Cost Optimization: Avoids high bandwidth costs. | Integrates with S3 and Glacier for final storage. |
| AWS Backup | Centralized backup management for AWS services. | Automating backups for RDS, EFS, and EC2 volumes. | Reliability: Simplifies backup and recovery. Operational Excellence: Centralized backup solution. | Works with RDS, EFS, EC2, DynamoDB, and Storage Gateway for backup and recovery. |
| Amazon S3 Glacier Deep Archive | Lowest-cost storage for extremely infrequent access. | Storing regulatory compliance data or historical logs for 10+ years. | Cost Optimization: Designed for long-term, low-cost storage. Security: Encrypted and highly durable. | Integrated with S3 lifecycle policies and AWS Backup for automated data archiving. |
| Amazon Elastic File System (EFS) One Zone | Cost-effective file storage for workloads in a single AZ. | Hosting application data for non-critical environments like dev/test. | Cost Optimization: Reduces costs for less critical workloads. Reliability: Still fault-tolerant within AZ. | Works with EC2 for shared file systems and AWS Backup for snapshots. |
| Amazon DataSync | Automates data movement between on-premises and AWS. | Migrating on-premises databases to EFS or S3. | Operational Excellence: Streamlined data migration. Reliability: Secure, fast transfers to AWS. | Works with EFS, S3, and FSx for hybrid and cloud-native storage solutions. |
| AWS Outposts Storage | Local S3 or EBS storage for AWS Outposts environments. | Running low-latency applications that need data stored on-premises but managed by AWS. | Performance Efficiency: Reduces latency by keeping data local. Reliability: Extends AWS storage on-prem. | Works with EC2, RDS, and local storage services for hybrid workloads. |
AWS Networking
| Service | Purpose | Example Use Case | AWS Well-Architected Framework | Interactions |
|---|
| Amazon VPC | Virtual private cloud to create isolated networks for resources. | Hosting EC2 instances and databases within a secure network, with control over IP address ranges. | Security: Enables control over network security with security groups and NACLs. Reliability: Supports high availability across multiple AZs. | Integrates with EC2, RDS, Lambda, and Route 53 for network management and security. |
| AWS Direct Connect | Dedicated network connection between on-premises and AWS. | Migrating data from an on-premises data center to AWS with a private connection. | Security: Provides private and secure network communication. Cost Optimization: Can lower data transfer costs. | Works with VPC, EC2, and S3 for private, fast, and secure data transfers. |
| Amazon Route 53 | Scalable DNS and domain registration service. | Managing domain names for websites hosted on EC2 instances or other AWS services. | Operational Excellence: Easy management of DNS settings. Security: Supports DNSSEC for enhanced security. | Integrates with S3, EC2, ELB, and CloudFront for content delivery and domain management. |
| AWS Transit Gateway | Connects multiple VPCs and on-premises networks through a central hub. | Connecting various VPCs from different regions and an on-premises data center to centralize network management. | Operational Excellence: Simplifies network management. Security: Provides control over traffic routing. | Works with VPC, Direct Connect, and VPN for secure inter-VPC and hybrid networking. |
| AWS VPN | Securely connects on-premises networks to AWS. | Connecting an on-premises data center to AWS VPC over an encrypted VPN tunnel. | Security: Secure communication over public internet. Reliability: Supports redundant VPN connections. | Works with VPC, Transit Gateway, and Direct Connect for hybrid network architectures. |
| Elastic Load Balancing (ELB) | Distributes incoming traffic across multiple targets (EC2, containers, etc.). | Distributing HTTP/HTTPS traffic across multiple EC2 instances running a web application. | Performance Efficiency: Automatically adjusts to changes in traffic. Reliability: Fault-tolerant load distribution. | Integrates with EC2, ECS, and Lambda for application scalability. |
| AWS Global Accelerator | Provides static IP addresses for global applications and routes traffic globally. | Improving the performance of globally distributed applications. | Performance Efficiency: Optimizes traffic routing. Security: Traffic is routed securely through the AWS network. | Works with ELB, EC2, and CloudFront for optimizing global traffic routing. |
| Amazon CloudFront | Content delivery network (CDN) to deliver content globally with low latency. | Delivering media files or web application assets (HTML, CSS, JS) to users worldwide with low latency. | Performance Efficiency: Reduces latency by serving content from edge locations. Cost Optimization: Caches content to reduce load on origin servers. | Works with S3, EC2, and Route 53 for dynamic content delivery and DNS routing. |
| AWS WAF | Web application firewall to protect applications from malicious traffic. | Protecting a web application on an EC2 instance or behind a load balancer from common web exploits. | Security: Protects against common web attacks (e.g., SQL injection, XSS). Operational Excellence: Customizable protection rules. | Works with ELB, CloudFront, and API Gateway for enhanced web security. |
| AWS Shield | Managed DDoS protection for AWS services. | Protecting a website hosted on EC2 or CloudFront from Distributed Denial of Service (DDoS) attacks. | Security: Provides protection against DDoS attacks. Reliability: Minimizes service interruptions. | Integrates with CloudFront, ELB, and Route 53 for automatic protection. |
| Amazon VPC Peering | Connects two VPCs for private communication. | Connecting a VPC in one region to a VPC in another region for secure and private communication. | Security: Provides private communication between VPCs. Reliability: Supports cross-region connectivity. | Works with EC2, Lambda, and S3 for private communication between different VPCs. |
| AWS PrivateLink | Provides private connectivity between VPCs and services. | Connecting to AWS services like S3 or custom services privately, without using the public internet. | Security: Traffic stays within the AWS network. Operational Excellence: Simplifies managing private connectivity. | Works with VPC, ELB, and EC2 for secure service connectivity. |
| AWS Elastic IP | Static IPv4 address designed for dynamic cloud computing. | Assigning a static IP to an EC2 instance that may change its public IP address during a restart. | Reliability: Provides consistent IP addressing. Security: Used in conjunction with security groups. | Works with EC2 for high availability and fault tolerance. |
| Amazon AppMesh | Service mesh for monitoring and controlling microservices traffic. | Enabling communication between microservices deployed in EC2, ECS, and EKS. | Performance Efficiency: Provides insight into traffic between microservices. Security: Encrypts microservices traffic. | Works with ECS, EKS, Lambda, and EC2 for microservices communication. |
| AWS Traffic Mirroring | Captures and inspects network traffic from EC2 instances. | Analyzing inbound and outbound traffic to and from EC2 instances for troubleshooting or compliance. | Security: Provides visibility into network traffic. Operational Excellence: Helps in traffic diagnostics. | Works with EC2, VPC, and CloudWatch for traffic analysis and monitoring. |
| AWS Network Firewall | Stateful, managed firewall service for VPC. | Protecting a VPC from unauthorized traffic while controlling outbound access. | Security: Helps protect VPC resources. Operational Excellence: Centralized firewall management. | Works with VPC, CloudWatch, and AWS Config for security policy enforcement and monitoring. |
AWS database services
| Service | Purpose | Example Use Case | AWS Well-Architected Framework | Interactions |
|---|
| Amazon RDS | Managed relational database service for various DB engines (MySQL, PostgreSQL, MariaDB, Oracle, SQL Server). | Running a scalable MySQL database to host an e-commerce website’s transactional data. | Reliability: Multi-AZ deployments ensure high availability. Cost Optimization: Automated backups to reduce management overhead. | Integrates with EC2, Lambda, and CloudWatch for automated scaling, monitoring, and backups. |
| Amazon Aurora | High-performance, fully managed relational database compatible with MySQL and PostgreSQL. | Running a high-availability, high-performance database for a mobile app backend. | Performance Efficiency: Automatically scales to meet traffic demands. Security: Encryption at rest and in transit. | Integrates with Lambda, RDS, and CloudWatch for monitoring, scaling, and automated backups. |
| Amazon DynamoDB | Fully managed NoSQL database service with single-digit millisecond latency. | Running a serverless application with rapid data retrieval requirements, such as a gaming leaderboard. | Performance Efficiency: Scales automatically to handle unpredictable workloads. Security: Fine-grained access control using IAM. | Integrates with Lambda, API Gateway, and SNS for real-time data processing and notifications. |
| Amazon ElastiCache | In-memory data store for caching to improve database performance. | Implementing a caching layer to speed up a web application by caching frequently accessed database queries. | Performance Efficiency: Reduces database load and speeds up data retrieval. Cost Optimization: Offloads traffic from primary databases. | Integrates with RDS, DynamoDB, and EC2 to cache data for faster performance. |
| Amazon Redshift | Fully managed data warehouse for analytics and big data processing. | Running complex queries on large datasets from an e-commerce platform to generate business insights. | Performance Efficiency: Scales with data volume and query complexity. Security: Data encryption and role-based access control. | Integrates with S3, Athena, and QuickSight for data storage, querying, and visualization. |
| Amazon DocumentDB | Managed document database service, compatible with MongoDB. | Storing JSON-style data for a content management system with dynamic, nested data structures. | Security: Encryption and access controls for sensitive data. Reliability: Automated backups and multi-AZ deployment. | Integrates with EC2, Lambda, and Kinesis for data storage, processing, and streaming. |
| Amazon Neptune | Managed graph database service for connected data. | Running a recommendation engine that finds relationships between products, customers, and purchases. | Performance Efficiency: Optimized for graph-based queries. Reliability: Multi-AZ support for high availability. | Integrates with Lambda, S3, and AWS Glue for data processing and analytics. |
| Amazon Keyspaces (for Apache Cassandra) | Managed Apache Cassandra-compatible database for large-scale applications. | Running a globally distributed NoSQL database for an IoT system that collects data from millions of devices. | Scalability: Easily scales to handle high-throughput workloads. Reliability: Multi-region replication for fault tolerance. | Integrates with Lambda, EC2, and DynamoDB for real-time data storage and processing. |
| Amazon QLDB | Managed ledger database for immutable transaction logs. | Implementing a blockchain-like solution to track transactions and provide an auditable, immutable ledger. | Security: Immutable and verifiable ledger. Operational Excellence: Queryable and automated change tracking. | Works with Lambda, EC2, and CloudWatch for data querying and monitoring. |
| AWS Glue | Fully managed ETL (extract, transform, load) service for preparing data. | Transforming and loading data from various sources like S3 and RDS into a Redshift data warehouse. | Operational Excellence: Automates data transformation and loading. Performance Efficiency: Optimizes data processing jobs. | Integrates with S3, Redshift, DynamoDB, and RDS for data processing and transformation. |
| Amazon RDS Proxy | Managed database proxy for Amazon RDS and Aurora, improving scalability. | Connecting multiple application instances to an RDS database while minimizing connection management overhead. | Performance Efficiency: Improves application performance and scalability. Reliability: Enhances database connection resilience. | Integrates with RDS, Lambda, and Aurora for seamless scaling and connection pooling. |
| AWS DMS (Database Migration Service) | Helps migrate databases to AWS with minimal downtime. | Migrating a large, on-premises SQL Server database to Amazon RDS PostgreSQL with minimal application downtime. | Operational Excellence: Enables smooth and reliable database migrations. Cost Optimization: Reduces migration costs with minimal downtime. | Works with RDS, Aurora, and S3 for continuous replication and database migration. |
| AWS Timestream | Managed time-series database service for IoT and operational data. | Storing and analyzing time-series data from IoT sensors in a factory. | Performance Efficiency: Optimized for high-volume time-series data. Cost Optimization: Low-cost storage for time-series data. | Integrates with Lambda, IoT Core, and S3 for data processing and storage. |
| Amazon RDS Aurora Serverless | On-demand, autoscaling relational database service for MySQL and PostgreSQL. | Running a web app that needs a database with variable workloads and no fixed database capacity requirements. | Cost Optimization: Pay only for the database capacity you use. Performance Efficiency: Scales automatically based on demand. | Works with Lambda, EC2, and CloudWatch for auto-scaling and application integration. |
| Amazon RDS Multi-AZ Deployments | High-availability solution for RDS databases with synchronous replication across Availability Zones. | Ensuring a production database is highly available for critical business applications. | Reliability: Provides disaster recovery and failover capabilities. Security: Encryption at rest and in transit. | Integrates with RDS, EC2, and CloudWatch for automated backups, failover, and monitoring. |
AWS Security and Identity services
| Service | Purpose | Example Use Case | AWS Well-Architected Framework | Interactions |
|---|
| AWS Identity and Access Management (IAM) | Manages users, groups, and permissions for AWS resources. | Granting developers the right level of access to resources like S3 and EC2 instances. | Security: Fine-grained control over who can access resources. Operational Excellence: Enables strong access management policies. | Integrates with all AWS services to manage user access and permissions. |
| AWS Organizations | Centralized management of multiple AWS accounts. | Managing billing and access control across several AWS accounts for a multi-account setup. | Cost Optimization: Centralized billing. Security: Service control policies (SCPs) to restrict access. | Integrates with IAM, AWS SSO, and AWS Shield for cross-account access control. |
| AWS Single Sign-On (SSO) | Provides a unified login experience for multiple AWS accounts and applications. | Allowing employees to log in to multiple AWS accounts with one set of credentials. | Security: Centralized access control with MFA. Operational Excellence: Simplifies user management. | Integrates with IAM, AWS Organizations, and external identity providers like Active Directory. |
| AWS Cognito | Provides user authentication, authorization, and user management. | Building a user sign-up/sign-in system for a mobile application with features like social login. | Security: Secure authentication and access management. Performance Efficiency: Scales with user demand. | Integrates with API Gateway, Lambda, and DynamoDB for secure user authentication and data storage. |
| AWS Directory Service | Managed Active Directory service in the cloud. | Enabling Windows-based applications to authenticate using an AWS-managed Active Directory. | Security: Integrates with IAM for centralized access control. Operational Excellence: Simplifies AD management. | Integrates with EC2, RDS, and WorkSpaces for secure directory-based authentication. |
| AWS KMS (Key Management Service) | Managed service for creating and controlling encryption keys. | Encrypting sensitive data stored in S3 or RDS with customer-managed keys. | Security: Centralized key management. Cost Optimization: Pay-per-use for key operations. | Integrates with all AWS services to enable encryption of data at rest and in transit. |
| AWS Shield | Managed Distributed Denial of Service (DDoS) protection service. | Protecting a public-facing website hosted on AWS from DDoS attacks. | Security: Provides automatic DDoS detection and mitigation. Reliability: Reduces downtime caused by DDoS attacks. | Integrates with ELB, CloudFront, Route 53 for automatic DDoS protection. |
| AWS Shield Advanced | Enhanced DDoS protection with additional features such as cost protection and attack diagnostics. | Ensuring high availability for a critical application exposed to the internet by providing advanced DDoS protection. | Security: Offers real-time attack visibility and mitigation. Reliability: Cost protection for DDoS incidents. | Works with CloudFront, Route 53, and Elastic Load Balancer (ELB) to provide DDoS protection and traffic management. |
| AWS WAF (Web Application Firewall) | Protects applications from common web exploits like SQL injection and XSS. | Creating a firewall rule set for an API Gateway that filters out malicious traffic. | Security: Protects applications from known vulnerabilities. Operational Excellence: Customizable rules for application security. | Integrates with API Gateway, CloudFront, and ALB to secure web traffic. |
| Amazon GuardDuty | Threat detection service that continuously monitors for malicious activity. | Detecting unusual API calls or compromised EC2 instances in an AWS environment. | Security: Automated threat detection and response. Operational Excellence: Simplifies security management. | Integrates with CloudWatch for alerts, Lambda for automatic remediation, and CloudTrail for log analysis. |
| AWS Config | Tracks AWS resource configurations and changes. | Auditing security groups that have changed in an AWS environment to ensure compliance with security policies. | Security: Ensures compliance by tracking resource configurations. Operational Excellence: Allows configuration drift detection. | Works with IAM, CloudTrail, and Lambda for configuration compliance and change tracking. |
| AWS Macie | Sensitive data discovery and classification service, specifically for PII. | Identifying and classifying sensitive personal data in S3 buckets for compliance purposes. | Security: Automated data classification and discovery. Operational Excellence: Simplifies data protection management. | Integrates with S3 for discovering sensitive data and CloudWatch for monitoring. |
| AWS Secrets Manager | Manages and rotates sensitive credentials like API keys and passwords. | Storing and rotating database credentials for RDS and DynamoDB to avoid hardcoding secrets. | Security: Protects sensitive data with automatic rotation. Cost Optimization: Reduce security risk by centralizing credential management. | Integrates with RDS, Lambda, and EC2 for automatic credential management. |
| AWS Artifact | Provides access to AWS compliance reports and security documents. | Reviewing SOC reports and compliance certifications for an audit of your AWS environment. | Security: Provides access to important compliance documentation. Operational Excellence: Ensures transparency and trust. | Works with AWS organizations and AWS CloudTrail for compliance documentation access. |
| AWS CloudHSM | Hardware-based key storage and cryptographic processing. | Using CloudHSM for storing cryptographic keys for compliance-heavy applications like PCI DSS. | Security: Provides FIPS 140-2 Level 3 certified key management. Operational Excellence: Key isolation for added security. | Integrates with KMS, IAM, and EC2 for secure key management. |
| AWS Firewall Manager | Centralized management of firewall rules across multiple accounts. | Creating a global rule set to block incoming traffic on port 80 across all AWS accounts in an organization. | Security: Ensures consistent security policy enforcement across accounts. Operational Excellence: Simplifies firewall management. | Integrates with WAF, Shield, and Security Hub for global rule management and centralized security. |
| AWS Security Hub | Centralized security and compliance service that aggregates findings from other security services. | Consolidating security findings from GuardDuty, Inspector, and Macie into a single view for security teams. | Security: Provides a unified view of security findings. Operational Excellence: Enables automated remediation workflows. | Integrates with GuardDuty, Inspector, Macie, and CloudWatch for centralized monitoring and alerting. |
| Amazon Inspector | Automated security assessment service for vulnerabilities. | Running automated security assessments on EC2 instances to identify vulnerabilities before deployment. | Security: Helps identify security vulnerabilities. Operational Excellence: Automates security scanning and patching. | Integrates with EC2, CloudWatch, and IAM for vulnerability management and alerting. |
| AWS Trusted Advisor | Offers real-time guidance to help improve security, performance, and cost efficiency. | Identifying unprotected EC2 instances or open security groups in an AWS account. | Security: Provides recommendations to improve security posture. Cost Optimization: Suggests cost-saving opportunities. | Integrates with IAM and EC2 for security and cost optimization insights. |
AWS Machine Learning
| Service | Purpose | Example Use Case | AWS Well-Architected Framework | Interactions |
|---|
| Amazon SageMaker | Fully managed service for building, training, and deploying machine learning models. | Training a model on historical sales data to predict future sales and deploying it as an API for real-time predictions. | Operational Excellence: Manages machine learning lifecycle. Performance Efficiency: Optimizes model performance. | Integrates with S3 (data storage), EC2 (compute), IAM (security), and Lambda (for inference) for a full machine learning pipeline. |
| Amazon Rekognition | Image and video analysis service powered by deep learning. | Detecting objects in images or identifying faces in a video for security or social media apps. | Security: Identifies faces or objects for security purposes. Performance Efficiency: Scalable image/video processing. | Works with S3 (for image/video storage), Lambda (for triggering processes), and CloudWatch (for monitoring performance). |
| Amazon Polly | Converts text to lifelike speech using deep learning models. | Converting text-based information into audio files for use in virtual assistants or audio books. | Operational Excellence: Helps deliver high-quality, lifelike speech. Performance Efficiency: Efficient text-to-speech conversion. | Integrates with Lambda (for real-time audio creation), S3 (for storage), and EC2 (for processing). |
| Amazon Lex | Service for building conversational interfaces (chatbots) using voice and text. | Building a chatbot for customer service that can interact with users through voice and text for support. | Operational Excellence: Automates conversations to improve customer service. Security: Integrates with IAM for access control. | Works with Lambda (to run backend logic), CloudWatch (for monitoring), and SNS (to send notifications). |
| Amazon Translate | Neural machine translation service for converting text between languages. | Translating content on a website to support multiple languages for global audiences. | Performance Efficiency: Fast translation at scale. Reliability: Provides accurate translations with high uptime. | Integrates with S3 (for document storage), Lambda (for triggering translations), and CloudWatch (for performance monitoring). |
| Amazon Comprehend | Natural Language Processing (NLP) service for text analysis, including sentiment and entity recognition. | Analyzing customer reviews to determine sentiment and identify common themes in feedback for product improvements. | Security: Identifies sensitive data or potential issues. Operational Excellence: Helps extract valuable insights from text. | Integrates with S3 (for text storage), Lambda (for data processing), and CloudWatch (for monitoring). |
| AWS Deep Learning AMIs | Pre-configured Amazon Machine Images (AMIs) for deep learning frameworks like TensorFlow and PyTorch. | Deploying deep learning models using pre-built environments for image recognition or recommendation engines. | Operational Excellence: Reduces time to deploy deep learning models. Performance Efficiency: Optimizes compute resources for deep learning. | Integrates with EC2 (for compute), S3 (for data), and IAM (for security). |
| AWS Deep Learning Containers | Containers optimized for deep learning frameworks, such as TensorFlow and MXNet, for model training and deployment. | Deploying a model in a Docker container to run predictions in a scalable environment. | Operational Excellence: Eases deployment of deep learning models. Performance Efficiency: Optimizes containerized workloads. | Works with ECS, EKS, Lambda (for serverless deployment), and S3 (for data storage). |
| Amazon Kendra | Intelligent search service powered by machine learning for accurate, context-aware search results. | Implementing a search engine for a corporate knowledge base that understands user intent and retrieves relevant information. | Operational Excellence: Improves search capabilities and data access. Security: Access control through IAM roles. | Integrates with S3 (for document storage), CloudWatch (for monitoring), and Lambda (for processing search results). |
| Amazon Textract | OCR (Optical Character Recognition) service for extracting text, forms, and tables from scanned documents. | Extracting text and tables from PDFs or scanned invoices for automation of document processing in a financial application. | Operational Excellence: Automates document processing. Security: Ensures secure data extraction for compliance. | Works with S3 (for document storage), Lambda (for processing), and CloudWatch (for performance monitoring). |
| AWS Personalize | Service for building personalized recommendation systems using machine learning. | Building a recommendation engine for an e-commerce website to suggest products to users based on their browsing history. | Performance Efficiency: Delivers personalized experiences at scale. Operational Excellence: Continuously improves recommendations. | Integrates with S3 (for training data), Lambda (for predictions), and CloudWatch (for performance monitoring). |
| AWS Forecast | Time-series forecasting service using machine learning to predict future outcomes based on historical data. | Predicting demand for products in an online store to optimize inventory and avoid stockouts. | Operational Excellence: Helps optimize inventory management. Performance Efficiency: Scalable forecasts for large datasets. | Integrates with S3 (for data storage), Lambda (for forecasting jobs), and CloudWatch (for monitoring). |
| AWS Macie | Machine learning-powered security service for identifying and protecting sensitive data. | Automatically detecting PII (Personally Identifiable Information) in S3 buckets to help with GDPR compliance. | Security: Ensures sensitive data is identified and protected. Operational Excellence: Automates compliance management. | Integrates with S3 (for data scanning), CloudWatch (for alerts), and IAM (for access control). |
| AWS Elastic Inference | Service that allows you to attach GPU-powered inference acceleration to EC2 instances for machine learning inference. | Accelerating inference for machine learning models (e.g., image recognition) running on EC2 instances with reduced cost. | Cost Optimization: Reduces the cost of inference. Performance Efficiency: Accelerates inference workloads. | Works with EC2 (for inference), SageMaker (for model deployment), and Lambda (for real-time inference). |
| Amazon SageMaker Studio | Integrated development environment (IDE) for machine learning model building and management. | Developing and training machine learning models, with tools to visualize data, tune models, and deploy them into production. | Operational Excellence: Provides a comprehensive development environment. Performance Efficiency: Simplifies model development. | Integrates with SageMaker, S3 (for data), CloudWatch (for monitoring), and IAM (for security). |
| AWS SageMaker Autopilot | Automates the machine learning process by automatically preparing data, selecting algorithms, and tuning models. | Automatically training a model on historical sales data to predict future sales without manual intervention. | Operational Excellence: Reduces the manual work in model creation. Performance Efficiency: Automated model optimization. | Integrates with S3 (for training data), SageMaker (for model creation), and CloudWatch (for monitoring). |
Monitoring
| Service | Purpose | Example Use Case | AWS Well-Architected Framework | Interactions |
|---|
| Amazon CloudWatch | Monitors and manages operational data, including logs and metrics, across AWS resources. | Setting up alarms for high CPU usage on EC2 instances to trigger autoscaling actions. | Operational Excellence: Ensures ongoing monitoring and performance. Security: Logs and monitors system activity. | Integrates with EC2, Lambda, RDS, CloudTrail, and many other services for resource monitoring and alerts. |
| Amazon CloudWatch Logs | Centralized logging service for monitoring, storing, and analyzing log data. | Collecting application logs from EC2 instances or Lambda functions for troubleshooting and performance optimization. | Operational Excellence: Collects logs to optimize resource management. Security: Logs suspicious activities for security auditing. | Integrates with EC2, Lambda, S3, CloudTrail, and other services to gather and analyze log data. |
| Amazon CloudWatch Alarms | Creates alarms based on specified metric thresholds to take action (e.g., scale up/down EC2). | Triggering an alarm when EC2 CPU usage exceeds a threshold, which then triggers an autoscaling action to handle traffic spikes. | Operational Excellence: Automated responses to performance issues. Reliability: Helps to maintain desired performance levels. | Works with CloudWatch metrics, EC2, Lambda, Auto Scaling, and SNS for setting up automated actions. |
| Amazon CloudWatch Metrics | Collects and tracks performance and operational data for AWS resources and custom metrics. | Tracking metrics like memory usage and network activity on EC2 instances for performance tuning. | Operational Excellence: Provides metrics for ongoing optimization. Performance Efficiency: Assists in performance optimization. | Integrates with EC2, RDS, Lambda, and other AWS resources for custom and built-in metric collection. |
| AWS X-Ray | Debugging and analyzing distributed applications by tracing requests across services. | Tracing requests in a microservices application to identify performance bottlenecks and failures. | Performance Efficiency: Optimizes application performance by identifying inefficiencies. Operational Excellence: Troubleshoots application issues. | Integrates with Lambda, API Gateway, EC2, and other services for tracing requests and visualizing service dependencies. |
| AWS CloudTrail | Logs and monitors API calls and user activity across AWS services for auditing and compliance. | Tracking who accessed an S3 bucket and what changes they made to enforce compliance and security practices. | Security: Tracks user activity to ensure access control and compliance. Operational Excellence: Helps with troubleshooting and monitoring. | Works with all AWS services to log API calls and user activity for security, compliance, and operational auditing. |
| AWS Trusted Advisor | Provides recommendations based on AWS best practices to optimize resources, security, and cost. | Identifying underutilized EC2 instances that could be resized to reduce costs. | Cost Optimization: Helps to reduce resource wastage. Security: Provides best practices for improving security. | Integrates with EC2, S3, IAM, and other services for recommendations regarding resource management, security, and cost savings. |
| Amazon EventBridge | Event-driven architecture service to connect applications using events across AWS services. | Automating responses to specific events, such as automatically triggering a Lambda function when an EC2 instance starts. | Operational Excellence: Streamlines event-driven workflows. Security: Event-driven alerts can help detect suspicious activity. | Works with Lambda, EC2, S3, and other AWS services to deliver events and automate responses. |
| Amazon Simple Notification Service (SNS) | Push notification service that sends messages or alerts to subscribers. | Sending a notification to a team when an EC2 instance reaches critical performance levels. | Operational Excellence: Delivers real-time alerts. Reliability: Notifies stakeholders to respond to incidents. | Integrates with CloudWatch, CloudTrail, and many AWS services for sending notifications based on specific triggers. |
| Amazon Simple Queue Service (SQS) | Managed message queuing service that enables communication between distributed components. | Using SQS to decouple components in a microservices application to avoid service bottlenecks. | Performance Efficiency: Allows for asynchronous message-based communication. Reliability: Ensures high availability of queued messages. | Integrates with Lambda, EC2, and other services to manage messages between components and scale workloads. |
| AWS Elastic Load Balancing (ELB) | Distributes incoming traffic across multiple targets like EC2 instances for fault tolerance. | Automatically scaling traffic to EC2 instances based on the load, ensuring high availability. | Reliability: Ensures application fault tolerance and availability. Performance Efficiency: Optimizes resource usage. | Works with EC2, Lambda, Auto Scaling, and Route 53 to distribute traffic effectively across resources. |
| AWS Systems Manager (SSM) | Centralized service to manage and automate EC2 instances and other resources. | Running patch management or performing automation tasks across EC2 instances. | Operational Excellence: Automates operational tasks and patching. Security: Ensures systems are compliant and up-to-date. | Integrates with EC2, Lambda, and other AWS resources to manage and automate system administration tasks. |
| AWS Health | Provides alerts and remediation guidance for AWS account health events. | Receiving notifications of planned AWS outages or service disruptions and automatically triggering a response. | Reliability: Improves system resilience by staying informed about AWS health events. Operational Excellence: Automates remediation actions. | Integrates with CloudWatch and SNS to monitor AWS service health and automate responses based on system events. |
| AWS CloudFormation | Infrastructure as Code (IaC) service to create and manage AWS resources using templates. | Automating the creation of EC2 instances, VPCs, and other AWS resources based on predefined templates. | Operational Excellence: Enables automated infrastructure management. Reliability: Ensures consistent resource provisioning. | Works with all AWS services to provision and manage resources based on CloudFormation templates. |
| Amazon QuickSight | Business Intelligence (BI) service for data visualization and analysis. | Creating visual dashboards for EC2 performance, CloudWatch metrics, and application data for business insights. | Performance Efficiency: Visualizes and analyzes metrics for decision-making. Operational Excellence: Enhances data-driven insights. | Integrates with CloudWatch, RDS, S3, and Redshift for data analysis and visualization. |
| AWS Application Cost Profiler | Provides insights into the cost of running workloads in AWS. | Analyzing the cost of EC2 instances, Lambda functions, and RDS instances to optimize pricing. | Cost Optimization: Helps to analyze and reduce costs. Operational Excellence: Identifies cost-saving opportunities. | Integrates with billing and cost management services, providing cost breakdowns based on resource usage. |
| Amazon Inspector | Automated security vulnerability assessment service for AWS workloads. | Running security assessments on EC2 instances to ensure that they comply with security best practices. | Security: Helps identify vulnerabilities and mitigate risks. Operational Excellence: Simplifies vulnerability management. | Integrates with EC2, CloudWatch, and Lambda for running and reporting security assessments. |
