4.4. Glossary of Key AWS Services and Concepts (Lean List)

Rapid recall of essential AWS terminology, grounded in first principles, is vital for understanding complex cloud concepts and efficiently tackling exam questions. This lean glossary provides concise definitions with practical relevance.

• "ALB (Application Load Balancer)": A Layer 7 load balancer for HTTP/HTTPS traffic, offering advanced routing features like path-based routing and SSL termination.
• "API Gateway (Amazon API Gateway)": A fully managed service that makes it easy for developers to create, publish, maintain, monitor, and secure APIs at any scale. Acts as a "front door" for applications.
• "Auto Scaling Group (ASG)": Manages a collection of EC2 instances that are treated as a logical grouping for automatic scaling and management.
• "Availability Zone (AZ)": A physically distinct, independent data center within an AWS Region, designed to be isolated from failures in other AZs.
• "AWS Backup": A centralized, managed backup service that automates backup management across various AWS services.
• "AWS Certificate Manager (ACM)": A service that lets you easily provision, manage, and deploy public and private SSL/TLS certificates for use with AWS services.
• "AWS CloudFormation": An Infrastructure as Code (IaC) service that helps you model and provision AWS and third-party resources.
• "AWS CloudFront": A fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency.
• "AWS CloudTrail": A service that enables governance, compliance, and operational and risk auditing of your AWS account by logging actions.
• "AWS Cognito": Adds user sign-up, sign-in, and access control to your web and mobile apps.
• "AWS Config": A service that enables you to assess, audit, and evaluate the configurations of your AWS resources.
• "AWS Control Tower": Simplifies setting up and governing a secure, compliant multi-account AWS environment.
• "AWS DataSync": An online data transfer service that simplifies, automates, and accelerates moving data between on-premises storage and AWS storage services.
• "AWS Direct Connect": A cloud service solution that links your internal network to AWS over a dedicated, private connection.
• "AWS DMS (Database Migration Service)": A fully managed service that helps you migrate databases to AWS quickly and securely.
• "AWS Glue": A fully managed, serverless data integration service for discovering, preparing, and combining data for analytics and machine learning.
• "AWS Global Accelerator": A networking service that improves the availability and performance of your applications by directing user traffic to optimal endpoints over the AWS global network.
• "AWS IAM (Identity and Access Management)": Securely controls access to AWS services and resources for users, groups, and roles.
• "AWS KMS (Key Management Service)": A managed service that makes it easy to create and control encryption keys used to encrypt your data.
• "AWS Organizations": Helps you centrally manage and govern your environment as you grow and scale your AWS resources.
• "AWS Shield": A managed Distributed Denial of Service (DDoS) protection service that safeguards applications running on AWS.
• "AWS Snow Family": A collection of physical devices that help migrate petabytes of data into and out of AWS.
• "AWS SQS (Simple Queue Service)": A fully managed message queuing service that enables you to decouple and scale microservices, distributed systems, and serverless applications.
• "AWS SNS (Simple Notification Service)": A fully managed messaging service for both application-to-application (A2A) and application-to-person (A2P) communication.
• "AWS STS (Security Token Service)": A web service that enables you to request temporary, limited-privilege credentials for AWS IAM users or for users that you authenticate (federated users).
• "AWS WAF (Web Application Firewall)": A web application firewall that helps protect your web applications or APIs from common web exploits.
• "AWS X-Ray": A distributed tracing service that helps developers analyze and debug production, distributed applications.
• "Cost Explorer (AWS Cost Explorer)": A free service that allows you to visualize, understand, and manage your AWS costs and usage over time.
• "CUR (Cost and Usage Report)": Provides comprehensive data about your AWS costs and usage, listing every item on your bill.
• "DynamoDB (Amazon DynamoDB)": A fast, flexible NoSQL database service for single-digit millisecond performance at any scale.
• "EBS (Elastic Block Store)": Provides persistent block storage volumes for use with Amazon EC2 instances.
• "EC2 (Elastic Compute Cloud)": Provides resizable compute capacity in the cloud as virtual servers.
• "ECS (Amazon Elastic Container Service)": A fully managed container orchestration service that makes it easy to run, stop, and manage Docker containers on a cluster.
• "Edge Location": A data center operated by AWS that caches content closer to end-users for lower latency.
• "EFS (Elastic File System)": A scalable, elastic, cloud-native NFS (Network File System) file system.
• "EKS (Amazon Elastic Kubernetes Service)": A fully managed Kubernetes service that makes it easy to run Kubernetes on AWS.
• "ELB (Elastic Load Balancing)": Automatically distributes incoming application traffic across multiple targets, such as EC2 instances.
• "Fargate (AWS Fargate)": A serverless compute engine for containers that works with both Amazon ECS and Amazon EKS.
• "Lambda (AWS Lambda)": A serverless compute service that runs your code in response to events and automatically manages the underlying compute resources for you.
• "NACL (Network Access Control List)": An optional stateless layer of security for your VPC that acts as a firewall for controlling traffic in and out of one or more subnets.
• "NAT Gateway": Enables instances in a private subnet to connect to the internet or other AWS services, but prevents the internet from initiating a connection with those instances.
• "NLB (Network Load Balancer)": A Layer 4 load balancer for TCP/UDP traffic, designed for extreme performance, static IP addresses, and ultra-low latency.
• "Principle of Least Privilege (PoLP)": A security best practice of granting only the minimum permissions needed for a user or service to perform its task.
• "PrivateLink (AWS PrivateLink)": Enables private connectivity between VPCs, AWS services, and on-premises applications without exposing data to the public internet.
• "RDS (Relational Database Service)": Simplifies setting up, operating, and scaling a relational database in the cloud.
• "Region (AWS Region)": A physical location in the world where AWS clusters data centers.
• "Route 53 (Amazon Route 53)": A highly available and scalable cloud Domain Name System (DNS) web service.
• "S3 (Simple Storage Service)": An object storage service that offers industry-leading scalability, data availability, security, and performance.
• "SCPs (Service Control Policies)": A type of organization policy that allows you to manage permissions in your AWS Organization.
• "Security Group (SG)": Acts as a virtual firewall for your EC2 instances to control inbound and outbound traffic.
• "Serverless": A cloud execution model where the cloud provider dynamically manages the allocation and provisioning of servers.
• "Shared Responsibility Model": A fundamental principle clarifying security obligations in the cloud between AWS and the customer.
• "VPC (Virtual Private Cloud)": Provides an isolated virtual network within AWS, giving you complete control over your network environment.
• "VPN (Virtual Private Network)": Provides secure, encrypted connections over the public internet between your on-premises network and your Amazon VPC.
• "Well-Architected Framework": A foundational guide for designing and operating reliable, secure, efficient, and cost-effective systems in the cloud.
• "X-Ray (AWS X-Ray)": A distributed tracing service that helps developers analyze and debug production, distributed applications.