AWS Glossary

AWS, or Amazon Web Services, is the leader in cloud infrastructure and platform services beating out the rivals like Microsoft Azure and Google Cloud Platform. Taking a dive into the world of AWS can become overwhelming as they offer so many different services. These services include resources to run virtual machines in the cloud, databases, email services, machine learning offerings, business applications, and more. On top of that, each service has its own lexicon and nuances to learn about. This glossary isn't completely comprehensive of everything inside AWS, but it does give a great overview of the different services that AWS provides and some of the general terms you'll run into with AWS. Something else to note is that this glossary is organized into sections, but keep in mind that many of the services here can belong to different sections and we tried to keep it as succinct as possible.

AWS General Terms


Amazon Machine Image (AMI)

An Amazon Machine Image is a master image that can be used to create virtual servers (EC2 instances). There are three types of AMIs.

  1. Public: an AMI that can be used by anyone.
  2. Paid: a for-pay AMI that is registered with Amazon DevPay and can be used by anyone who subscribes for it. DevPay allows developers to mark-up Amazon's usage fees and optionally add monthly subscription fees.
  3. Shared: a private AMI that can only be used by Amazon EC2 users who are allowed access to it by the developer.


Amazon Resource Name (ARN)

An Amazon Resource Name in AWS is a way to give a unique identifier to AWS resources.


Amazon Virtual Private Cloud

This service allows you to provision a logically isolated section of the AWS Cloud where you can launch AWS resources in a virtual network that you define. It gives you complete control over your virtual networking environment, including selecting your own IP address range, creating subnets, and configuring route tables and network gateways.


Availability Zone

These are distinct locations within an AWS region that are engineered to be isolated from failures in other Availability Zones. They help provide inexpensive, low-latency network connectivity to other Availability Zones in the same AWS region. Each AWS region is completely independent.


AWS Certification

A certification provided by AWS that can validate cloud expertise helping professionals highlight their skill with AWS and the Cloud.


AWS GovCloud

Amazon's specific Regions designed to host sensitive data, regulated workloads, and address the most stringent U.S. government security and compliance requirements.


AWS Marketplace

Online catalog of offerings from third-party software providers with products specifically created for AWS. Each product listed in the marketplace goes through a curation process to become available for use.


Horizontal Scaling

Scaling by adding more machines to your pool of available resources.


Infrastructure as Code

This is the process of managing and provisioning computer data centers through machine-readable definition files, rather than physical hardware configuration or interactive configuration tools. An IT infrastructure managed by this process comprises both the physical equipment, such as bare-metal servers, as well as virtual machines, and any associated resources.


Right Sizing

A method to control cloud costs by continually analyzing environment performance and usage needs and patterns, then turning off idle resources and selecting the appropriate size for resources that are either over-provisioned or poorly matched to the workload.



A cloud computing execution model in which the cloud provider runs the server, and dynamically manages the allocation of machine resources. The pricing is based on the actual amount of resource consumed by an application, rather than on pre-purchased units of capacity.


Service Quotas

Each AWS account has default quotas, formerly referred to as limits, for each AWS service. Unless otherwise noted, each of these service quotas is region specific. You can request an increase for some quotas, others however, cannot be increased.


Vertical Scaling

Scale by adding more power (CPU, RAM, etc.) to and existing machine.

Application Integration


Amazon API Gateway

A service providing all the necessary tools that help developers create, publish, maintain, monitor, and secure APIs.


Amazon AppSync

Provides a tool that helps you pull data you need from many different sources. It is a fully managed GraphQL API layer developed by AWS. It will handle the parsing and resolution of requests and can connect to other AWS services like AWS Lambda, NoSQL and SQL data stores, and HTTP APIs to gather backend data for the API.


Amazon Simple Notification Service (SNS)

A notification service that gives you the infrastructure to perform the mass delivery of messages. These messages can be pub/sub, SMS, email, and mobile push notifications.


Amazon Simple Queue Service (SQS)

A distributed queue system that allows applications to queue messages that are generated by one system and consumed by a different one. SQS acts as a temporary repository and facilitates situations where messages are produced at a higher rate but get processed at a lower rate.


Application Load Balancer (ALB)

This load balancer functions at the application layer. After the load balancer receives a request, it evaluates the listener rules in priority order to determine which rule to apply. Then it selects a target from the target group for the rule action. You can configure listener rules to route requests to different target groups based on the content of the application traffic. Routing is performed independently for each target group, even when a target is registered with multiple target groups. You can configure the routing algorithm used at the target group level. The default routing algorithm is round robin, you can also specify the least outstanding requests routing algorithm.


AWS Serverless Application Repository (SAR)

Provides a way for application publishers to distribute an application defined using a Serverless Application Model (SAM). Application consumers can search for these applications and deploy them to their AWS accounts.


AWS Step Functions

An orchestration service that lets you model workflows as state machines and coordinate distributed applications.


Elastic Load Balancing (ELB)

Automatically distributes incoming application traffic across multiple targets, such as Amazon EC2 instances, containers, IP addresses, and Lambda functions. It can handle the varying load of your application traffic in a single Availability Zone or across multiple Availability Zones.


Route 53

A highly available and scalable Domain Name System (DNS) created by Amazon. With it, developers and organizations can route end users to their web applications. A Domain Name System translates domain names into IP addresses to direct traffic to your website.



Alexa for Business

A managed service that helps organizations use Alexa. Alexa for business provides a set of management tools, APIs to integrate with existing IT applications and infrastructure, and the actual Echo devices. The goal is to help businesses deploy and operate Alexa in the workplace.


Amazon AppFlow

No-code integration for connecting data transfer between AWS and SaaS applications like Google Analytics, Marketo, Salesforce, ServiceNow, Slack, Snowflake, Zendesk, and more. Developers can trigger flows based on specific events, at pre-set times, or on-demand.


Amazon AppStream 2.0

Allows users to stream desktop applications from AWS securely to any device running HTML5 in a browser. You no longer need to use and SDK and set up a streaming service to get application access.


Amazon Chime

A communication service that provides tools for virtual meetings, video calls, and chat inside and outside your organization. Comparable to Google Meet or Zoom.


Amazon Connect

A cloud-based contact center service. Essentially it is a basic set of Automatic Call Distributor (ACD) technology that is commonly found in contact centers. You can also connect it relatively easily to AWS's other services like Lex, Lambda, Redshift, and more.


Amazon Honeycode

A service that allows you to build mobile and web applications without programming. The interface is similar to a spreadsheet. It is still in beta version.


Amazon Pinpoint

Mobile applications can send data to Amazon Pinpoint about user behavior on the app. Then marketers can use Amazon Pinpoint Console to create campaigns based on specific user behavior sending targeted push notifications that are relevant to each user.


Amazon Simple Email Service

A cloud-based email service used to create a bulk and transactional email-sending service.


Amazon WorkLink

Provides secure, mobile access to internal websites and apps. WorkLink makes it convenient for employees to access internal company content on any type of device. This allows a bring your own device environment to be more secure instead of issuing corporate devices to every employee. When an internal website is accessed by a user, the page is rendered in a browser running in a secure container in AWS.


Amazon WorkSpaces

A fully managed, cloud-based, desktop computing service that allows users to provide cloud-based desktops to their end-users. In other words, it is a cloud-based Desktop as a Service (DaaS).


AWS Ground Station

A fully managed ground station service that allows you to control satellite communications, process data, and scale your operations without needing to build or maintain your own ground station infrastructure.


Contact Lens for Amazon Connect

An analytics tool powered by machine learning for contact centers. It helps organizations identify trends with customer issues, search communication transcripts, and help improve customer service rep quality.



Amazon EC2

EC2 stands for Elastic Compute Cloud and is essentially virtual machines in the cloud managed by AWS with an operating system like Windows or Linux. It offers secure, scalable, and reliable compute resources in the cloud and can be configured with different hardware components.


Amazon EC2 Auto Scaling

This service allows you to scale your EC2 instances up or down automatically according to the parameters set by a user.


Amazon Lightsail

A service that offers bundles of cloud compute power and memory. It provides preconfigured virtual private server instances that come complete with compute, storage, networking, and more to help you deploy and manage websites and web applications in the cloud. Essentially, it includes everything you need to launch a simple web app quickly.


AWS Batch

A fully managed AWS service that does batch computing, runs jobs asynchronously and automatically across multiple compute instances.


AWS Elastic Beanstalk

A compute service that makes it easier for developers to deploy and manage applications that you upload to the cloud. At its core, AWS Elastic Beanstalk lets you simply upload your application to the AWS cloud and then provisions and handles the configuration for you. You don't pay for Elastic Beanstalk—instead, you just pay for the resources that are used to run your app like EC2, S3, etc.


AWS Fargate

A serverless compute engine for containers that works with both Amazon Elastic Kubernetes Service (EKS) and Amazon Elastic Container Service (ECS).


AWS Lambda

AWS's compute service for a serverless architecture. It allows you to run your code in response to events.


Spot Instances

An unused EC2 instance that is available for less than the On-Demand price. Because Spot Instances enable you to request unused EC2 instances at steep discounts, you can lower your Amazon EC2 costs significantly. The hourly price for a Spot Instance is called a Spot price. The Spot price of each instance type in each Availability Zone is set by Amazon EC2, and is adjusted gradually based on the long-term supply of and demand for Spot Instances. Your Spot Instance runs whenever capacity is available and the maximum price per hour for your request exceeds the Spot price. These are a cost effective choice if you are willing to be flexible about when your applications run and if they can be interrupted.



Amazon Elastic Container Registry (ECR)

A fully managed Docker container registry giving developers an easy way to store, manage, and deploy Docker container images. It integrates with Amazon Elastic Container Service (ECS) that helps simplify the development to production workflow.


Amazon Elastic Container Service (ECS)

Amazon ECS is comparable to Kubernetes, Docker Swarm, and Azure Container Service in that it is a fully managed container management service. Within AWS it runs your containers on a cluster of Amazon EC2 instances that come pre-installed with Docker.


Amazon Elastic Kubernetes Service (EKS)

A fully managed service for running Kubernetes on AWS. Amazon EKS takes care of the control plane portion of running Kubernetes; in other words, it is a managed containers-as-a-service (CaaS).


AWS App2Container (A2C)

The headline and subheader tells us what you're offering, and the form header closes the deal. Over here you can explain why your offer is so great it's worth filling out a form for.

Cost Management


AWS Budgets

Allows you to create custom cost and usage budget alerts when one or a group of services exceeds or is getting close to exceeding your budget. It can also be used to monitor utilization thresholds, making it easy to figure out if a service is over or underutilized. The utilization alerts are supported for Amazon EC2, Amazon RDS, Amazon Redshift, Amazon ElastiCache, and Amazon Elasticsearch reservations.


AWS Cost and Usage Report

These reports track your usage of AWS resources and estimate the charges associated with each account. The data is shown for each service category used in an account and its associated IAM users in hourly or daily line items. These reports are uploaded to a specified S3 bucket as a CSV file.


AWS Cost Explorer

A tool that helps you visualize your AWS monthly bills over time. It gives you a resource to find trends with a series of custom, user-generated graphs. You can also aggregate data from multiple AWS accounts and show trends to business stakeholders.


Reserved Instances (RI) Reporting

Within the AWS Cost Explorer, there are Reserved Instance Utilization and Coverage reports available. These reports help you visualize your RI data at an aggregate level with a specific RI subscription.


Savings Plans

By committing to spend a specific dollar amount per hour over a one to three year term, AWS offers a bulk discount plan. AWS claims that with the discount, you can potentially save up to 72% on compute usage with flexible pricing.

Data and Analytics


Amazon Athena

An interactive query service used to query data in S3 using SQL. Supported data formats include CSV, JSON, ORC, Avro, and Parquet. Because all of the data is stored within Amazon S3, you can easily run SQL queries on your data without needing to manage or configure infrastructure.


Amazon CloudSearch

A managed search-as-a-service in the AWS Cloud. Amazon CloudSearch uses the open-source library Apache Lucene as its underlying engine. It provides an easy way to set up, manage, and scale a search solution for your website or application. Amazon CloudSearch supports 34 languages and popular search features such as highlighting, autocomplete, and geospatial search.


Amazon Elasticsearch Service

Elasticsearch is an open-source search and analytics engine used for full-text search as well as analyzing logs and metrics. Amazon Elasticsearch Service is a fully managed service that allows you to easily deploy and run Elasticsearch.


Amazon EMR

Also known as Amazon Elastic MapReduce, Amazon EMR is a hosted Hadoop framework. It helps with big data analysis needs by providing a software framework for developers to create programs that can process unstructured data across a distributed cluster of processors or stand-alone computers.


Amazon Kinesis

A service that helps you with real-time processing of large amounts of streaming data. It is used to capture, store, and process data from large, distributed streams like event logs or social media feeds. It can be used for data logs and data feed intake, real-time graphs, and real-time data analytics.


Amazon Managed Streaming for Apache Kafka

Fully managed Apache Kafka service that helps you build and run applications that use Apache Kafka to process streaming data.


Amazon QuickSight

A business intelligence tool that provides visuals and interactive dashboards with real-time machine-learning insights. It integrates with data sources like Amazon Redshift, Amazon Athena, Amazon S3, Amazon Aurora, Apache Spark, Presto, SQL, servers, local Excel files, Salesforce, and more.


AWS Data Exchange

A place to quickly integrate third-party data in your cloud workloads. Subscribed data can be brought directly into Amazon S3.


AWS Data Pipeline

A web service that allows you to reliably automate the processing and movement of data between different sources. These sources could be different AWS services and/or on-prem data sources.


AWS Glue

A fully managed ETL (Extract, Transform, and Load) data service that connects data for reporting and analytics.


AWS Lake Formation

Helps you build a secure data lake relatively fast. It provides a central point of control where you can identify, ingest, clean, and transform data from multiple sources. The service speeds up the process of creating a data lake and simplifies it to just defining data sources, and configuring data access and security policies.



Amazon Aurora

Aurora is part of the Amazon RDS family of database services. It is a high performance managed relational database that is compatible with MySQL and PostgreSQL.


Amazon DocumentDB

A fully managed NoSQL JSON document database service with a degree of compatibility with MongoDB. It emulates the MongoDB API and runs on top of Amazon Aurora's backend.


Amazon DynamoDB

A fully managed NoSQL (Not Only SQL) database service.


Amazon ElastiCache

Caching is a method to store frequently accessed information in a temporary memory location on a server. Amazon ElastiCache is a Caching-as-a-Service that provides this caching layer. It provides two caching engine types, Memcached and Redis.


Amazon Keyspaces

AWS implementation of a fully managed Apache Cassandra compatible database.


Amazon Neptune

A fully managed graph database service with ACID properties and immediate consistency. Neptune supports two of the most popular open-source graph query languages, Apache TinkerPop Gremlin and W3C SPARQL.


Amazon RDS

One of AWS's most popular services, RDS is a managed service for storing relational database instances in the cloud. RDS supports MySQL, PostgreSQL, Oracle, SQL Server, and MariaDB.


Amazon RDS on VMWare

Helps organizations deploy fully managed database instances within a local, on-premises VMWare vSphere data center. You can deploy databases into your own data centers in just a few clicks.


Amazon Redshift

A fully managed data warehousing product. Companies use it for large-scale dataset storage and analysis as well as large-scale database migrations.


Amazon Timestream

A fully managed time-series database for IoT and operational applications.


AWS Database Migration Service (DMS)

This service helps automate the process of migrating a variety of data types, from any data source, into AWS. You first have to connect DMS to your database with the data source you would like to migrate. Next, DMS reads the data and prepares it for compatibility with the target database, and then it transfers the data according to predefined migration tasks.

Developer Tools


Amazon CloudWatch

A cloud-native tool for monitoring AWS applications in near real-time. It automatically collects metrics on request counts, latency, and CPU usage and users can send their own logs and custom metrics for monitoring. The data and reports CloudWatch provides lets users keep track of application performance, resource use, operational issues, and constraints.


Amazon CloudGuru

A machine-learning tool that will help developers improve the quality of their code. The service is made up of two tools: Amazon CodeGuru Reviewer and CodeGuru Profiler. CodeGuru Reviewer is a bug scanner that is run during code review, and CodeGuru Profiler is a tool that identifies lines of code in production applications and helps spot the causes of CPU over-utilization.


Amazon Corretto

A production ready distribution of OpenJDK. It was created internally at Amazon to create a reliable, secure distribution with documentation and process standards for its own developers. It helps companies create Java applications that can scale and run reliably.


AWS Amplify

A package of tools and services designed to make it easier for developers to create and launch applications in AWS. These tools include code libraries, ready-to-use components, and a built-in CLI.


AWS Cloud Development Kit (CDK)

Allows you to configure AWS services from your terminal and editor. It will allow you to do your configuration for the frontend and backend all with the same language.


AWS Cloud9

An online integrated development environment (IDE) that was acquired by Amazon in July 2016 becoming a part of AWS. AWS Cloud9 allows you to write, run, test, debug, and release software.


AWS CodeArtifact

A wholly managed software artifact repository service. Using this service allows the creation of centralized repositories for sharing software packages that have been approved for use across development teams.


AWS CodeBuild

Fully managed build service that compiles source code, runs tests, and produces ready-to-deploy software packages. CodeBuild makes it so you don't need to provision, manage, and scale your own build servers. It also continuously scales and processes multiple builds concurrently, so your builds don't get stuck in a queue.


AWS CodeCommit

A hosted and fully managed version control service from Amazon. It can be used to host private Git repositories and eliminates the requirement for the user to know Git.


AWS CodeDeploy

A tool that helps you automate your code deployments and eliminate the need for manual operations. It is programming language and architecture agnostic.


AWS CodePipeline

A workflow management tool that helps you release software using continuous delivery instead of scheduled releases. It allows users to build and manage a process to build, test, and deploy code in a staging or production environment.


AWS CodeStar

A free tool from AWS that gives you an interface for managing software development projects. You can securely add users with appropriate permissions. The tool includes a project management dashboard and can integrate with issue tracking capability powered by Atlassian's JIRA Software.


AWS Command-Line Interface (CLI)

A unified tool to manage AWS Services from a terminal session on your own client. It allows you to control and configure multiple AWS services and implement automation. It helps you unlock further potential within AWS than the default AWS console. It also helps you build automation through scripts.


AWS Compute Optimizer

Recommends optimal AWS Compute resources for your workloads to reduce costs and improve performance by using machine learning to analyze historical utilization metrics. Over-provisioning compute can lead to unneccessary infrastructure costs, and under-provisioning compute can lead to poor application performance. Compute Optimizer helps you choose the optimal Amazon EC2 instance types, including those that are part of an Amazon EC2 Auto Scaling group, based on your utilization data.


AWS Device Farm

A service that gives you the ability to test Android, iOS, and web apps on real phones and tablets in the AWS cloud.


AWS Trusted Advisor

An application that draws upon best practices learned from AWS's aggregated operational history of serving hundreds of thousands of AWS customers. Trusted Advisor inspects your AWS environment and makes recommendations for saving money, improving system performance, or closing security gaps.



A service that allows developers to conduct performance analysis and debug your applications. X-Ray puts your application's architecture into a Service Map and shows connections to components and a dependency tree. The setup helps with root cause analysis by showing the part of an application that is causing problems.



Script and Python module to check your AWS service limits and usage, and warn when usage approaches limits.



Amazon Braket

Getting its name from a notation system used for equations in quantum mechanics, Amazon Braket is a cloud-based quantum-computing service.


Amazon Managed Blockchain

A fully managed Amazon service that helps you build and operate scalable blockchain networks leveraging the popular open-source frameworks Hyperledger and Ethereum.


Amazon Quantum Ledger Database (QLDB)

Fully managed ledger database that is ideal for customers who want blockchain features like smart contracts and anonymous data sharing.


Amazon Sumerian

A toolkit and platform for developers to build VR and AR applications without writing any specialized custom code.


Amazon RoboMaker

Provides a toolset of robotics software from the AWS cloud. It includes development tools, simulation environments, and deployment tools.

Machine Learning


Amazon Augmented AI (A2I)

If you are using machine learning and your predictions require additional human verification, Amazon A2I provides developers with human scrutiny and removes the burden related to the development of human evaluation systems.


Amazon Comprehend

A natural language processing (NLP) service that utilizes machine learning to discover insights and relationships in text. Amazon Comprehend can recognize the language of the text and extract key phrases, places, people, brands, or events. It can also see if the text is positive or negative and automatically sorts a collection of text files by topic.


Amazon Elastic Inference

One of the steps in deploying machine learning is called inference. Inference is a process of running live data points into a machine-learning algorithm to calculate an output. This process can take a good amount of compute power. Amazon Elastic Inference allows you to attach low-cost GPU compute to your Amazon EC2 instances, Sagemaker instances, or ECS tasks to bring down the cost of running deep-learning inference.


Amazon Forecast

A pre-built machine-learning tool that will make it easier for developers to generate predictions based on time-series data. It uses essentially the same technology that Amazon has built to forecast the demand on its retail site.


Amazon Fraud Detector

A machine learning–based fraud-detection service. It can help identify online payment and identity fraud, fake account creation, and the abuse of loyalty and promotion code abuse.


Amazon Inferentia

Machine learning is highly dependent on the compute power provided. Advanced self-learning technologies will need hardware that is optimized for the task. Amazon Inferentia was announced in 2018 and will be Amazon’s own manufactured machine-learning chips.


Amazon Kendra

A service that uses machine learning to power a search engine for internal documents.


Amazon Lex

Powered by the deep learning features of automatic speech recognition (ASR) and natural language understanding (NLU) that recognizes the intent of text, this service allows you to build voice and text applications with lifelike conversational interactions.


Amazon Personalize

A fully managed service that uses the same machine-learning capabilities Amazon built for that allows you to create real-time recommendations that are personalized to your users without any ML expertise.


Amazon Polly

A text-to-speech platform that can handle plain text and Speech Synthesis Markup Language (SSML) and turn it into audio.


Amazon Rekognition

A service that helps you integrate computer vision features straight into your own applications. Amazon Rekognition provides an API where you submit your images and videos. Then you tell Rekognition to execute a specific analysis on the media. That analysis could be detecting faces, extracting labels, or features from a video.


Amazon SageMaker

A cloud-based managed service that provides the resources to build, train, and deploy scalable machine-learning models. It includes Jupyter notebooks that help you explore and visualize training data. It also has the most commonly used ML algorithms built-in.


Amazon SageMaker Ground Truth

This service is a module within Amazon SageMaker that helps users create text labeling or image annotation tasks within their AWS account. When creating training datasets for machine learning a lot of times you will need to label that data and prepare it to create accurate training datasets.


Amazon Textract

A service that helps you extract text and data from scanned documents.


Amazon Transcribe

Converts audio to text using a deep-learning process called automatic speech recognition (ASR). It can be used to transcribe customer support calls, automate subtitles, or generate metadata for media assets to create a searchable archive.


Amazon Translate

A service that translates text using machine learning. The documentation for the service says it isn’t intended to provide a “perfect” translation, but will be good enough for the reader to understand.


Apache MXNet on AWS

Apache MXNet is a training and inference framework for machine learning with a straightforward API. MXNet comes with the Gluon interface that helps developers of all skill levels use machine learning. Using MXNet on AWS is easy through Amazon Sagemaker, or deploying AWS Deep Learning AMIs.


AWS Deep Learning AMIs

AMI stands for Amazon Machine Image. The AWS Deep Learning AMIs are EC2 instances that come ready with popular deep-learning frameworks and interfaces like TensorFlow, PyTorch, and more.


AWS Deep Learning Containers

Docker images that come pre-installed with deep-learning frameworks making it easier to deploy custom machine-learning environments.


AWS DeepComposer

DeepComposer was designed to teach developers about machine learning. Using the DeepComposer keyboard, an actual keyboard or their virtual version, you create a melody, and AWS’s AI technology creates a completely original song in seconds around the melody.


AWS DeepRacer

A tool for educating about the fundamentals of machine learning through a 1/18th scale 3D autonomous race car simulator.


PyTorch on AWS

PyTorch is a popular open-source deep-learning framework. You can deploy PyTorch on AWS by either using Amazon SageMaker, or managing the infrastructure yourself and using AWS Deep Learning AMIs or AWS Deep Learning Containers, which have PyTorch already installed on them.


TensorFlow on AWS

TensorFlow is a complete open-source machine-learning library. You can start using it on AWS through Amazon Sagemaker or using AWS Deep Learning AMIs.

On-Premise & Hybrid Cloud


AWS Outposts

A service that helps organizations run hybrid cloud environments by providing fully managed and configurable compute and storage racks built with AWS-designed hardware for on-prem operations.


AWS Snow Family

Physical devices to aggregate and process data in edge locations, then transfer to AWS. This helps people who need to run operations in remote and non-data-centered environments, and in locations where there’s a lack of consistent network connectivity.


AWS Wavelength

Created with four partnerships with Verizon, Vodafone, South Korea’s SK Telecom, and Japan’s KDDI helps deliver ultra-low-latency applications for 5G devices by providing AWS compute and storage services to the edge of 5G networks.


VMWare Cloud on AWS

A partnership service between VMware and AWS that provides a hybrid cloud solution extending the on-prem vSphere environment to AWS Cloud.



Amazon Cognito

A service that gives users authentication, authorization, and user management for web and mobile applications. It allows you to build user login functionality with a username and password, or user login through a third party like Facebook, Google, Apple, or Amazon.


Amazon Detective

A service that helps you investigate potential security issues by automatically collecting log data from your AWS resources. Once the logs are collected, Detective uses machine learning, statistical analysis, and graph theory to let you visualize security investigations. It can make it faster to find the root cause of any security problems.


Amazon GuardDuty

A threat-detection service that continuously monitors for malicious activity and unauthorized behavior to protect your AWS accounts, workloads, and data stored in Amazon S3.


Amazon Inspector

An automated security assessment service that allows you to test the security state of your applications running on Amazon EC2.


Amazon Key Management Service (KMS)

Makes it easy for you to create and manage cryptographic keys and control their use across a wide range of AWS services and in your applications. AWS KMS is a secure and resilient service that uses hardware security modules that have been validated under FIPS 140-2, or are in the process of being validated, to protect your keys. AWS KMS is integrated with AWS CloudTrail to provide you with logs of all key usage to help meet your regulatory requirements and compliance needs.


Amazon Macie

A security and compliance service that gives an automated way to detect, identify, and classify data within your AWS account.


AWS Artifact

On-demand access to AWS security and compliance reports and select online agreements. These include Service Organization Control (SOC) reports, Payment Card Industry (PCI) reports, as well as certifications from different accreditation organizations.


AWS Certificate Manager

AWS service that lets you easily provision, manage, and deploy both public and private SSL/TLS certificates that can be used with your AWS services and your internal connected resources.



Amazon’s original encryption key solution for hardware-based key storage for regulatory compliance. HSM stands for Hardware Security Module. It is a Safenet Luna appliance hosted in AWS.


AWS CloudTrail

Enables governance, compliance, operational auditing, and risk auditing of your AWS account. With CloudTrail, you can log, continuously monitor, and retain account activity related to actions across your AWS infrastructure. CloudTrail provides event history of your AWS account activity, including actions taken through the AWS Management Console, AWS SDKs, command line tools, and other AWS services. This event history simplifies security analysis, resource change tracking, and troubleshooting. In addition, you can use CloudTrail to detect unusual activity in your AWS accounts. These capabilities help simplify operational analysis and troubleshooting.


AWS Directory Service

Also called AWS Managed Microsoft Active Directory (AD). This service allows you to use managed Active Directory (AD) in AWS with your directory-aware workloads and AWS resources.


AWS Firewall Manager

A security management service that provides a way to centrally configure and manage AWS WAF rules across all your AWS accounts and applications.


AWS Resource Access Manager (RAM)

A service that helps you share AWS resources with any AWS account or with Organizational Units, or your entire Organization. RAM removes the need to have duplicate resources in multiple accounts instead the resources can be centrally created in a multi-account environment.


AWS Secrets Manager

A secret management service that allows you to rotate, manage, and retrieve database credentials, API keys, and other secrets throughout their lifecycle.


AWS Security Hub

A central hub that aggregates, organizes, and prioritizes security alerts from other AWS services like GuardDuty, Inspector, and Macie. It also works with AWS partners like F5, Palo Alto, Trend Micro, Splunk, Sumo Logic, and more. This consolidation provides a single pane of glass for managing security and compliance for an entire infrastructure.


AWS Shield

A service that provides DDoS (distributed denial of service) protection for web applications running on AWS.


AWS Single Sign-On

A cloud Single Sign-On (SSO) Service that provides a way to centrally manage SSO access for multiple AWS accounts and business applications.


AWS Web Application Firewall (WAF)

Helps protect your web applications or APIs against common web exploits that may affect availability, compromise security, or consume excessive resources. AWS WAF gives you control over how traffic reaches your applications by enabling you to create security rules that block common attack patterns, such as SQL injection or cross-site scripting, and rules that filter out specific traffic patterns you define. You can get started quickly using Managed Rules for AWS WAF, a preconfigured set of rules managed by AWS or AWS Marketplace Sellers. The Managed Rules for WAF address issues like the OWASP Top 10 security risks.


Customer Managed Keys (CMK)

The primary resource in AWS KMS. The CMK includes metadata, such as the key ID, creation date, description, and key state. The CMK also contains the key material used to encrypt and decrypt data.


Identity and Access Management (IAM)

Enables you to manage access to AWS services and resources securely. Using IAM, you can create and manage AWS users and groups, and use permissions to allow and deny their access to AWS resources. IAM is a feature of your AWS account offered at no additional charge. You will be charged only for use of other AWS services by your users.


Security Group

Acts as a virtual firewall for your instance to control inbound and outbound traffic. When you launch an instance in a VPC, you can assign up to five security groups to the instance. Security groups act at the instance level, not the subnet level.



Amazon Elastic Block Store (EBS)

EC2 block storage volumes EBS provides persistent block storage volumes in the cloud that can be attached to your EC2 instances.


Amazon Elastic File System (EFS)

A fully managed file-level storage that supports access from multiple EC2 instances.


Amazon FSx for Lustre

A fully managed service that helps you launch popular open-source and commercially-licensed file systems that can integrate with S3.


Amazon FSx for Windows File Server

A service that provides file storage built on Windows Server.


Amazon S3 Glacier

Secure, durable, and extremely low-cost Amazon S3 cloud storage classes for data archiving and long-term backup. They are designed to deliver 99.999999999% durability, and provide comprehensive security and compliance capabilities that can help meet even the most stringent regulatory requirements.


Amazon Simple Storage Service (S3)

A relatively low-cost, high-speed, scalable cloud-based service designed for online backup and archiving data and application programs. You can upload, store, and download any type of file up to 5 TB in size.


AWS Backup

A tool that helps developers on AWS backup their data from multiple AWS services and their on-premises apps.


AWS Storage Gateway

A portal that extends existing data storage infrastructure by giving it access to an additional place in the cloud for data and/or backup snapshots.


CloudEndure Disaster Recovery

A service that continuously copies applications from physical, virtual, or cloud-based infrastructures to a staging environment.