Phase 5: Glossary

"ACID": (Atomicity, Consistency, Isolation, Durability) A set of properties of database transactions intended to guarantee data validity despite errors, power failures, and other mishaps.
"Active-active replication": A data replication strategy where multiple instances of a database are actively processing reads and writes simultaneously, typically across regions, for high availability and disaster recovery.
"Active Directory": A directory service developed by Microsoft for Windows domain networks.
"Agile development": An iterative approach to software development that emphasizes flexibility, collaboration, and rapid delivery of working software.
"ALB (Application Load Balancer)": A type of "Elastic Load Balancer" that operates at Layer 7 (application layer) and supports content-based routing.
"AMI (Amazon Machine Image)": A supported and maintained image provided by AWS that provides the information required to launch an "EC2 instance".
"Analogies": Comparisons made to explain new concepts by linking them to familiar ones.
"Analytics applications": Software used to process and interpret large datasets to extract insights and support decision-making.
"Anti-pattern": A common response to a recurring problem that is usually ineffective and may cause more harm than good.
"Anycast IP addresses": A network addressing and routing method in which a single destination address is shared by devices (servers) in multiple locations.
"API Gateway (Amazon API Gateway)": An AWS service for creating, publishing, maintaining, monitoring, and securing REST, HTTP, and WebSocket APIs at any scale.
"API keys": Authentication tokens (unique identifiers) used to control access to an API.
"Application performance": The responsiveness and stability of an application under various workload conditions.
"Application-level caching": Caching data directly within the application code or memory.
"Application Migration Service (AWS MGN)": An AWS service that simplifies and accelerates rehosting (lift-and-shift) of physical, virtual, and cloud servers to AWS.
"Application response times": The time taken for an application to respond to a user's request.
"Architectural complexity": The degree of intricacy and interconnectedness within a system's design.
"Architectural flaws": Design deficiencies that can lead to vulnerabilities, performance issues, or operational problems.
"Architectural integrity": The soundness and completeness of an architecture, ensuring it is robust, secure, efficient, and maintainable.
"Architectural patterns": Reusable solutions to commonly occurring problems in software architecture.
"Architectural review": A formal assessment of a system's design to ensure it meets requirements, best practices, and organizational standards.
"Archival data": Data that is retained for long periods for compliance, historical analysis, or legal reasons, typically accessed infrequently.
"Asynchronous communication": A communication model where the sender does not wait for an immediate response from the receiver.
"Asynchronous replication": A data replication method where data is copied from a primary system to a secondary system with a time delay, meaning the secondary system may not always have the most up-to-date copy.
"Athena (Amazon Athena)": An interactive query service that makes it easy to analyze data directly in "Amazon S3" using standard SQL.
"Attack surface": The sum of the different points (attack vectors) where an unauthorized user can try to enter or extract data from an environment.
"Auditable": Capable of being verified or inspected for accuracy, completeness, and compliance.
"Audit Manager (AWS Audit Manager)": An AWS service that automates the collection of evidence to help you prepare for audits.
"Audit trail": A chronological record of activities that provides documentary evidence of the sequence of events.
"Aurora (Amazon Aurora)": A "MySQL" and "PostgreSQL"-compatible relational database built for the cloud, combining enterprise performance and availability with open-source simplicity and cost-effectiveness.
"Aurora Global Database": An "Amazon Aurora" feature that allows a single "Amazon Aurora" database to span multiple AWS Regions, enabling fast disaster recovery and global reads.
"Aurora Serverless": An on-demand auto-scaling configuration for "Amazon Aurora" that automatically starts, scales, and shuts down database capacity.
"Auto Scaling (AWS Auto Scaling)": An AWS service that monitors your applications and automatically adjusts capacity to maintain steady, predictable performance at the lowest possible cost.
"Auto Scaling Groups (ASG)": An "Amazon EC2" service that automatically adjusts the number of "EC2 instances" in a group based on demand or a schedule.
"Automated change management": The use of tools and processes to manage, track, and implement changes to systems with minimal human intervention.
"Automated remediation": The automatic correction of non-compliant configurations or security findings using scripts or services.
"Automated recovery": Mechanisms that automatically detect and resolve system failures with minimal or no human intervention.
"Automation": The use of technology to perform tasks automatically without human intervention.
"Availability": The ability of a system or resource to be accessible and functional when needed.
"Availability Zone (AZ)": A distinct location within an AWS Region that is isolated from failures in other Availability Zones.
"AWS Account": A container for your AWS resources, isolated from other AWS customers.
"AWS Artifact": An AWS service that provides on-demand access to AWS security and compliance reports and select online agreements.
"AWS Backup": A centralized, managed service that automates backup management across various AWS services.
"AWS Batch": A fully managed service that enables developers, scientists, and engineers to easily and efficiently run hundreds of thousands of batch computing jobs on AWS.
"AWS Certificate Manager (ACM)": An AWS service that lets you easily provision, manage, and deploy public and private SSL/TLS certificates for use with AWS services and your internal connected resources.
"AWS Cloud Development Kit (CDK)": An open-source software development framework to define your cloud application resources using familiar programming languages.
"AWS CloudFormation": An AWS service that helps you model and set up your AWS resources, spend less time managing those resources, and more time focusing on your applications that run in AWS.
"AWS CloudHSM": A cloud-based hardware security module ("HSM") that enables you to easily generate and use your own encryption keys on "FIPS 140-2 Level 3" validated hardware.
"AWS Cloud Map": A cloud resource discovery service.
"AWS CloudTrail": An AWS service that helps you enable governance, compliance, and operational and risk auditing of your AWS account.
"AWS Compute Optimizer": A service that recommends optimal AWS resources for your workloads to reduce costs and improve performance.
"AWS Config": An AWS service that enables you to assess, audit, and evaluate the configurations of your AWS resources.
"AWS Control Tower": An AWS service that provides an easy way to set up and govern a secure, multi-account AWS environment.
"AWS Cost Anomaly Detection": A service that uses machine learning to detect unusual spending patterns.
"AWS Cost and Usage Report (CUR)": The most comprehensive dataset about your AWS costs and usage. It contains line items for every unique charge.
"AWS Cost Explorer": A free service that allows you to visualize, understand, and manage your AWS costs and usage over time.
"AWS DataSync": A data transfer service that simplifies, automates, and accelerates moving data between on-premises storage and AWS storage services.
"AWS Database Migration Service (DMS)": An AWS service that helps you migrate databases to AWS quickly and securely.
"AWS Detective": An AWS service that automatically collects log data from your AWS resources and uses machine learning, statistical analysis, and graph theory to build a linked set of data.
"AWS Direct Connect": A cloud service solution that links your internal network to AWS over a dedicated, private connection.
"AWS Elastic Beanstalk": An easy-to-use service for deploying and scaling web applications and services.
"AWS Firewall Manager": A security management service that allows you to centrally configure and manage firewall rules across your accounts and applications in "AWS Organizations".
"AWS Fault Injection Simulator (FIS)": A fully managed service for running chaos engineering experiments on AWS.
"AWS Fargate": A serverless compute engine for containers that works with both "Amazon Elastic Container Service (ECS)" and "Amazon Elastic Kubernetes Service (EKS)".
"AWS Global Accelerator": A networking service that improves the availability and performance of your applications by directing user traffic to optimal endpoints over the AWS global network.
"AWS Glue": A serverless data integration service that makes it easy to discover, prepare, and combine data for analytics, machine learning, and application development.
"AWS GuardDuty": An intelligent threat detection service that continuously monitors for malicious activity and unauthorized behavior to protect your AWS accounts and workloads.
"AWS Health Dashboard": Provides personalized view of AWS service health and alerts you to events that might affect your resources.
"AWS IAM Identity Center (SSO)": A cloud "SSO" service that makes it easy to centrally manage "SSO" access to multiple AWS accounts and business applications.
"AWS IoT": A cloud platform that connects IoT devices to AWS cloud services.
"AWS Key Management Service (KMS)": An AWS service that makes it easy for you to create and manage cryptographic keys and control their use across a wide range of AWS services and in your applications.
"AWS Lake Formation": A fully managed service that makes it easy to build, secure, and manage data lakes.
"AWS Lambda": A serverless compute service that lets you run code without provisioning or managing servers.
"AWS Lambda layers": A way to package libraries and other dependencies that "Lambda functions" can use.
"AWS Migration Evaluator": Provides migration readiness assessments and total cost of ownership ("TCO") analysis.
"AWS Migration Hub": Provides a single location to track the progress of application migrations across multiple AWS and partner solutions.
"AWS Network Firewall": A managed service that makes it easier to deploy network protections for all your "Amazon VPCs".
"AWS Organizations": An AWS service that helps you centrally manage and govern your environment as you grow and scale your AWS resources.
"AWS Outposts": A family of fully managed solutions that extend AWS infrastructure, AWS services, APIs, and tools to virtually any on-premises facility.
"AWS PrivateLink": A technology that provides private connectivity between "VPCs", AWS services, and on-premises applications, securely and directly.
"AWS Resource Access Manager (RAM)": An AWS service that helps you securely share your resources across AWS accounts, within your organization, or with "AWS Organizations".
"AWS Resource Groups": An AWS service that allows you to organize your AWS resources into logical groups.
"AWS re:Invent": A large annual conference hosted by AWS.
"AWS re:Post": The official AWS Q&A forum.
"AWS Schema Conversion Tool (SCT)": A tool that makes heterogeneous database migrations easier by converting the source database schema and a majority of the custom code to a format compatible with the target database.
"AWS Security Hub": An AWS service that provides a comprehensive view of your security alerts and security posture across your AWS accounts.
"AWS Service Catalog": An AWS service that allows organizations to create and manage catalogs of IT services that are approved for use on AWS.
"AWS Shield": A managed Distributed Denial of Service ("DDoS") protection service that safeguards applications running on AWS.
"AWS Site-to-Site VPN": A managed "VPN" connection that creates an encrypted tunnel between your on-premises network and your "Amazon VPC" over the public internet.
"AWS Snow Family": A collection of physical devices that help you to physically transport terabytes to petabytes of data into and out of AWS.
"AWS Snowball Edge": A data migration and edge computing device from the "AWS Snow Family".
"AWS Snowcone": A small, portable, rugged, and secure edge computing and data transfer device from the "AWS Snow Family".
"AWS Snowmobile": An exabyte-scale data transfer service used to move extremely large amounts of data to AWS.
"AWS SQS (Simple Queue Service)": A fully managed message queuing service that enables you to decouple and scale microservices, distributed systems, and serverless applications.
"AWS SNS (Simple Notification Service)": A fully managed messaging service for both application-to-application ("A2A") and application-to-person ("A2P") communication.
"AWS STS (Security Token Service)": A web service that enables you to request temporary, limited-privilege credentials for "AWS IAM users" or for users that you authenticate (federated users).
"AWS Step Functions": A serverless workflow service that lets you combine "AWS Lambda functions" and other AWS services to build business-critical applications.
"AWS Storage Gateway": A hybrid cloud storage service that connects an on-premises software appliance with cloud-based storage to provide seamless integration.
"AWS Systems Manager": A unified interface for operational data and task automation across your AWS resources.
"AWS Systems Manager Automation documents": Pre-defined or custom runbooks within "Systems Manager" that automate operational workflows.
"AWS Systems Manager Change Manager": A service that automates and audits operational changes across accounts and regions.
"AWS Systems Manager Patch Manager": An AWS service that automates the process of patching managed instances with security-related and other types of updates.
"AWS Systems Manager Run Command": A "Systems Manager" capability that securely executes commands on "EC2 instances" and on-premises servers.
"AWS Systems Manager Session Manager": A "Systems Manager" capability that allows you to manage "EC2 instances" through a browser-based shell or "CLI", without opening inbound ports.
"AWS Trusted Advisor": An AWS service that provides recommendations that help you follow AWS best practices.
"AWS WAF (Web Application Firewall)": An AWS service that helps protect your web applications or APIs from common web exploits that may affect availability, compromise security, or consume excessive resources.
"AWS X-Ray": An AWS service that helps developers analyze and debug distributed applications, such as those built using microservices.
"Background processing": Tasks that run independently of the main application thread, often performed asynchronously.
"Backup and Restore": A disaster recovery strategy that involves backing up data and restoring it to a new environment in case of a disaster.
"Bare minimum permissions": See "Principle of Least Privilege".
"BASE": (Basically Available, Soft state, Eventually consistent) A set of properties for distributed databases that prioritize availability and partition tolerance over strong consistency.
"Batch computing workloads": Workloads characterized by processing large sets of data or tasks in batches, often non-interactive.
"Batch jobs": Computer programs or scripts that execute a series of operations without manual intervention.
"Billing Console": The AWS Management Console section for managing billing and costs.
"Blameless post-mortems": A post-incident analysis process focused on identifying systemic and process failures rather than individual mistakes, fostering a culture of learning.
"Blast radius": The potential impact or damage that a failure or security breach of a component could have on the rest of the system.
"Block storage": A storage architecture that stores data in fixed-size blocks, often used for databases and boot volumes.
"Blue/Green Cutover": A deployment strategy that involves running two identical production environments, "Blue" (current version) and "Green" (new version), and switching traffic between them.
"Boot volumes": The storage volumes that contain the operating system and are used to start a compute instance.
"Bottleneck": A point of congestion in a system that limits overall performance.
"Brute-Force Attacks": Repeated, systematic guessing of credentials (passwords, "API keys").
"Budget management": The process of planning, tracking, and controlling financial expenditures.
"Budget overruns": When actual expenses exceed planned budget allocations.
"Budgeting": The process of creating a plan to spend money.
"Burstable Instances": "EC2 instance" types (T-family) that provide a baseline level of CPU performance with the ability to burst above the baseline when needed.
"Bursting Throughput": An "EFS" throughput mode where file system throughput scales with the amount of data stored.
"Business continuity": The ability of an organization to maintain essential functions during and after a disaster.
"Business intelligence (BI)": Technology-driven process for analyzing data and presenting actionable information to help executives, managers, and other corporate end users make informed business decisions.
"Business value": The tangible and intangible benefits that an organization gains from its investments or operations.
"Byte-range fetches": A method to retrieve only a specified portion of an object from "Amazon S3".
"Caching": A technique for storing copies of data in a temporary storage location for faster access.
"Caching layer": A dedicated component or service used for caching data to improve performance and reduce load on primary data stores.
"Canary Cutover": A deployment strategy that gradually shifts a small percentage of traffic to the new environment, observes behavior, and then slowly increases traffic if no issues are detected.
"CAP Theorem": A theorem stating that a distributed data store cannot simultaneously provide more than two out of three guarantees: Consistency, Availability, and Partition tolerance.
"Capacity management": The process of planning and optimizing resources to meet current and future demand.
"Cardinality": In databases, the number of unique values in a column. High cardinality means many unique values.
"Central IT governance team": A team responsible for setting and enforcing policies, standards, and best practices for IT operations and cloud usage across an organization.
"Central security team": A team responsible for overall security posture, policy enforcement, and incident response across an organization's cloud environment.
"Centralized access management": Managing user identities and permissions from a single source or system.
"Centralized billing": A feature of "AWS Organizations" that allows you to receive a single bill for all AWS accounts in your organization.
"Centralized control": Management and governance exercised from a single, authoritative point.
"Centralized governance": Managing policies, standards, and controls from a central authority across multiple accounts or units.
"Centralized identity management": Managing user identities and access privileges from a single, unified system.
"Change Data Capture (CDC)": A set of software design patterns used to determine and track the data that has changed so that action can be taken with the changed data.
"Change Management": The process of controlling all changes to a system to minimize disruption.
"Chargeback": An accounting method that allocates IT costs to the departments or business units that incurred them.
"Chatbot": An AI program that simulates human conversation through voice or text.
"Chatty applications": Applications that generate a high volume of network traffic between components.
"CI/CD (Continuous Integration/Continuous Deployment/Delivery)": The practice of automating the software development lifecycle to deliver code changes more frequently and reliably.
"CIDR blocks": (Classless Inter-Domain Routing) A method for allocating IP addresses and routing IP packets. Used to define "VPCs" and subnets.
"Classification strategies": Methods for categorizing data based on its sensitivity, value, and regulatory requirements.
"Client VPN (AWS Client VPN)": A managed client-based "VPN" service that enables you to securely access your AWS resources and resources in your on-premises network from any location.
"Clickstream data": Data generated by a user's activity on a website or application, such as clicks, page views, and interactions.
"Cloud computing": The on-demand delivery of compute power, database storage, applications, and other IT resources through a cloud services platform via the internet with pay-as-you-go pricing.
"Cloud native": An approach to building and running applications that takes advantage of the cloud computing delivery model.
"Cloud-native architectures": Application designs that are specifically built to leverage the scalability, flexibility, and resilience of cloud platforms.
"Cloud-native benefits": Advantages gained by adopting cloud-native architectural patterns, such as increased agility, scalability, cost efficiency, and resilience.
"Cloud-native compute": Compute resources specifically designed for cloud environments, like serverless functions and containers.
"Cloud-native solution": An application or system designed to take full advantage of cloud characteristics like elasticity, resilience, and managed services.
"Cloud-native transformation": The process of evolving legacy applications or developing new ones to fully leverage cloud-native principles and services.
"Cloud-native workloads": Applications or processes specifically designed and optimized to run on cloud platforms.
"Cloud services": IT infrastructure, platforms, or software offered as services over the internet.
"Cloud spend": The total financial expenditure on cloud resources and services.
"Cloud-based hardware security module (HSM)": A physical computing device that safeguards and manages digital keys for strong authentication and provides crypto processing.
"CloudFront (Amazon CloudFront)": A fast content delivery network ("CDN") service that securely delivers data, videos, applications, and APIs to customers globally with low latency.
"CloudWatch (Amazon CloudWatch)": A monitoring and observability service built for DevOps engineers, developers, site reliability engineers (SREs), and IT managers.
"CloudWatch Agent": A software package that enables you to collect metrics and logs from "EC2 instances" and on-premises servers and send them to "CloudWatch".
"CloudWatch Alarms": Tools in "CloudWatch" that watch metrics and initiate actions using "Amazon SNS" or "Auto Scaling" when metric thresholds are met.
"CloudWatch Anomaly Detection": A "CloudWatch" feature that uses machine learning to identify unusual patterns in your metrics.
"CloudWatch Dashboards": Customizable home pages in "CloudWatch" that you can use to monitor your resources in a single view.
"CloudWatch Logs": A "CloudWatch" feature that allows you to monitor, store, and access your log files from "EC2 instances", "CloudTrail", and other sources.
"CloudWatch Logs Insights": A "CloudWatch Logs" feature that enables you to interactively search and analyze your log data.
"CloudWatch metrics": Data points that represent a time-ordered set of data points from AWS resources or applications.
"CloudWatch Event": A service that delivers a near real-time stream of system events that describe changes in AWS resources.
"CloudWatch Synthetic Monitoring (Canaries)": Configurable scripts that run on a schedule to monitor endpoints and APIs, simulating user behavior.
"Cluster file system": A file system that is simultaneously mounted on multiple servers in a cluster, providing shared access to data.
"Cluster Placement Group": An "EC2" placement strategy that packs instances close together inside an "Availability Zone" for low-latency network performance.
"CMS (Content Management Systems)": Software applications used to create and manage digital content.
"Cognito (Amazon Cognito)": Adds user sign-up, sign-in, and access control to your web and mobile apps.
"Cold Data": Data that is rarely accessed and is typically stored in low-cost archival storage tiers.
"Cold starts": The latency incurred during the first invocation of an idle "Lambda function", as AWS needs to initialize the execution environment.
"Collaboration": The action of working together to produce something.
"Columnar data warehouse": A database management system that stores data in columns rather than rows, optimized for analytical queries.
"Common pitfalls": Frequent mistakes or misunderstandings that can lead to issues.
"Communication channels": Means by which information is transmitted.
"Company's IT infrastructure": The entire set of information technology components that enable the operation and management of an enterprise.
"Compliance": Adherence to rules, regulations, laws, standards, or ethical practices.
"Compliance auditing": The process of verifying adherence to regulations, standards, or internal policies.
"Compliance frameworks": Structured sets of guidelines and requirements used to demonstrate adherence to regulatory or industry standards.
"Compliance requirements": Mandatory rules or standards that an organization must follow.
"Compliance-driven scenarios": Situations where adherence to specific regulations or standards is a primary driver for architectural decisions.
"Compliance baselines": Minimum security requirements or configurations that resources must adhere to to meet compliance standards.
"Compliance reports": Documents that detail an organization's adherence to specific compliance standards.
"Component failures": The malfunction or breakdown of individual parts within a system.
"Composite primary keys": A primary key that consists of two or more attributes in a database table.
"Comprehensive discovery": A thorough process of identifying and documenting all assets, configurations, and dependencies within an IT environment.
"Compromised credentials": Authentication details (e.g., passwords, "API keys") that have been stolen or exposed.
"Compute capacity": The amount of processing power available.
"Compute costs": The expenses incurred from using compute resources, such as virtual servers or serverless functions.
"Compute instance sizes": The specific configurations of CPU, memory, storage, and networking available for compute instances.
"Compute layer": The part of an application's architecture responsible for running application code and processing data.
"Compute models": Different approaches to providing compute resources, such as virtual machines, containers, or serverless functions.
"Compute-optimized instances": "EC2 instance" types (C-family) that are designed for compute-intensive applications requiring high performance processors.
"Compute resources": Processing power and memory used by applications.
"Compute services": AWS services that provide compute capacity, such as "EC2", "Lambda", and "Fargate".
"Concurrency Limits": The maximum number of simultaneous executions for a "Lambda function" or other concurrent processes.
"Concurrent access": When multiple users or applications access the same resource simultaneously.
"Configuration drift": The state where the actual configuration of an environment has diverged from the intended, code-defined configuration.
"Configuration tweak": A small adjustment made to a system's settings.
"Confidentiality": The principle of preventing unauthorized disclosure of information.
"Consistent execution": Ensuring that tasks or processes run in the same way every time.
"Consistent performance": Maintaining a steady and predictable level of performance over time.
"Consolidated billing": A feature of "AWS Organizations" that allows you to receive a single bill for all AWS accounts in your organization.
"Constraints": Limitations or restrictions that must be considered in a design.
"Constructs": Reusable cloud components in "AWS CDK" that encapsulate AWS resources and their configurations.
"Container orchestration": The automated management of containers, including deployment, scaling, networking, and health monitoring.
"Container portability": The ability of containers to run consistently across different environments (development, production, on-premises, cloud).
"Container workloads": Applications that run within containers.
"Containerized applications": Applications packaged within containers along with all their dependencies.
"Containers": Lightweight, portable, self-sufficient units that package an application and all its dependencies.
"Content-based routing": Routing HTTP/HTTPS requests based on application-layer characteristics like URL paths or host headers.
"Content delivery": The process of distributing digital content to end-users.
"Content delivery network (CDN)": A globally distributed network of proxy servers and their data centers.
"Content Management Systems (CMS)": Software applications used to create and manage digital content.
"Continuous auditing": Ongoing monitoring and assessment of systems and processes to ensure compliance.
"Continuous data replication (CDC)": Ongoing synchronization of data changes from a source database to a target database.
"Continuous improvement": An ongoing effort to improve products, services, or processes.
"Continuous monitoring": Ongoing observation of systems and processes to detect issues and ensure desired state.
"Continuous synchronization": Maintaining consistent data between two or more locations in real time or near real time.
"Control": The ability to manage and configure resources or services.
"Controlled autonomy": Granting teams or individuals the freedom to make decisions within defined boundaries or guardrails.
"Controlled access": Limiting access to resources to authorized entities only.
"Controlled self-service": Providing users with the ability to provision resources on demand within predefined limits and governance policies.
"Corporate credentials": Login details (usernames, passwords) used within an organization's internal identity system.
"Corporate directories": Centralized repositories of user identities and related information within an enterprise.
"Correlated failures": When multiple components or instances fail simultaneously due to a shared dependency or underlying issue.
"Cost allocation": The process of assigning costs to specific departments, projects, or business units.
"Cost Allocation Tags": User-defined labels that you apply to AWS resources to categorize and track costs.
"Cost control": The practice of managing and reducing expenses.
"Cost drivers": Factors that contribute most significantly to the overall cost of a system or operation.
"Cost efficiency": Achieving desired outcomes with the lowest possible cost.
"Cost governance": The set of policies, processes, and tools used to manage and control cloud spending across an organization.
"Cost management tools": Services or software that help monitor, analyze, and control cloud expenditures.
"Cost optimization": The process of reducing cloud expenses while maintaining desired performance and reliability.
"Cost protection": Features or benefits that mitigate unexpected cost increases.
"Cost-effective": Providing good value for the money spent.
"Cost-optimized compute": Compute resources that are selected and configured to provide the necessary performance at the lowest possible cost.
"Cost-optimized storage": Storage solutions that are designed to minimize expenses while meeting data requirements.
"Craftsman's spirit": A mindset characterized by attention to detail, dedication to quality, and continuous improvement in one's work.
"Crawlers": Programs in "AWS Glue" that connect to data stores, infer schemas, and populate the Data Catalog.
"Critical applications": Applications that are essential for business operations and require high availability and resilience.
"Cross-account access": Enabling users or services in one AWS account to access resources in a different AWS account.
"Cross-AZ data transfer costs": Charges incurred when data moves between different "Availability Zones" within the same "AWS Region".
"Cross-Region RDS Read Replicas": "Read replicas" for "Amazon RDS" databases that are located in a different "AWS Region" from the primary database.
"Cross-Region Replication (CRR)": An "Amazon S3" feature that automatically and asynchronously copies objects between "S3 buckets" in different "AWS Regions".
"Cross-site scripting (XSS)": A type of security vulnerability typically found in web applications that enables attackers to inject client-side scripts into web pages viewed by other users.
"Cryptographic verifiability": The ability to mathematically prove that data has not been altered.
"Cryptographic keys": Pieces of information (parameters) that determine the functional output of a cryptographic algorithm.
"Custom applications": Software programs that are specifically designed and developed for a particular organization or set of users.
"Custom configurations": Specific settings or setups that are tailored to individual needs.
"Custom rules": Rules defined by the user or organization for "AWS Config" or "AWS WAF" to meet specific compliance or security requirements.
"Custom TCP-based protocol": A networking protocol that uses TCP as its transport layer but has a custom application-layer format.
"Customer master key (CMK)": The primary resource in "AWS KMS" that represents an encryption key.
"Cutover strategies": Methods used to switch traffic from an old environment to a new one during a migration or deployment.
"Data access patterns": The ways in which data is read, written, or modified.
"Data access policies": Rules that govern who can access data and what actions they can perform.
"Data analytics application": Software designed to process and analyze large volumes of data to extract insights.
"Data archiving": The process of moving data that is no longer actively used to a separate storage system for long-term retention.
"Data consistency issues": Problems that arise when multiple copies of data are not synchronized, leading to conflicting or outdated information.
"Data consistency models": Rules that govern how updates to a distributed database are propagated and when those updates become visible to readers.
"Data consumption": The act of accessing and using data for various purposes.
"Data corruption": Errors in data that result in incorrect or incomplete information.
"Data classification": Categorizing data by sensitivity (e.g., public, internal, confidential, restricted) to apply appropriate security controls.
"Data center": A physical facility that houses computer systems and associated components.
"Data degradations": Reductions in the quality or integrity of data.
"Data distribution": How data is spread across multiple nodes or partitions in a distributed database.
"Data durability": The ability of data to remain intact and uncorrupted over its lifecycle.
"Data governance": The overall management of the availability, usability, integrity, and security of data in an enterprise.
"Data integrity": The accuracy and consistency of data over its entire lifecycle.
"Data ingestion": The process of collecting and transferring data from various sources into a storage system.
"Data ingestion patterns": Different approaches to collecting and transferring data, such as streaming or batch.
"Data libraries": Metaphor for organized repositories of data.
"Data lifecycle": The entire span of a data's existence, from creation to deletion.
"Data loss": The unintentional deletion or corruption of data.
"Data Mesh principles": An architectural paradigm that decentralizes data ownership and governance, treating data as a product.
"Data migration": The process of transferring data between storage systems or locations.
"Data model": An abstract model that organizes elements of data and standardizes how they relate to one another.
"Data pipelines": A series of steps for moving and transforming data from sources to destinations.
"Data persistence layer": The component of an application responsible for storing and retrieving data from a database or storage system.
"Data processing": The collection and manipulation of data to produce meaningful information.
"Data protection": Measures taken to safeguard data from unauthorized access, corruption, or loss.
"Data residency": The physical location where data is stored, often mandated by regulations.
"Data retention": The period for which data is stored, often defined by legal or compliance requirements.
"Data replication": The process of creating and maintaining multiple copies of data across different locations.
"Data synchronization": Ensuring consistency between multiple copies of data.
"Data transfer": The movement of data from one location to another.
"Data transfer costs": Charges incurred when data moves across networks or between services.
"Data transformation": The process of converting raw data into a clean, consistent, and enriched format.
"Data tiering": Categorizing data by access frequency and moving it to corresponding storage classes to optimize cost and performance.
"Data types": Different formats or structures of data (e.g., structured, unstructured, semi-structured).
"Data versioning": Tracking changes to data over time, allowing access to previous versions.
"Data warehouses": Large repositories of historical data used for analytical processing and business intelligence.
"Database access": Interacting with a database to read, write, or modify data.
"Database back-end": The component of an application that stores and manages data.
"Database models": Different ways of structuring and organizing data within a database.
"Database connections": Links between an application and a database.
"Database costs": Expenses incurred from using database services.
"Database engines": Software systems that manage databases, such as "MySQL", "PostgreSQL", or "DynamoDB".
"Database load": The amount of work a database is performing.
"Database management system": A software system used to create and manage databases.
"Database patching": Applying updates and fixes to database software.
"Database performance": The speed and efficiency of database operations.
"Database provisioning": Setting up and configuring database resources.
"Database query results": Data retrieved from a database in response to a query.
"Database replication": Creating and maintaining multiple copies of a database for high availability or read scaling.
"Database snapshots": Point-in-time copies of a database that can be used for recovery.
"Database solution": The combination of database services and configurations used to store and manage data for an application.
"Database services": AWS services that provide database capabilities, such as "RDS", "DynamoDB", and "Aurora".
"Database storage": Disk space used to store database files.
"Database workloads": Patterns of operations (reads, writes, queries) performed on a database.
"Databases": Organized collections of data.
"Data-driven architectural decisions": Architectural choices made based on analysis of data (e.g., performance metrics, cost reports).
"Data-driven optimization": Improving efficiency or performance based on insights derived from data analysis.
"Data lakes": Centralized repositories that allow you to store all your structured and unstructured data at any scale.
"Data lakes": Centralized repositories that allow you to store all your structured and unstructured data at any scale.
"Data processing workflows": Sequences of steps involved in transforming and analyzing data.
"Data transfer costs": Charges incurred when data moves between AWS services, Regions, or to the internet.
"DDoS (Distributed Denial of Service)": A malicious attempt to disrupt normal traffic of a targeted server, service, or network by overwhelming the target or its surrounding infrastructure with a flood of Internet traffic.
"Debug": The process of identifying and removing errors from computer hardware or software.
"Decentralized innovation": Fostering creativity and problem-solving by distributing decision-making authority.
"Decouple": To reduce direct dependencies between components in a system.
"Decoupling": The architectural principle of reducing direct dependencies between components or microservices.
"Dedicated Hosts": An "Amazon EC2" purchasing option that provides physical "EC2" servers dedicated for your use, offering licensing flexibility for existing server-bound software.
"Defense in Depth": A security strategy that uses multiple layers of security controls to protect a system.
"Delivering business value": Providing tangible benefits or contributions to an organization's goals.
"Demanding relational workloads": Database operations that require high performance, scalability, and transactional integrity from a relational database.
"Dependencies": Relationships between components where one component relies on another.
"Dependencies mapping": The process of identifying and documenting all dependencies between applications and infrastructure components.
"Deployment pipelines": Automated workflows that take code from development to production.
"Deployment process": The steps involved in releasing software or infrastructure changes to an environment.
"Deployment workflows": Automated sequences of tasks for deploying applications or infrastructure.
"Design patterns": Reusable solutions to commonly occurring problems in software architecture.
"Designed for scale": Architected to handle increasing load or data volume without significant degradation.
"Designing distributed applications": The process of creating applications that run across multiple interconnected systems.
"Detective Controls": Security controls that detect security events or vulnerabilities after they have occurred.
"DevOps team": A team that integrates development and operations practices to improve collaboration and delivery speed.
"Development accounts": AWS accounts specifically designated for software development and testing.
"Development cycles": The phases of software development, from planning to testing and deployment.
"Development environments": Configurations of software and hardware used by developers to build and test applications.
"Digital locker": Metaphor for secure cloud storage.
"Direct Connect location": A facility where AWS customers can establish a physical connection to "AWS Direct Connect".
"Disaster recovery (DR)": A comprehensive plan to recover from large-scale outages or disasters.
"Disaster Recovery (DR) Region": An "AWS Region" designated as the backup location for disaster recovery purposes.
"Disaster Recovery Plan": A documented process or set of procedures to recover from a disaster.
"Discovery": The process of identifying and inventorying existing IT assets and dependencies.
"Discovery Tools": Software or services used to identify and collect information about IT assets.
"Distributed applications": Applications that run across multiple interconnected systems.
"Distributed computing": A computing paradigm where components of a software system are spread across multiple computers in a network.
"Distributed tracing service": A tool that tracks requests as they flow through multiple services in a distributed application.
"DNS (Domain Name System)": A hierarchical and decentralized naming system for computers, services, or other resources connected to the Internet or a private network.
"DNS records": Entries in the Domain Name System that map domain names to IP addresses or other resources.
"Docker": An open-source platform for developing, shipping, and running applications using containers.
"Docker containers": Containers built using the "Docker" platform.
"Document database": A "NoSQL" database that stores data in flexible, "JSON"-like documents.
"Domain weighting": The percentage or importance assigned to different sections or topics in an exam.
"Downtime": The period during which a system or application is unavailable.
"Dynamic IP addresses": IP addresses that are assigned temporarily and can change over time.
"Dynamic rule sets": Firewall rules that automatically update based on changes in network conditions or resource configurations.
"DynamoDB (Amazon DynamoDB)": A fully managed, serverless, key-value "NoSQL" database designed to run high-performance applications at any scale.
"DynamoDB Auto Scaling": A "DynamoDB" feature that automatically adjusts the provisioned throughput capacity of a table in response to changes in traffic.
"DynamoDB default reads": Eventually consistent reads in "DynamoDB", which are the default behavior.
"DynamoDB Global Tables": An "Amazon DynamoDB" feature that provides multi-Region, active-active replication for "NoSQL" databases.
"DynamoDB Streams": A "DynamoDB" feature that captures a time-ordered sequence of item-level modifications in a "DynamoDB" table.
"EBS (Amazon Elastic Block Store)": A high-performance block storage service designed for use with "Amazon EC2" for both throughput and transaction intensive workloads.
"EBS encryption": Encrypting data stored on "EBS volumes".
"EBS HDD volumes": Hard Disk Drive ("HDD") "EBS volume" types, optimized for throughput.
"EBS IOPS": Input/Output Operations Per Second for "EBS volumes".
"EBS snapshots": Point-in-time backups of "EBS volumes" stored in "Amazon S3".
"EBS SSD volumes": Solid State Drive ("SSD") "EBS volume" types, optimized for "IOPS".
"EBS storage": The storage provided by "EBS volumes".
"EBS throughput": The rate at which data can be transferred to and from "EBS volumes".
"EBS volume types": Different types of "EBS" storage volumes with varying performance and cost characteristics.
"EC2 (Elastic Compute Cloud)": A web service that provides resizable compute capacity in the cloud.
"EC2 AMI": See "AMI (Amazon Machine Image)".
"EC2 Auto Scaling": See "Auto Scaling Groups (ASG)".
"EC2 Image Builder": A service that automates the creation, management, and deployment of custom, secure, and up-to-date server images.
"EC2 instance": A virtual server in the "Amazon EC2" service.
"EC2 instance capacity": The amount of compute power available from "EC2 instances".
"EC2 instance profiles": Containers for an "IAM role" that "EC2 instances" can use to access AWS services.
"EC2 instance types": Specific configurations of CPU, memory, storage, and networking capacity for "EC2 instances".
"ECR (Amazon Elastic Container Registry)": A fully managed "Docker" container registry that makes it easy for developers to store, manage, and deploy "Docker" container images.
"Edge Caching": Storing content at network edge locations for faster delivery.
"Edge computing": A distributed computing paradigm that brings computation and data storage closer to the sources of data.
"Edge Locations": Data centers operated by AWS that are strategically positioned in highly populated areas around the world to cache content closer to end-users.
"Edge networking": Network services that operate at the edge of the AWS global network, closer to end-users or data sources.
"Efficient code": Software that performs its functions with minimal use of resources and optimal speed.
"Efficient data flow": The smooth and optimized movement of data through a system.
"Efficient execution": Performing tasks with minimal waste of resources or time.
"Efficient governance": Managing policies and controls effectively and with minimal overhead.
"Efficient storage": Storing data in a way that minimizes cost while meeting performance and durability requirements.
"EFS (Amazon Elastic File System)": A scalable, elastic, cloud-native "NFS" file system for use with AWS Cloud services and on-premises resources.
"EFS Performance Modes": Different configurations for "EFS" file systems that optimize performance for specific workloads (General Purpose or Max I/O).
"Egress (data transfer)": Data moving out of AWS to the internet or other regions, which typically incurs charges.
"Egress-Only Internet Gateway": A "VPC" component for "IPv6" traffic that allows outbound communication from instances in a private subnet to the internet, but prevents inbound communication.
"Elaboration": An advanced study technique where you connect new concepts to existing knowledge by asking why and how.
"Elastic Block Store (EBS)": See "EBS".
"Elastic Load Balancing (ELB)": An AWS service that automatically distributes incoming application traffic across multiple targets.
"Elastic Kubernetes Service (EKS)": See "EKS".
"Elastic Network Interface (ENI)": A logical networking component in a "VPC" that represents a virtual network card.
"Elasticity": The ability of a system to automatically acquire and release computing resources to match demand.
"ElastiCache (Amazon ElastiCache)": A fully managed, in-memory caching service that supports "Redis" and "Memcached".
"ELT (Extract, Load, Transform)": A data integration process where raw data is loaded directly into a target system (data lake), and then transformed within that system.
"EMR (Amazon EMR)": A managed "Hadoop" framework for processing vast amounts of data using big data frameworks like "Spark", "Hive", "Presto".
"Encryption": The process of transforming information into a code to prevent unauthorized access.
"Encryption at rest": Encrypting data when it is stored on a physical device.
"Encryption in transit": Encrypting data as it moves across networks.
"End-to-end encryption": Encryption that protects data from its origin to its destination, ensuring it remains encrypted throughout its entire journey.
"End-to-end request flow": Tracing a single request through all components of a distributed application.
"End-user perspective": How a system or application is experienced by the final user.
"Enterprise-grade solutions": Systems designed to meet the high standards of large organizations for scalability, security, reliability, and management.
"Enterprise file sharing needs": Requirements for sharing files within a large organization.
"Enterprise-scale networking": Designing networks to support the vast and complex connectivity needs of a large enterprise.
"ERP (Enterprise Resource Planning)": Software systems that integrate core business processes across an organization.
"ETL (Extract, Transform, Load)": A data integration process that extracts data from sources, transforms it into a usable format, and loads it into a target system.
"ETL engine": The component responsible for executing data transformation processes.
"Event-driven automation": Automating tasks or workflows in response to events.
"Event-driven architectures (EDA)": A software architecture pattern where application components communicate by sending and reacting to events.
"Event-driven functions": Functions (like "AWS Lambda") that execute in response to events.
"EventBridge (Amazon EventBridge)": A serverless event bus that makes it easier to connect applications together using data from your own applications, integrated "SaaS" applications, and AWS services.
"Events": Changes in state or an occurrence that is significant to a system.
"Eventually Consistent Reads": A data consistency model where readers may not immediately see the most recent writes, but eventually all updates propagate.
"Evaluation": The cognitive skill of assessing the strengths and weaknesses of different options.
"Execution duration": The amount of time a compute process runs.
"External auditors": Independent professionals who review an organization's records and processes for compliance.
"External integrations": Connections between your application and third-party services or systems.
"External identity providers": Services (e.g., "Azure AD", "Okta") that manage user identities and authenticate users outside of AWS.
"Facade": A design pattern that provides a simplified interface to a complex subsystem.
"Failover": The process of automatically switching to a redundant system or component when the primary one fails.
"Failover mechanisms": Automated processes that redirect traffic from unhealthy resources to healthy ones.
"Failure domains": Sections of a system that are isolated such that a failure in one domain does not affect others.
"Failure management": Strategies for anticipating, detecting, and recovering from system failures.
"Fault isolation": Designing systems so that a failure in one component does not cause cascading failures in other components.
"Fault tolerance": The ability of a system to continue operating without interruption despite the failure of one or more components.
"Fault-tolerant workloads": Applications that are designed to withstand and recover from failures without significant disruption.
"Feature branches": Separate lines of development in a version control system for building new features.
"Federated access": Allowing users to access AWS using credentials from an external identity system.
"Federation": The process of linking disparate identity management systems to allow users to authenticate once and access multiple resources.
"Feynman Technique": A study method that involves explaining a concept in simple terms as if teaching it to someone else.
"File data": Data stored in files and organized in a hierarchical file system.
"File system": A method and data structure that an operating system uses to control how data is stored and retrieved.
"File storage": Storage that allows data to be accessed and managed as files.
"Financial accountability": Being responsible for financial resources and expenditures.
"Financial records": Documents that detail financial transactions.
"Financial services company": Organizations that provide financial products or services.
"FinOps (Cloud Financial Management)": A cultural practice that brings financial accountability to the variable spend of cloud, enabling organizations to make business trade-offs between speed, cost, and quality.
"First Principles": Fundamental truths or basic propositions that cannot be deduced from any other propositions. In architecture, understanding the core "why" behind a design choice.
"Fixed-size instances": Compute instances with a predetermined and unchanging size for CPU, memory, and storage.
"Flashcards": Study aids with information on one side and a question or prompt on the other, used for active recall.
"Flexible APIs": APIs that can adapt to different data formats or integration needs.
"Flexible pricing": Pricing models that adapt to varying usage patterns.
"Flexible schema": A database schema that does not require a predefined rigid structure, allowing for easy modification of data formats.
"Focused study": Concentrating learning efforts on specific topics or areas of weakness.
"Forecasting": Predicting future trends or outcomes based on past data and analysis.
"Forensic analysis": The process of investigating and recovering data from digital devices to uncover evidence.
"Foundational concepts": Basic and fundamental ideas or principles.
"Fraud detection": Identifying and preventing fraudulent activities.
"FSx (Amazon FSx)": A fully managed service that makes it easy to launch and run feature-rich and high-performance file systems.
"FSx for Windows File Server": An "Amazon FSx" service that provides a fully managed, highly reliable, and scalable file storage built on "Windows Server".
"Full re-architecture": Completely redesigning and rebuilding an application from the ground up.
"Gaming company": An organization that develops or publishes video games.
"Gaming workloads": Applications or processes related to online gaming, often requiring high performance, low latency, and scalability.
"Gateway Load Balancer (GLB)": A type of "Elastic Load Balancer" that operates at Layer 3 (network layer) and Layer 4 (transport layer) and is used to deploy, scale, and manage virtual appliances such as firewalls, intrusion detection systems, and other network functions.
"GB-second": A billing unit for serverless compute ("Lambda", "Fargate"), calculated by multiplying memory allocated (in GB) by execution duration (in seconds).
"GDPR (General Data Protection Regulation)": A European Union law concerning data protection and privacy.
"General Purpose SSD": An "EBS volume" type (gp3) that offers a balance of price and performance for most workloads.
"General-purpose services": Services that can be used for a wide range of tasks, rather than specialized ones.
"General-purpose storage service": A storage service that is suitable for a broad range of data types and access patterns.
"Geographical isolation": Separating resources by physical location to reduce risk from localized failures.
"Geolocation routing": A "Route 53" routing policy that routes traffic to resources based on the geographic location of users.
"Geoproximity routing": A "Route 53" routing policy that routes traffic to resources based on the geographic location of users and resources, with optional bias toward a given location.
"Gigabytes (GB)": A unit of digital information equal to one billion bytes.
"Git": A distributed version control system.
"GitOps": An operational framework that takes DevOps best practices used for application development and applies them to infrastructure automation.
"Global applications": Applications designed to serve users across multiple geographical regions.
"Global DNS": A Domain Name System that operates worldwide.
"Global low-latency access": Accessing resources from anywhere in the world with minimal delay.
"Global network backbone": The high-speed and highly resilient private network that interconnects AWS Regions and Edge Locations.
"Global performance": The speed and responsiveness of an application for users located around the world.
"Global Secondary Index (GSI)": A type of secondary index in "Amazon DynamoDB" that has a partition key and a sort key that can be different from those of the base table.
"Graceful recovery": The ability of a system to recover from failures in a way that minimizes disruption to users.
"Graph database": A "NoSQL" database that uses graph structures for semantic queries with nodes, edges, and properties to represent and store data.
"Granular access": Fine-grained control over permissions, specifying exactly who can access what and what actions they can perform.
"Granular breakdown": A detailed separation of data into smaller components for analysis.
"Granular control": Fine-grained management over configurations or permissions.
"Granular data": Detailed and specific pieces of information.
"Granular level": A fine level of detail.
"Greengrass": "AWS IoT Greengrass" extends AWS cloud capabilities to edge devices, enabling them to collect, process, and analyze data locally.
"Guardrails": Preventative or detective controls that enforce policies and best practices in an AWS environment.
"Guest OS": The operating system that runs inside a virtual machine.
"Hadoop": An open-source software framework for storing data and running applications on clusters of commodity hardware.
"Hardcoded endpoints": Application configurations where network addresses or service locations are directly embedded in the code, making them difficult to change.
"Hardware": Physical components of a computer system.
"Hardware security module (HSM)": A physical computing device that safeguards and manages digital keys for strong authentication and provides crypto processing.
"Hash attribute": In "DynamoDB", an attribute that serves as the partition key.
"Health checks": Automated tests that monitor the availability and responsiveness of resources or services.
"Healthcare application": Software designed for managing health-related information or processes.
"Heavy writes": A workload characterized by a high volume of write operations to a database.
"Hierarchical file system": A file system that organizes files and directories in a tree-like structure.
"High Availability (HA)": The ability of a system to remain operational and perform its intended function correctly and consistently when it's expected to, despite component failures.
"High cardinality": In databases, when an attribute has many unique values.
"High "IOPS"": High Input/Output Operations Per Second, indicating a fast rate of data read/write operations.
"High-demand area": A field or topic with strong market need for expertise.
"High-performance databases": Databases designed to handle large volumes of data and queries with minimal latency.
"High-performance web servers": Web servers capable of handling a large number of requests with fast response times.
"High-speed data transfer": Moving data at a fast rate.
"High-speed retrieval": Accessing data very quickly.
"High-throughput": Capable of processing a large volume of data or requests in a given time.
"High-throughput workloads": Applications or processes that handle a large volume of data or requests.
"High-traffic website": A website that receives a large number of visitors or requests.
"High-value problems": Challenges whose solutions bring significant benefits to an organization.
"Highly available": Designed to remain operational with minimal downtime.
"Highly available load balancers": Load balancers that are designed to withstand failures and continue distributing traffic.
"Highly connected data": Data that represents complex relationships between entities.
"Highly concurrent web application": A web application that can handle many simultaneous users or requests.
"Highly diversified portfolio": A wide range of options or services.
"Highly parallel applications": Applications that can perform many computations simultaneously.
"Highly parallel jobs": Tasks that can be broken down into many smaller, simultaneous sub-tasks.
"Highly performant": Achieving a very high level of performance.
"Highly populated areas": Geographic locations with a large number of people.
"Highly resilient": Capable of withstanding and recovering quickly from failures.
"Highly scalable": Capable of handling a large increase in load or data volume.
"Highly sensitive data": Information that requires strong protection due to its confidentiality or regulatory requirements.
"Highly variable workloads": Applications or processes with unpredictable and fluctuating demand.
"HIPAA (Health Insurance Portability and Accountability Act)": A US law designed to protect patient health information.
"Historical data": Past data that is retained for analysis or record-keeping.
"Holistic analysis": Examining something as a whole rather than individual parts.
"Holistic mental model": A comprehensive understanding that integrates all relevant concepts and their relationships.
"Holistic observability": Comprehensive monitoring and understanding of a system's internal state using metrics, logs, and traces.
"Holistic solution": A solution that addresses all aspects of a problem or requirement.
"Homogeneous conversions": Database migrations between the same database engine.
"Homogeneous migrations": Database migrations where the source and target database engines are the same.
"Horizontal scaling (Scale Out)": Distributing workload across multiple, often smaller, instances or nodes by adding more resources.
"Host firewall": A software firewall that runs on individual hosts or servers.
"Host OS": The operating system that runs directly on the physical hardware of a server.
"Hot data": Data that is accessed frequently and requires high performance and low latency.
"Hot partition": In distributed databases, a partition that receives a disproportionately high volume of read or write requests, leading to performance bottlenecks.
"HPC workloads": High-Performance Computing workloads, which require massive computing power and often large amounts of shared storage.
"HTTP/S (Hypertext Transfer Protocol Secure)": The secure version of HTTP, using SSL/TLS encryption.
"Hub-and-spoke model": A network topology where a central hub connects to multiple spokes ("VPCs" or networks).
"Hybrid cloud": A cloud computing environment that uses a mix of on-premises, private cloud, and public cloud services with orchestration between the platforms.
"Hybrid cloud architectures": System designs that integrate on-premises infrastructure with cloud resources.
"Hybrid cloud connectivity": Connecting on-premises networks to cloud environments.
"Hybrid cloud data transfer strategies": Methods for moving data between on-premises and cloud environments.
"Hybrid cloud storage solution": A storage system that combines on-premises storage with cloud storage.
"Hybrid deployments": Deploying applications across both on-premises and cloud environments.
"Hybrid environments": IT infrastructures that combine on-premises and cloud resources.
"IAM (Identity and Access Management)": An AWS service that helps you securely control access to AWS resources.
"IAM Access Analyzer": An "IAM" feature that helps you identify the resources in your organization and accounts that are shared with an external entity.
"IAM entities": AWS users, groups, and roles.
"IAM groups": Collections of "IAM users" to simplify permission management.
"IAM Identity Center (SSO) (AWS IAM Identity Center (SSO))": A cloud "SSO" service that makes it easy to centrally manage "SSO" access to multiple AWS accounts and business applications.
"IAM policies": "JSON" documents that define specific permissions (allowed or denied actions on resources).
"IAM roles": Secure "IAM" identities that grant temporary permissions to AWS services or trusted external entities.
"IAM users": Individual entities (people or applications) with long-term credentials for direct AWS interaction.
"IaC (Infrastructure as Code)": The process of managing and provisioning computer data centers through machine-readable definition files, rather than physical hardware configuration or interactive configuration tools.
"IaC benefits": Advantages gained by using Infrastructure as Code, such as automation, consistency, and version control.
"IaC templates": Code files (e.g., "CloudFormation" templates) that define infrastructure resources.
"Identify knowledge gaps": Pinpointing areas where understanding or information is lacking.
"Identity": A unique representation of a user or service in an authentication system.
"Identity federation": Allowing users to sign in to AWS with corporate credentials instead of "IAM users".
"Identity management": The process of managing digital identities and their access privileges.
"Idle capacity": Provisioned resources that are not actively being used.
"Idle periods": Times when resources are not actively processing workloads.
"Image processing": Manipulating digital images using computer algorithms.
"Immutable AMIs": "Amazon Machine Images" that are never modified after being deployed; any change requires building a new "AMI".
"Immutable infrastructure": An approach where servers are never modified after being deployed; new versions are deployed from fresh images.
"Immutable ledger": A record of transactions that cannot be altered or deleted.
"Impactful ways": Methods that have a significant effect.
"Imperative scripts": Scripts that define step-by-step commands to execute.
"Implicit constraints": Limitations that are not explicitly stated but can be inferred from the scenario.
"Implicitly denies": When something is forbidden without being explicitly stated.
"Improved agility": Increased ability to respond quickly to changes.
"Improved operational efficiency": Performing tasks more effectively and with less waste.
"Improved reliability": Increased consistency and dependability of a system.
"Improved security": Enhanced protection against threats.
"Improved scalability": Increased ability to handle growing loads.
"Improved system resilience": Enhanced ability of a system to recover from failures.
"Incident investigation": The process of examining and analyzing incidents to determine their cause.
"Incident management": The process of responding to an unplanned interruption to a service or reduction in the quality of a service.
"Incident response": Actions taken to address and resolve security incidents.
"Inconsistencies": Lack of uniformity or conformity.
"Incremental transfers": Moving only the data that has changed since the last transfer.
"Independent deployments": Deploying components of an application separately without affecting others.
"Independent failure domains": Parts of a system that are isolated so a failure in one does not affect others.
"Individual growth": Personal development and improvement.
"Industrial standards": Commonly accepted norms or requirements within an industry.
"Infrequent access": When data is accessed rarely.
"Infrequent access tiers": Storage classes optimized for data that is accessed infrequently.
"Information overload": When too much information makes it difficult to process or understand.
"Information technology components": Hardware, software, networks, and other elements that make up an IT system.
"Informed architectural decisions": Architectural choices made based on thorough understanding and analysis.
"Ingestion": The process of collecting and transferring data into a system.
"Ingress": Data moving into AWS, which is typically free.
"Inherently cost-efficient": Designed to be economical by its nature.
"Inherently redundant": Designed with built-in duplication to prevent failure.
"Initial cost": The upfront expense of a project or solution.
"Initial deployment": The first time an application or system is put into operation.
"Initial investment": The amount of money or resources put into a project at the beginning.
"In-memory cache": A data store that stores data in RAM for very fast access.
"In-memory caching service": An AWS service ("ElastiCache") that provides in-memory caches.
"In-memory database": A database that primarily stores data in computer's main memory (RAM) to achieve high performance.
"Input validation": The process of checking user input to ensure it meets specific criteria.
"Instance families": Categories of "EC2 instances" optimized for specific workloads.
"Instance status check alarm": A "CloudWatch" alarm that triggers if an "EC2 instance" fails AWS status checks.
"Instance-level firewall": A firewall that controls traffic for individual compute instances.
"Instance-hour cost": Billing based on the number of hours a compute instance is running.
"Instances": Virtual servers in the cloud.
"Instant rollback": The ability to immediately revert to a previous stable state.
"Integrity": The principle of ensuring data is accurate, consistent, and has not been tampered with.
"Interface Endpoints": "VPC Endpoints" that use "AWS PrivateLink" to privately connect your "VPC" to supported AWS services or "VPC endpoint" services.
"Intermittent failures": Failures that occur occasionally or irregularly.
"Intermittent workloads": Applications or processes that have periods of activity followed by periods of inactivity.
"Internal cost savings": Reductions in expenses that are internal to an organization.
"Internal threats": Security risks that originate from within an organization.
"Internet Gateway (IGW)": A "VPC" component that allows communication between your "VPC" and the internet.
"Internet congestion": Slowdowns in internet traffic due to high demand or network issues.
"Internet egress": Data moving from AWS to the public internet.
"Inter-VPC connectivity": Connecting multiple "VPCs" to allow communication between them.
"Interruptible workloads": Applications that can be stopped and restarted without significant disruption or data loss.
"Intrusion prevention and detection": Security measures that identify and block malicious activity.
"Inventory data": Information about assets, resources, and their configurations.
"IoT (Internet of Things)": The network of physical objects embedded with sensors, software, and other technologies for the purpose of connecting and exchanging data with other devices and systems over the internet.
"IoT devices": Physical objects connected to the Internet that can collect and exchange data.
"IoT applications": Software designed to manage and interact with "IoT" devices.
"IOPS (Input/Output Operations Per Second)": A measure of storage performance, indicating the number of read or write operations per second.
"IP addresses": Numerical labels assigned to devices connected to a computer network.
"IP reputation": A score or rating indicating the trustworthiness of an "IP address", often used for security filtering.
"IPsec (Internet Protocol Security)": A suite of protocols for securing Internet Protocol (IP) communications by authenticating and encrypting each "IP" packet of a communication session.
"Isolated environment": A computing space that is separated from other environments for security or management reasons.
"Isolated data centers": Physical facilities that are independent from each other to prevent cascading failures.
"Isolation": Separating components or environments to limit the impact of failures or security breaches.
"ISO certifications": Certifications indicating adherence to International Organization for Standardization standards.
"Istio": An open-source service mesh that provides a way to control how microservices share data with one another.
"Iterative improvement": Making small, incremental changes to improve something over time.
"Iterative process": A process that involves repetition and refinement.
"Java": A popular programming language.
"JSON (JavaScript Object Notation)": A lightweight data-interchange format.
"Jumbo Frames": Ethernet frames with a payload greater than the standard "MTU" (Maximum Transmission Unit) of 1500 bytes, typically 9001 bytes in AWS. Used to increase network throughput.
"Kaizen-like mindset": A mindset of continuous improvement, inspired by the Japanese philosophy of Kaizen.
"Key capabilities": Primary functions or features of a service.
"Key management": The process of generating, storing, using, and deleting cryptographic keys.
"Key-value caching": Storing data in a cache using key-value pairs.
"Key-value lookups": Retrieving data from a database using a key to identify the specific item.
"Key-value store": A type of "NoSQL" database that stores data as a collection of key-value pairs.
"Kinesis (Amazon Kinesis)": A family of services for real-time data streaming, including "Kinesis Data Streams", "Kinesis Firehose", and "Kinesis Data Analytics".
"Kinesis Data Streams": A "Kinesis" service that captures and processes large streams of data records in real time.
"Kinesis Firehose": A "Kinesis" service that delivers streaming data to destinations like "Amazon S3", "Amazon Redshift", and "Splunk".
"Knowledge gaps": Areas where understanding or information is lacking.
"Kubernetes": An open-source container orchestration system for automating deployment, scaling, and management of containerized applications.
"Kubernetes control plane": The components that manage "Kubernetes" clusters.
"Kubernetes constructs": Resources and APIs provided by "Kubernetes", such as Deployments, Services, Pods, and Ingress.
"Kubernetes ecosystem": The collection of tools, integrations, and practices built around "Kubernetes".
"Kubernetes expertise": Knowledge and skills related to "Kubernetes".
"Kubernetes manifests": "YAML" or "JSON" files that define "Kubernetes" resources and their desired state.
"Kubernetes workloads": Applications that run on "Kubernetes" clusters.
"Labels": User-defined tags or metadata.
"Lambda (AWS Lambda)": A serverless compute service that lets you run code without provisioning or managing servers.
"Lambda function": A piece of code that runs in "AWS Lambda".
"Lambda function execution roles": "IAM roles" that "Lambda functions" assume to gain permissions to access other AWS services.
"Lambda-lith": A single, overly large or complex "AWS Lambda function" that violates serverless best practices.
"Landing zone": A well-architected, multi-account AWS environment that is scalable and secure.
"Large data volumes": Very large amounts of data.
"Large datasets": Collections of data that are too big or complex to be processed easily by traditional methods.
"Large-scale analytics": Analyzing vast amounts of data to derive insights.
"Large-scale data processing": Processing huge volumes of data.
"Large-scale data transfers": Moving very large amounts of data.
"Large-scale migrations": Moving a significant portion of an organization's IT infrastructure to the cloud.
"Large-scale parallel processing": Executing many computations simultaneously across multiple processors or computers.
"Latency": The delay before a transfer of data begins following an instruction for its transfer.
"Latency bottlenecks": Points in a system where delays accumulate, slowing down overall performance.
"Latency-based routing": A "Route 53" routing policy that routes traffic to the AWS Region that provides the lowest latency for users.
"Leaderboard data": Data used to track rankings or scores in games or competitions.
"Least privilege": A security principle that states that a user or process should be given only the minimum necessary access rights to perform its job.
"Legacy applications": Older software applications that are difficult to maintain, scale, or integrate with modern systems.
"Legacy constraints": Limitations inherited from older systems or technologies.
"Legacy monolithic application": An older, large, tightly coupled application built as a single unit.
"Legacy operational overhead": Additional management effort required for older systems.
"Legacy systems": Older computer systems or applications that are still in use.
"Ledger database": A database that provides a transparent, immutable, and cryptographically verifiable transaction log.
"Lift-and-shift": An application migration strategy that involves moving an application as-is from an on-premises environment to AWS.
"Lift-Tinker-Shift": An application migration strategy that involves moving an application to AWS and making some cloud optimizations without changing the core architecture.
"Lifecycle management": The process of managing resources or data throughout their entire existence.
"Lifecycle Policies (S3 Lifecycle Policies)": Rules that define actions for objects during their lifetime, such as transitioning them to different storage classes or expiring them.
"Limitations": Restrictions or boundaries.
"Linked account": An AWS account that is part of an "AWS Organization" and receives a consolidated bill.
"LinkedIn groups": Online communities on LinkedIn focused on specific professional interests.
"Linux "EC2" instances": "EC2 instances" running a Linux operating system.
"Local caching": Storing frequently accessed data on a local device for faster retrieval.
"Localized caches": Caches that are stored locally on individual servers or application instances.
"Localized outages": Failures that affect a specific, limited area, such as a single data center.
"Log analysis": The process of reviewing and interpreting computer-generated log files.
"Log data": Files that record events, errors, and other information generated by systems and applications.
"Logging": The practice of recording events and data from a system.
"Logical groupings of resources": Organizing resources based on criteria like application, environment, or owner.
"Logical partitions": In databases, a way of dividing a table's data based on a key for better management and performance.
"Long retention periods": Storing data for an extended amount of time.
"Long-running": Processes or tasks that execute for a significant duration.
"Long-running processes": Automated tasks that may take hours or days to complete.
"Long-running tasks": Computational jobs that require a long time to finish.
"Long-term access keys": Permanent credentials for programmatic access, which are a security risk if not managed carefully.
"Long-term archiving": Storing data for extended periods for compliance or historical purposes.
"Long-term cost savings": Reductions in expenses achieved over a significant period.
"Loose coupling": An architectural principle where components are designed with minimal dependencies on each other.
"Loosely coupled": See "Loose coupling".
"Loosely coupled services": Microservices or components that can operate independently of each other.
"Low network latency": Minimal delay in network communication.
"Low-latency": Very fast response times with minimal delay.
"Low-latency network performance": Fast and responsive network communication.
"Low-latency writes": Writing data to a storage system with very little delay.
"LSI (Local Secondary Index)": A type of secondary index in "Amazon DynamoDB" that has the same partition key as the base table but a different sort key.
"Lustre": A high-performance parallel file system used in large-scale computing environments.
"Macie (Amazon Macie)": A security service that uses machine learning to discover, classify, and protect sensitive data in "Amazon S3".
"Machine identities": Credentials used by applications, services, or scripts to authenticate and access resources.
"Machine learning (ML)": A field of artificial intelligence that uses statistical techniques to give computer systems the ability to "learn" from data.
"Machine Learning (ML) Ops": See "MLOps".
"Mainframe": A large, powerful computer capable of supporting many users simultaneously.
"Maintainability": The ease with which a system can be modified, repaired, or enhanced.
"Managed Kubernetes service": A service (like "EKS") that manages the control plane of a "Kubernetes" cluster, reducing operational overhead.
"Managed Network Address Translation": A service (like "NAT Gateway") that handles network address translation automatically.
"Managed Rules": Security rules for services like "AWS WAF" that are created and maintained by AWS or third-party providers.
"Managed service": A cloud service where the provider manages the underlying infrastructure and operational tasks.
"Management account": The central account in an "AWS Organization" that has control over all member accounts.
"Management Console": The web-based interface for managing AWS services.
"Mandatory tagging": A policy that requires all resources to be created with specific tags.
"Manual cutover": A migration process where traffic is switched manually from the old to the new environment.
"Manual error": A mistake made by a human.
"Manual failover": A failover process that requires human intervention to initiate.
"Manual intervention": The need for a human to perform a task or make a decision.
"Manual operations": Tasks performed by humans rather than automated systems.
"MariaDB": An open-source relational database management system.
"Mastery": Comprehensive knowledge or skill in a subject.
"Mature CI/CD": A well-established and efficient continuous integration/continuous deployment process.
"Max I/O": An "EFS" performance mode optimized for high-throughput, parallel workloads.
"Maximum permissions": The highest level of access that can be granted to an entity.
"Maximum sustainable price point": The lowest price at which a service can be delivered while still meeting business requirements.
"Mean Time To Recovery (MTTR)": The average time it takes to recover from a system failure.
"Media processing": Manipulating digital media files, such as video or audio.
"Media streaming service": A service that delivers digital media content over a network.
"Memcached": An open-source, high-performance, distributed memory object caching system.
"Memory Aids": Techniques used to improve memory and recall.
"Memory-optimized instances": "EC2" instance types (R, X, Z families) designed for memory-intensive workloads.
"Mentoring": Guiding and advising someone with less experience.
"Message queues": A component of messaging systems that stores messages temporarily, enabling asynchronous communication between applications.
"Metadata": Data that provides information about other data.
"Metadata repository": A database that stores metadata.
"Metric Filters": A feature in "CloudWatch Logs" that allows you to extract metrics from log data.
"Metrics": Time-ordered sets of data points that measure the performance or health of a system.
"MFA (Multi-Factor Authentication)": A security system that requires more than one method of authentication.
"MGN (AWS Application Migration Service)": The primary AWS service for rehosting (lift-and-shift) servers to AWS.
"Microservices": An architectural style that structures an application as a collection of small, independent, and loosely coupled services.
"Microservices architectures": Systems built using the microservices architectural style.
"Microsoft": A major technology company.
"Migration": The process of moving data, applications, or other business elements from one environment to another.
"Migration planning": The process of creating a detailed plan for a cloud migration.
"Migration waves": Grouping applications or resources to be migrated together in phases.
"Minimal downtime": A very short period of unavailability during a migration or deployment.
"Minimal impact": Causing very little disruption.
"Minimize complexity": To reduce the number of interconnected parts or the intricacy of a system.
"Minimize environmental impacts": To reduce the negative effects of an activity on the environment.
"Mission-critical": Essential for the functioning of a business.
"Mission-critical systems": Systems that are vital for business operations and cannot tolerate significant downtime.
"MLOps (Machine Learning Operations)": A set of practices that aims to deploy and maintain machine learning models in production reliably and efficiently.
"MLOps frameworks": Tools and processes that support the MLOps lifecycle.
"MLOps pipelines": Automated workflows for training, deploying, and managing machine learning models.
"Mnemonics": Memory aids that use patterns or associations to help remember information.
"Mobile application": Software designed to run on mobile devices.
"Modernization": The process of updating older systems or applications to newer technologies and architectures.
"MongoDB": A popular open-source "NoSQL" document database.
"Monitoring": The process of observing a system to detect issues and track performance.
"Monolith": A large, tightly coupled application where all components are deployed as a single unit.
"Monolithic application": See "Monolith".
"MTU (Maximum Transmission Unit)": The largest size packet or frame, specified in octets (eight-bit bytes), that can be sent in a packet- or frame-based network such as the internet.
"Multi-account AWS environment": An AWS setup that uses multiple AWS accounts for different purposes (e.g., development, production, security).
"Multi-account landing zone": A well-architected, secure foundation for a multi-account AWS environment.
"Multi-account strategy": An organizational approach to using multiple AWS accounts to achieve isolation, security, and governance.
"Multi-AZ": Across multiple "Availability Zones".
"Multi-AZ deployments": A high-availability strategy that distributes resources across multiple "Availability Zones" within a single AWS Region.
"Multi-cloud portability": The ability to move applications and data between different cloud providers with minimal changes.
"Multi-cloud strategies": Using services from multiple cloud providers.
"Multi-layered network security": A defense-in-depth approach to network security that uses multiple controls.
"Multi-region": Across multiple AWS Regions.
"Multi-Region active-active architecture": A high-availability and disaster recovery strategy where an application is actively serving traffic from multiple AWS Regions simultaneously.
"Multi-Region designs": Architectures that span multiple AWS Regions.
"Multi-Site Active/Active": A disaster recovery strategy where an application is fully deployed and actively serving traffic in multiple locations simultaneously.
"Multi-tier application": An application that is separated into multiple logical and physical tiers (e.g., web, application, database).
"Multi-Attach": An "Amazon EBS" feature that allows a single "EBS volume" to be attached to multiple "EC2 instances" in the same "Availability Zone".
"Muscle memory": The ability to perform a task without conscious thought, developed through repetition.
"Mutual growth": Development and improvement that benefits all parties involved.
"MySQL": A popular open-source relational database management system.
"NACLs (Network Access Control Lists)": A layer of security for a "VPC" that acts as a firewall for controlling traffic in and out of one or more subnets.
"NAS (Network Attached Storage)": A file-level computer data storage server connected to a computer network providing data access to a heterogeneous group of clients.
"NAT Gateway": A highly available, managed Network Address Translation service that allows instances in a private subnet to connect to the internet or other AWS services, but prevents the internet from initiating a connection with those instances.
"Near-zero downtime": A very minimal amount of unavailability, often measured in seconds.
"Neptune (Amazon Neptune)": A fully managed graph database service.
"Network Address Translation (NAT)": A method of remapping an IP address space into another by modifying network address information in the Internet Protocol (IP) datagram packet headers while they are in transit across a traffic routing device.
"Network congestion": A slowdown in network traffic caused by excessive load.
"Network connectivity": The ability of devices and systems to communicate over a network.
"Network engines": Metaphor for the components that drive network communication.
"Network foundation": The fundamental networking components and design of a system.
"Network interfaces": The point of interconnection between a computer and a private or public network.
"Network isolation": Separating network traffic and resources to improve security.
"Network layer": Layer 3 of the OSI model, responsible for packet forwarding.
"Network management": The process of administering and managing computer networks.
"Network monitoring": Observing network traffic and performance to detect issues.
"Network path": The route that data takes across a network.
"Network performance": The speed, reliability, and efficiency of a network.
"Network pathways": Metaphor for the routes and connections in a network.
"Network protocols": The rules that govern communication between devices on a network.
"Network security": Measures taken to protect the integrity, confidentiality, and availability of computer networks and data.
"Network segmentation": Dividing a network into smaller, isolated segments to improve security and performance.
"Network services": Services that provide networking capabilities, such as DNS, load balancing, and connectivity.
"Network topologies": The arrangement of the various elements (links, nodes, etc.) of a computer network.
"Network traffic": The data moving across a network.
"Network troubleshooting": The process of diagnosing and resolving network problems.
"Network virtual appliances": Virtual machines that provide network functions such as firewalls, routing, and load balancing.
"Networking": The practice of connecting computers and other devices to share resources.
"Networking layer": A layer of the OSI model that deals with packet forwarding.
"NFS (Network File System)": A distributed file system protocol allowing a user on a client computer to access files over a computer network much like local storage is accessed.
"NLB (Network Load Balancer)": A type of "Elastic Load Balancer" that operates at Layer 4 (transport layer) and is capable of handling millions of requests per second with ultra-low latency.
"NoSQL": A type of database that provides a mechanism for storage and retrieval of data that is modeled in means other than the tabular relations used in relational databases.
"NoSQL database workloads": Workloads that are well-suited for "NoSQL" databases, such as those requiring flexible schemas, high scalability, and low latency.
"Non-compliant EC2 instance types": "EC2 instance" types that violate an organization's policies.
"Non-compliant configurations": Resource configurations that do not meet an organization's security or compliance standards.
"Non-critical applications": Applications that are not essential for business operations.
"Non-functional requirement": A requirement that specifies criteria that can be used to judge the operation of a system, rather than specific behaviors (e.g., performance, security).
"Non-HTTP(S) traffic": Network traffic that does not use the HTTP or HTTPS protocol.
"Non-technical challenges": Obstacles related to people, processes, or business, rather than technology.
"Nuanced comprehension": A deep and subtle understanding of a topic.
"Object storage": A computer data storage architecture that manages data as objects, as opposed to other storage architectures like file systems which manage data as a file hierarchy, and block storage which manages data as blocks within sectors and tracks.
"Observability": The ability to measure a system's current state from its external outputs, enabling deep understanding of its behavior.
"OIDC (OpenID Connect)": An authentication layer on top of OAuth 2.0 that allows clients to verify the identity of the end-user.
"Offline": Not connected to a network.
"Offline transfer": Moving data without a direct network connection, typically using physical devices.
"Offloading": Moving tasks or workloads from one system to another to reduce load.
"Okta": A popular identity and access management service.
"OLAP (Online Analytical Processing)": A category of software tools that analyze data stored in a database or data warehouse from multiple business perspectives.
"OLTP (Online Transaction Processing)": A category of data processing that is focused on transaction-oriented tasks.
"On-demand": Available whenever needed.
"On-Demand capacity": A DynamoDB capacity mode where you pay per request, with no provisioned capacity.
"On-Demand instances": An EC2 purchasing option where you pay for compute capacity by the second with no long-term commitment.
"On-Demand pricing": A pay-as-you-go pricing model with no upfront costs or long-term commitments.
"One-off migrations": Migrating a single or small number of resources as a one-time event.
"One-size-fits-all": A solution that is intended to be suitable for all situations.
"Online": Connected to a network.
"Online forums": Web-based discussion platforms.
"Online gaming application": A video game that is played over a network.
"Online transfer": Moving data over a network connection.
"Open-source": Software with source code that anyone can inspect, modify, and enhance.
"Open-source tooling": Tools that are open-source.
"OpenZFS": An open-source storage platform that encompasses the functionality of both traditional file systems and volume manager.
"Operational automation": Using technology to perform operational tasks automatically.
"Operational burden": The amount of effort required to manage and maintain a system.
"Operational consistency": Ensuring that operational tasks are performed in a uniform and repeatable manner.
"Operational costs": The expenses associated with the day-to-day running of a business or system.
"Operational data": Information related to the operation and performance of a system.
"Operational efficiency": The ability to deliver products or services in the most cost-effective and timely manner possible.
"Operational excellence": The ability to run and monitor systems to deliver business value and to continually improve supporting processes and procedures.
"Operational friction": The difficulty or resistance encountered when performing operational tasks.
"Operational incidents": Unplanned interruptions to a service or reductions in the quality of a service.
"Operational insights": Understanding gained from analyzing operational data.
"Operational issues": Problems that affect the normal functioning of a system.
"Operational management": The administration of business practices to create the highest level of efficiency possible within an organization.
"Operational model": The way a system is managed and operated.
"Operational overhead": The indirect costs and effort associated with running a system.
"Operational oversight": The supervision of operational activities.
"Operational readiness": The state of being prepared to successfully operate a system in production.
"Operational responsibility": The accountability for managing and maintaining a system.
"Operational tasks": The day-to-day activities required to keep a system running.
"Operations": The processes and activities involved in running a system.
"Operations team": The group of people responsible for managing and maintaining IT systems.
"Optimal balance": The best possible combination of competing factors.
"Optimal endpoint": The best available resource or service location to handle a request.
"Optimal performance": The best possible level of performance.
"Optimal solutions": The best possible solutions that meet all requirements and constraints.
"Optimization": The process of making something as effective or functional as possible.
"Optimization opportunities": Areas where improvements in efficiency, performance, or cost can be made.
"Optimization recommendations": Suggestions for improving a system.
"Orchestration services": Tools that automate the management, scaling, and networking of containers or other resources.
"Oracle": A popular commercial relational database management system.
"Organizational buy-in": The support and commitment of an organization for a project or initiative.
"Organizational structure": The way an organization is arranged and managed.
"Origin servers": The servers that store the original version of content for a CDN.
"OS (Operating System)": The software that manages all of the hardware resources associated with a desktop or laptop.
"OS features": Capabilities provided by an operating system.
"OS patching": Applying updates to an operating system to fix vulnerabilities or bugs.
"Outage": A period when a system or service is unavailable.
"Outdated knowledge": Information that is no longer current or relevant.
"Outdated procedures": Processes that are no longer effective or up-to-date.
"Out-of-date": No longer current.
"Out-of-scope": Not relevant to the current topic or problem.
"Overhead": The indirect costs or effort associated with an activity.
"Overlapping CIDRs": When two or more "VPCs" or subnets are defined with IP address ranges that overlap.
"Over-provisioning": Allocating more resources to a system than are actually needed.
"Packet overhead": The non-payload data in a network packet, such as headers.
"Page loads": The process of a web browser downloading and displaying a web page.
"Parallelism": The ability of a system to perform multiple tasks simultaneously.
"Partially correct": An answer or solution that is correct in some aspects but not all.
"Partition Key (Hash Attribute)": In "DynamoDB", the primary key attribute that determines the partition where an item is stored.
"Partition Placement Group": An "EC2" placement strategy that spreads instances across different racks (partitions) within an "Availability Zone".
"Partitioning": The process of dividing a database or table into smaller, more manageable pieces.
"Partner solutions": Products or services offered by AWS partners.
"Passion": Strong enthusiasm for a subject or activity.
"Patching": Applying updates to software to fix vulnerabilities or bugs.
"Pay-per-execution": A billing model where you pay for each time a function or task is run.
"Pay-per-GB": A billing model where you pay based on the amount of data stored or transferred, measured in gigabytes.
"Pay-per-invocation": A billing model where you pay for each time a function is invoked.
"Pay-per-query": A billing model where you pay for each query that is executed.
"Pay-per-use": A pricing model where you pay only for the resources you consume.
"Pay-per-vCPU": A billing model where you pay based on the number of virtual CPUs allocated.
"PCI DSS (Payment Card Industry Data Security Standard)": A set of security standards designed to ensure that all companies that accept, process, store, or transmit credit card information maintain a secure environment.
"PCI DSS reports": Reports that document an organization's compliance with the "PCI DSS" standard.
"Peering mesh": A network topology where every "VPC" is directly peered with every other "VPC".
"Performance": The speed, responsiveness, and efficiency of a system.
"Performance bottlenecks": Points in a system that limit overall performance.
"Performance characteristics": The specific performance attributes of a system or service.
"Performance efficiency": The ability to use computing resources efficiently to meet system requirements.
"Performance issues": Problems that degrade the performance of a system.
"Performance needs": The specific performance requirements of an application or workload.
"Performance requirements": The standards of speed, responsiveness, and efficiency that a system must meet.
"Permissions Boundaries": An advanced "IAM" feature that sets the maximum permissions that an identity-based policy can grant to an "IAM" user or role.
"Per-GB retrieval fees": Charges incurred for retrieving data from certain storage tiers, calculated per gigabyte.
"Persistence": The ability of data to survive after the process that created it has ended.
"Personal interests": Topics or activities that an individual enjoys.
"Personal sandbox environment": A personal AWS account or isolated environment used for experimentation and learning.
"Petabytes (PBs)": A unit of digital information equal to one quadrillion bytes.
"Phased cutover": A migration strategy where the transition to the new environment is done in stages.
"Phased migration": Breaking down a migration into smaller, manageable waves.
"Phased rollouts": Gradually deploying a new version of a system or application to users.
"Physical and virtual servers": The hardware and software-based servers in an IT environment.
"Physical hardware": The tangible components of a computer system.
"Physical partitions": The physical storage units where data is stored in a distributed database.
"Physical security": Measures taken to protect physical assets from unauthorized access or damage.
"PII (Personally Identifiable Information)": Any data that could potentially identify a specific individual.
"Pilot Light": A disaster recovery strategy where a minimal core infrastructure is kept running in the "DR Region", ready for quick scale-up.
"Pinpoint": To identify something precisely.
"Placement Groups": Configurations for "EC2" instances that control how they are placed on underlying hardware.
"Planned outages": Scheduled periods of downtime for maintenance or upgrades.
"Playbooks": See "Runbooks".
"Point-in-time recovery": The ability to restore a database to a specific moment in time.
"Policy enforcement": The process of ensuring that policies and rules are followed.
"Polyglot persistence": The practice of using different data storage technologies to handle different data storage needs within a single application.
"Portfolio assessment": The process of categorizing applications to determine the best migration strategy for each.
"POSIX": A family of standards specified by the IEEE Computer Society for maintaining compatibility between operating systems.
"POSIX file locking": A mechanism in "POSIX"-compliant file systems that allows processes to coordinate access to shared files.
"Post-incident analysis": A review conducted after an incident to determine the root cause and identify areas for improvement.
"Post-migration": The phase after a migration has been completed.
"PostgreSQL": A popular open-source object-relational database system.
"Post-mortems": See "Post-incident analysis".
"Potential compromise": A situation where a system or account may have been accessed by an unauthorized party.
"Potential security issues": Possible vulnerabilities or threats to a system.
"Practical application": The use of knowledge or skills in real-world situations.
"Practical proficiency": The ability to perform a task effectively in a real-world context.
"Practical relevance": The applicability of a concept or technology to real-world problems.
"Pre-approved": Approved in advance.
"Pre-built AMIs": "Amazon Machine Images" that are already configured and ready to be launched.
"Pre-defined": Determined in advance.
"Predictable workloads": Applications or processes with consistent and foreseeable demand.
"Presto": An open-source distributed SQL query engine for running interactive analytic queries against data sources of all sizes ranging from gigabytes to petabytes.
"Preventative compliance guardrails": Controls that prevent actions that would violate compliance policies.
"Preventive security controls": Measures that are designed to prevent security incidents from occurring.
"Primary data stores": The main databases or storage systems where data is permanently stored.
"Primary key": A special relational database table column (or combination of columns) designated to uniquely identify all table records.
"Principle of least privilege": See "Least privilege".
"Private connectivity": Network connections that do not traverse the public internet.
"Private IP addresses": IP addresses that are used for communication within a private network and are not routable on the public internet.
"Private network": A network that uses private IP address space.
"Private subnets": Subnets in a "VPC" that do not have a direct route to an "Internet Gateway".
"Proactive issue detection": Identifying and addressing potential problems before they impact users.
"Proactive monitoring": Continuously observing a system to identify potential issues before they become critical.
"Proactive stance": Taking action to prevent problems rather than reacting to them after they occur.
"Procedural gaps": Missing or incomplete steps in a process.
"Production replica": A copy of a production environment.
"Production workloads": Applications and services that are live and serving users.
"Professional craftsmanship": A high level of skill and dedication to quality in one's profession.
"Professional growth": The development of skills and knowledge in one's career.
"Professional impact": The effect or influence one has in their professional field.
"Professional reputation": The general opinion that people have of a professional or their work.
"Proofs of Concept (PoCs)": Small-scale experiments or projects designed to test the feasibility of a concept or technology.
"Provisioned capacity": A set amount of resources that are allocated in advance.
"Provisioned throughput": A specific amount of read and write capacity allocated to a database or other resource.
"Provisioned Throughput": An "EFS" throughput mode where you specify a fixed amount of throughput for your file system.
"Provisioned IOPS": A specific number of Input/Output Operations Per Second allocated to a storage volume.
"Public accessibility": The ability of a resource to be accessed from the public internet.
"Public internet": The global system of interconnected computer networks.
"Public-facing": Exposed to the public internet.
"Public-facing resources": Components of a system that are accessible from the internet.
"Public subnets": Subnets in a "VPC" that have a direct route to an "Internet Gateway".
"Pub/sub": A messaging pattern where senders (publishers) do not send messages directly to specific receivers (subscribers), but instead categorize published messages into classes without knowledge of which subscribers, if any, there may be.
"Purchasing option": Different ways to pay for AWS services, such as On-Demand, Reserved Instances, and Spot Instances.
"Purpose-built": Designed for a specific function or use case.
"Purpose-built databases": Databases that are optimized for specific data models and access patterns.
"Python": A popular high-level programming language.
"QLDB (Amazon Quantum Ledger Database)": A fully managed ledger database that provides a transparent, immutable, and cryptographically verifiable transaction log.
"Querying": The process of retrieving data from a database.
"Quick wins": Achievements that are easy to accomplish and provide immediate benefits.
"R": A programming language for statistical computing and graphics.
"Racks": The physical frames that hold servers and other network equipment in a data center.
"RAM": Random Access Memory.
"Random read/write": An access pattern where data is read or written at random locations in a storage device.
"Range attribute": In "DynamoDB", an attribute that serves as the sort key.
"Rapid delivery": Delivering products or services quickly.
"Rapid innovation": The ability to develop and deploy new features and capabilities quickly.
"Rapid recovery": The ability to restore a system or service to a functional state very quickly after a failure.
"Rapid response times": Fast and efficient reactions to events or requests.
"Rapid troubleshooting": The ability to diagnose and resolve problems quickly.
"Raw block access": Accessing storage at the lowest level, as raw blocks of data.
"RCU (Read Capacity Unit)": In "DynamoDB", one strongly consistent read per second, or two eventually consistent reads per second, for an item up to 4 KB in size.
"RDS (Amazon Relational Database Service)": A managed service that simplifies setting up, operating, and scaling relational databases in the cloud.
"RDS for PostgreSQL": The "Amazon RDS" service for the "PostgreSQL" database engine.
"RDS instance type": The specific configuration of CPU, memory, and networking for an "RDS" database instance.
"RDS Multi-AZ": A high-availability feature for "Amazon RDS" that creates a synchronous standby replica in a different "Availability Zone".
"RDS Snapshots": Backups of "RDS" database instances stored in "Amazon S3".
"Read spikes": Sudden, large increases in read traffic to a database.
"Read-heavy workloads": Workloads that involve significantly more read operations than write operations.
"Real-time": The actual time during which a process or event occurs.
"Real-time analytics": The analysis of data as it is generated, to provide immediate insights.
"Real-time applications": Applications that require immediate processing and response to data.
"Real-time data": Data that is generated and processed in real time.
"Real-time data streaming": The continuous flow of data from a source to a destination in real time.
"Real-time performance tracking": Monitoring the performance of a system as it happens.
"Real-world challenges": Problems and obstacles encountered in practical, everyday situations.
"Real-world scenarios": Situations that are representative of actual use cases or problems.
"Recommendation engines": Systems that predict the preferences or ratings that a user would give to an item.
"Recovery point": The state to which a system can be restored after a failure.
"Recovery Point Objective (RPO)": The maximum acceptable amount of data loss after a disaster, measured in time.
"Recovery Time Objective (RTO)": The maximum acceptable downtime after a disaster.
"Recursive joins": SQL joins that reference the same table multiple times to traverse a hierarchical relationship.
"Reddit's r/aws": A popular online community on Reddit for discussing AWS.
"Redshift (Amazon Redshift)": A fast, fully managed, petabyte-scale data warehouse service in the cloud.
"Redshift Spectrum": A feature of "Amazon Redshift" that allows you to run SQL queries directly against data in "Amazon S3".
"Redundancy": The duplication of critical components or functions of a system with the intention of increasing reliability.
"Redundant resources": Duplicate components that can take over if the primary ones fail.
"Reference architectures": Proven designs and patterns for building systems to solve common problems.
"Refactor": To restructure existing computer code without changing its external behavior.
"Refactor/Re-architect": A migration strategy that involves significantly changing an application's architecture to take advantage of cloud-native features.
"Reflection questions": Questions designed to encourage deep thought and self-assessment.
"Regional disaster": A large-scale event that affects an entire geographic region.
"Regional egress": Data moving out of an AWS Region.
"Regional selection": The choice of which AWS Region to deploy resources in.
"Regional service outages": When an entire AWS service becomes unavailable in a specific Region.
"Regularly allocate": To set aside resources or time on a consistent basis.
"Regulatory": Relating to rules or regulations.
"Regulatory adherence": Complying with all relevant laws and regulations.
"Regulatory compliance": See "Regulatory adherence".
"Regulatory compliance standards": The specific requirements of laws and regulations.
"Regulatory regimes": The systems of rules and regulations that govern a particular industry or activity.
"Rehost": See "Lift-and-shift".
"Relational": Based on the relational model of data.
"Relational database": A database that stores data in tables with rows and columns, and allows for complex relationships between tables.
"Relational database workloads": Workloads that are well-suited for relational databases, such as those requiring transactional integrity and complex queries.
"Reliability": The ability of a system to perform its intended function correctly and consistently over time.
"Reliable operations": The consistent and dependable functioning of a system.
"Remediation": The act of correcting a problem or deficiency.
"Remote access": The ability to access a computer or network from a remote location.
"Repeatability": The ability to perform a task or process in the same way multiple times with the same results.
"Repeatable changes": Changes that can be applied consistently and reliably.
"Repeatable deployments": The ability to deploy a system or application consistently and reliably.
"Replica Sets": A feature in "MongoDB" (and "DocumentDB") that provides high availability through data replication.
"Replication": The process of creating and maintaining copies of data or resources.
"Replication lag": The delay between a write operation on a primary database and the application of that write to a replica.
"Reporting": The process of generating and presenting data in a structured format.
"Repurchase": A migration strategy that involves replacing an existing application with a new one, often a "SaaS" product.
"Request flow": The path that a request takes through a system.
"Requirements": The specific needs or conditions that a system must meet.
"Reserved Instances (RIs)": An "EC2" purchasing option that provides a significant discount compared to On-Demand pricing in exchange for a 1- or 3-year commitment.
"Reservation utilization": The percentage of your Reserved Instances that are being used.
"Resilience": The ability of a system to withstand and recover from failures.
"Resiliency testing": The process of testing a system's ability to handle failures.
"Resource efficiency": Using resources in the most effective way possible, with minimal waste.
"Resource management": The process of planning, scheduling, and allocating resources.
"Resource policies": IAM policies that are attached directly to a resource, such as an "S3" bucket.
"Resource utilization": The extent to which resources are being used.
"Resource-based": Pertaining to a specific resource.
"Resources": The components of a cloud environment, such as virtual servers, storage, and databases.
"Responsiveness": The speed at which a system responds to requests.
"RESTful APIs": Application Programming Interfaces that adhere to the constraints of the REST architectural style.
"Retain": A migration strategy where an application is kept in its current environment.
"Retention period": The length of time that data must be stored.
"Retire": A migration strategy where an application is decommissioned.
"Retrofitting": Adding a component or feature to something that it did not have when it was manufactured.
"Reusable components": Parts of a system that can be used in multiple places without modification.
"Reusable solutions": Proven designs or patterns that can be applied to solve similar problems.
"Right-sizing": The process of matching instance types and sizes to your workload performance and capacity requirements at the lowest possible cost.
"Risk assessments": The process of identifying and evaluating potential risks.
"Risk mitigation": The process of reducing the likelihood or impact of risks.
"Roadmap": A plan that outlines the major steps or milestones of a project or initiative.
"Robust integration patterns": Proven methods for connecting different systems or components in a reliable way.
"Robustness": The ability of a system to withstand stress and continue functioning.
"Rollback": The process of reverting a system to a previous state.
"Rollback mechanisms": Automated or manual procedures for performing a rollback.
"Rollback planning": The process of creating a plan for how to perform a rollback if a deployment fails.
"Rolling Cutover": A migration strategy where traffic is gradually moved to the new environment in stages.
"Rolling updates": A deployment strategy where a new version of an application is gradually deployed to a set of instances, one at a time or in batches.
"Root causes": The fundamental reasons for a problem or failure.
"Rote memorization": Learning something by repetition, without necessarily understanding it.
"Route 53 (Amazon Route 53)": A highly available and scalable cloud Domain Name System ("DNS") web service.
"Route 53 Health Checks": A "Route 53" feature that monitors the health of your resources and can be used to configure "DNS" failover.
"Route Tables": A set of rules, called routes, that are used to determine where network traffic from your subnet or gateway is directed.
"Routing policies": Rules in "Route 53" that determine how "DNS" queries are answered.
"RPO (Recovery Point Objective)": See "Recovery Point Objective (RPO)".
"RTO (Recovery Time Objective)": See "Recovery Time Objective (RTO)".
"Runbooks": A documented set of procedures for performing a routine operational task or responding to an incident.
"Runtime": The environment in which a program or application is executed.
"Runtime-specific": Pertaining to a particular runtime environment.
"S3 (Amazon Simple Storage Service)": An object storage service that offers industry-leading scalability, data availability, security, and performance.
"S3 buckets": The containers for objects stored in "Amazon S3".
"S3 Cross-Region Replication": See "Cross-Region Replication (CRR)".
"S3 encryption": Encrypting data stored in "Amazon S3".
"S3 Glacier": A secure, durable, and low-cost storage class for data archiving and long-term backup.
"S3 Glacier Deep Archive": The lowest-cost storage class in "Amazon S3", designed for long-term data archiving.
"S3 Intelligent-Tiering": An "S3" storage class that automatically moves objects between frequent and infrequent access tiers based on changing access patterns.
"S3 Lifecycle Policies": See "Lifecycle Policies (S3 Lifecycle Policies)".
"S3 Object Lock": An "S3" feature that provides "WORM" (Write Once Read Many) capability, preventing objects from being deleted or overwritten.
"S3 object upload": The process of uploading a file to "Amazon S3".
"S3 Standard-IA (Infrequent Access)": An "S3" storage class for data that is accessed less frequently, but requires rapid access when needed.
"S3 Standard": The default "S3" storage class, designed for frequently accessed data.
"S3 storage classes": Different tiers of storage available in "Amazon S3", each with different performance, durability, and cost characteristics.
"SaaS (Software as a Service)": A software licensing and delivery model in which software is licensed on a subscription basis and is centrally hosted.
"SaaS applications": Applications delivered as a service over the internet.
"SageMaker (Amazon SageMaker)": A fully managed service that provides every developer and data scientist with the ability to build, train, and deploy machine learning models quickly.
"SAML 2.0": An open standard for exchanging authentication and authorization data between parties, in particular, between an identity provider and a service provider.
"Sample questions": Practice questions that are similar in format and content to those on an exam.
"Sandbox environment": An isolated environment where you can experiment and test without affecting production systems.
"SAP-C02": The exam code for the AWS Certified Solutions Architect - Professional certification.
"Scalability": The ability of a system to handle a growing amount of work by adding resources.
"Scalable": Capable of being easily expanded or upgraded on demand.
"Scaled score": A score that has been mathematically transformed from a raw score to a common scale.
"Scaling": The process of adding or removing resources to a system to meet demand.
"Scaling from zero": The ability of a serverless system to have no running instances when there is no traffic, and then automatically scale up when traffic arrives.
"Scaling policies": Rules in "Auto Scaling" that define how and when to scale resources.
"Schema": The structure of a database, describing the tables, columns, and relationships.
"Scientific modeling": The use of mathematical models to represent and analyze scientific systems.
"Scientific simulation application": Software that simulates scientific phenomena.
"SCP (Service Control Policies)": A type of policy in "AWS Organizations" that you can use to manage permissions in your organization.
"Scripts": A list of commands that are executed by a certain program or scripting engine.
"SDK": Software Development Kit.
"SDLC (Software Development Lifecycle)": The process of planning, creating, testing, and deploying an information system.
"Secondary IPs": Additional private IP addresses that can be assigned to an "ENI".
"Secondary Indexes": Data structures in a database that improve the speed of data retrieval operations.
"Secure defaults": Configuring services with the most secure settings by default.
"Secure network segmentation": Dividing a network into smaller, isolated segments to improve security.
"Security": The protection of computer systems and networks from the theft of or damage to their hardware, software, or electronic data, as well as from the disruption or misdirection of the services they provide.
"Security alerts": Notifications that a potential security event has occurred.
"Security analysis": The process of examining a system or network for security vulnerabilities.
"Security architecture": The design of a system's security controls and how they are integrated.
"Security auditing": The process of reviewing a system's security controls to ensure they are effective.
"Security best practices": Widely accepted guidelines for implementing security.
"Security by Design": The practice of integrating security considerations into every phase of the development lifecycle.
"Security checks": Automated tests that scan for security vulnerabilities.
"Security configurations": The settings that control the security of a system or service.
"Security considerations": Factors related to security that must be taken into account in a design.
"Security controls": Measures taken to protect the security of a system.
"Security events": Occurrences in a system or network that may have security implications.
"Security findings": The results of a security assessment, identifying potential vulnerabilities.
"Security guardrails": See "Guardrails".
"Security groups (SGs)": A virtual firewall for your instance to control inbound and outbound traffic.
"Security incident investigation": The process of investigating a security incident to determine its cause and impact.
"Security incidents": Events that violate an organization's security policies.
"Security layers": See "Defense in Depth".
"Security monitoring": The process of continuously observing a system for security threats.
"Security pillar": One of the six pillars of the AWS Well-Architected Framework, focused on security.
"Security policies": Rules that govern the security of a system.
"Security posture": An organization's overall security status.
"Security requirements": The specific security needs of a system.
"Security scans": Automated tests that look for security vulnerabilities.
"Security vulnerabilities": Weaknesses in a system that could be exploited by an attacker.
"Self-healing": The ability of a system to automatically detect and recover from failures.
"Self-healing mechanisms": Automated processes that enable a system to self-heal.
"Self-managed": When the user is responsible for managing the infrastructure and software.
"Self-managed DBs": Databases that are installed and managed by the user on their own infrastructure.
"Self-service": Allowing users to perform tasks or access resources on their own, without requiring assistance.
"Self-service provisioning": Allowing users to provision their own resources from a predefined catalog.
"Sensitive data": Information that must be protected from unauthorized access to safeguard the privacy or security of an individual or organization.
"Separation of Duties": A security principle that ensures that no single individual has control over all aspects of a critical process.
"Sequential": In a logical order or sequence.
"Server images": A snapshot of a server's operating system, applications, and data that can be used to create new servers.
"Server migration": The process of moving a server from one environment to another.
"Server-bound software": Software that is licensed to a specific physical server.
"Serverless": A cloud computing execution model in which the cloud provider runs the server, and dynamically manages the allocation of machine resources.
"Serverless applications": Applications that are built using serverless technologies.
"Serverless backend": The backend of an application that is built using serverless services.
"Serverless compute": Compute services that do not require the user to manage servers, such as "AWS Lambda".
"Serverless containers": Running containers without managing the underlying servers, using services like "AWS Fargate".
"Serverless functions": Pieces of code that run in a serverless environment.
"Serverless Modernization": The process of modernizing applications to use serverless technologies.
"Serverless options": Different serverless services available on AWS.
"Serverless platform": A cloud platform that provides serverless computing services.
"Serverless workflow service": A service (like "AWS Step Functions") that orchestrates serverless workflows.
"Service Control Policies (SCPs)": See "SCP (Service Control Policies)".
"Service dependencies": The relationships between different services in an application.
"Service discovery": The process of automatically detecting devices and services on a network.
"Service events": Events that describe changes in the state of AWS services.
"Service health": The operational status of an AWS service.
"Service level agreements (SLAs)": A commitment between a service provider and a client.
"Service limits": The maximum values for resources, actions, and items in your AWS account.
"Service map": A visualization in "AWS X-Ray" that shows the relationships between services in an application.
"Service mesh": A dedicated infrastructure layer for handling service-to-service communication.
"Service-oriented architecture (SOA)": A software design style where services are provided to the other components by application components, through a communication protocol over a network.
"Service selection": The process of choosing the most appropriate AWS service for a given task.
"Session management": The process of tracking user sessions in a web application.
"Session state data": Information about a user's session.
"Shared access": When multiple users or applications can access the same resource.
"Shared data": Data that is accessible to multiple users or applications.
"Shared development environments": Development environments that are used by multiple developers.
"Shared file systems": File systems that can be accessed by multiple computers simultaneously.
"Shared libraries": Collections of code that are used by multiple applications.
"Shared Responsibility Model": The model that defines the security responsibilities of AWS and the customer.
"Shared storage": Storage that is accessible to multiple compute instances.
"Sharding": The process of horizontally partitioning a database into smaller, more manageable pieces.
"Shifting Left": The practice of integrating security and other quality checks early in the development lifecycle.
"Showback": An accounting method that shows departments or business units the cost of the IT services they consume, without actually charging them.
"Simple/Step Scaling": "Auto Scaling" policies that allow you to define scaling actions based on CloudWatch alarm thresholds.
"Simple": Easy to understand or do.
"Single data center outages": Failures that affect a single data center.
"Single point of failure (SPOF)": A component in a system whose failure will cause the entire system to fail.
"Single sign-on (SSO)": An authentication scheme that allows a user to log in with a single ID and password to any of several related, yet independent, software systems.
"Single-digit millisecond latency": Latency that is less than 10 milliseconds.
"Single-AZ": Within a single "Availability Zone".
"Single-AZ database": A database that is deployed in a single "Availability Zone".
"Single-responsibility principle": A software design principle that states that every module, class, or function should have responsibility over a single part of the functionality provided by the software, and that responsibility should be entirely encapsulated by the class.
"Small proof-of-concept projects": Small-scale projects designed to test a concept or idea.
"SMB (Server Message Block)": A network file sharing protocol used by Windows-based computers.
"Snow Family at the edge": Using "AWS Snow Family" devices for edge computing applications.
"Snowball Edge": A data migration and edge computing device from the "AWS Snow Family".
"Snowcone": A small, portable, rugged, and secure edge computing and data transfer device from the "AWS Snow Family".
"Snowflake servers": Servers that have been manually configured and are difficult to reproduce automatically.
"Snowmobile": An exabyte-scale data transfer service used to move extremely large amounts of data to AWS.
"SOC reports": Service Organization Control reports, which are independent third-party examination reports that demonstrate how a company achieves key compliance controls and objectives.
"Software": The programs and other operating information used by a computer.
"Software development lifecycle (SDLC)": See "SDLC (Software Development Lifecycle)".
"Solution": A way of solving a problem.
"Sort Key (Range Attribute)": In "DynamoDB", the secondary part of a composite primary key that determines the order of items within a partition.
"Spaced Repetition": A learning technique that involves reviewing material at increasing intervals.
"Spark": An open-source unified analytics engine for large-scale data processing.
"Specialist": A person who concentrates primarily on a particular subject or activity.
"Specialization": The process of becoming an expert in a particular area.
"Specialized workloads": Workloads that have specific and unique requirements.
"Specific constraints": Particular limitations or restrictions.
"Spiky": Characterized by sudden, large increases and decreases.
"Spiky usage patterns": Unpredictable and fluctuating demand.
"Splunk": A popular software platform for searching, analyzing, and visualizing machine-generated data.
"SPOF (Single Point of Failure)": See "Single point of failure (SPOF)".
"Spot Instances": An "EC2" purchasing option that allows you to bid for unused "EC2" capacity at significant discounts.
"Spot": A market for buying and selling commodities, securities, or other financial instruments for immediate delivery. In AWS, a pricing model for unused EC2 capacity.
"Spread Placement Group": An "EC2" placement strategy that spreads instances across distinct underlying hardware to minimize correlated failures.
"SQL (Structured Query Language)": A standard language for accessing and manipulating databases.
"SQL injection": A code injection technique that might destroy your database.
"SQL Server": A relational database management system developed by Microsoft.
"SQS (Amazon Simple Queue Service)": A fully managed message queuing service that enables you to decouple and scale microservices, distributed systems, and serverless applications.
"SQS queues": The queues where messages are stored in "Amazon SQS".
"SREs (Site Reliability Engineers)": A discipline that incorporates aspects of software engineering and applies them to infrastructure and operations problems.
"SSL (Secure Sockets Layer)": A standard security technology for establishing an encrypted link between a server and a client.
"Stability": The state of being resistant to change or failure.
"Staff time": The amount of time that employees spend on a task.
"Staging area": An intermediate storage area used for data processing during the extract, transform, and load (ETL) process.
"Stale data": Data that is no longer up-to-date.
"Standardized components": Resources or services that are configured in a consistent and repeatable way.
"Standardized provisioning": The process of provisioning resources in a consistent and automated manner.
"State management": The process of tracking and managing the state of an application or system.
"State Manager": A capability of "AWS Systems Manager" that helps you maintain a consistent configuration of your instances.
"Stateful": A system or process that remembers previous events or interactions.
"Stateful containers": Containers that require persistent storage.
"Stateless": A system or process that does not remember previous events or interactions.
"Stateless application servers": Application servers that do not store any session state.
"Stateless containers": Containers that do not require persistent storage.
"Stateless microservices": Microservices that do not store any session state.
"Static assets": Files that do not change, such as images, CSS, and JavaScript files.
"Static content": Web content that is delivered to the user exactly as stored, in contrast to dynamic content that is generated by a web application.
"Static IP addresses": IP addresses that are manually configured for a device and do not change.
"Static website hosting": Hosting a website that consists only of static files.
"Steady-state": A stable condition that does not change over time.
"Steady-state workloads": Workloads with consistent and predictable demand.
"Storage": The retention of retrievable data on a computer or other electronic system.
"Storage costs": The expenses incurred from storing data.
"Storage layer": The part of an application's architecture responsible for storing data.
"Storage solutions": The combination of storage services and configurations used to store data.
"Storage vaults": Metaphor for secure cloud storage.
"Strategic problem-solving": A methodical approach to solving complex problems.
"Strategic test-taking": A planned and tactical approach to taking an exam.
"Strategies": Plans of action designed to achieve a major or overall aim.
"Strict compliance": Adherence to a high level of compliance with regulations or standards.
"Strict regulatory compliance standards": The most stringent requirements of laws and regulations.
"Strong ACID compliance": A high level of adherence to the "ACID" properties of database transactions.
"Strong authentication": Authentication methods that are highly secure, such as multi-factor authentication.
"Strong consistency": A data consistency model where all reads are guaranteed to see the most recent write.
"Strong security": A high level of protection against security threats.
"Structured": Organized in a predefined format.
"Structured data": Data that is organized in a fixed format, such as in a relational database.
"Structured query": A query that is written in a formal language, such as SQL.
"Subnet-level filtering": Filtering network traffic at the subnet level.
"Subnets": A logical subdivision of an IP network.
"Suboptimal component": A component that is not the best possible choice for a given task.
"Suboptimal solution": A solution that is not the best possible one.
"Supply chain": The network of all the individuals, organizations, resources, activities and technology involved in the creation and sale of a product.
"Sustainability": The ability to be maintained at a certain rate or level. In cloud computing, it refers to minimizing the environmental impact of workloads.
"Sustainability pillar": One of the six pillars of the AWS Well-Architected Framework, focused on sustainability.
"Sustained effort": Continuous and determined effort.
"Synchronous database replication": A data replication method where the primary database waits for the replica to acknowledge the write before confirming the transaction.
"Synchronous replication": See "Synchronous database replication".
"Synthesis": The cognitive skill of combining different elements to form a coherent whole.
"Systematic approach": A methodical and organized way of doing something.
"Systematic resolution": A methodical and organized process for solving problems.
"Systemic root causes": The fundamental organizational or process-level reasons for a problem.
"Systems": A set of interacting or interdependent components forming an integrated whole.
"Tagging": The process of assigning labels or tags to resources.
"Tagging strategy": A plan for how to use tags to organize and manage resources.
"Target Tracking": An "Auto Scaling" policy that adjusts the number of instances to keep a specific metric at a target value.
"Task Definitions": Blueprints in "Amazon ECS" that describe how a "Docker" container should launch.
"TCO (Total Cost of Ownership)": A financial estimate intended to help buyers and owners determine the direct and indirect costs of a product or system.
"TCP (Transmission Control Protocol)": A standard that defines how to establish and maintain a network conversation through which application programs can exchange data.
"TCP and UDP protocols": The two most common transport layer protocols used on the internet.
"Team familiarity": The level of knowledge and experience that a team has with a particular technology or tool.
"Technical debt": The implied cost of rework caused by choosing an easy (limited) solution now instead of using a better approach that would take longer.
"Technical skills": The abilities and knowledge needed to perform specific tasks.
"Terraform": An open-source "Infrastructure as Code" software tool created by HashiCorp.
"Test cutover": A practice run of a migration cutover to identify and resolve any issues before the final cutover.
"Testing": The process of evaluating a system or its component(s) with the intent to find whether it satisfies the specified requirements or not.
"Theoretical knowledge": Knowledge that is based on theory rather than practical experience.
"Thought leaders": Individuals or firms that are recognized as authorities in a specialized field and whose expertise is sought and often rewarded.
"Threat detection": The process of identifying potential security threats.
"Threat intelligence": Information about current and emerging cyber threats.
"Threat modeling": A process by which potential threats can be identified, enumerated, and prioritized – all from a hypothetical attacker’s point of view.
"Three-tier web application": A web application that is divided into three logical and physical tiers: the presentation tier, the application tier, and the data tier.
"Throttles requests": When a system limits the rate at which requests are processed.
"Throughput": The amount of data that can be processed in a given time.
"Throughput-intensive workloads": Workloads that require a high rate of data transfer.
"Tightly coupled": When components in a system are highly dependent on each other.
"Time management": The process of planning and controlling how to spend your time.
"Time series data": A sequence of data points indexed in time order.
"Time series database": A database that is optimized for storing and querying time series data.
"Timestream (Amazon Timestream)": A fast, scalable, and serverless time series database service for IoT and operational applications.
"TLS (Transport Layer Security)": A cryptographic protocol that provides communications security over a computer network.
"Toil": Repetitive, manual, and automatable work that has no enduring value.
"Tooling": The software and tools used by developers and operations teams.
"Trade-off analysis": The process of evaluating the pros and cons of different options to make a decision.
"Trade-offs": The process of balancing competing factors.
"Traditional applications": Older applications that are not designed for the cloud.
"Traditional IT operational models": The way IT operations have been traditionally managed, often involving manual processes and a reactive approach.
"Traffic": The data moving across a network.
"Traffic director": A tool or service that routes network traffic.
"Traffic management": The process of controlling the flow of network traffic.
"Transaction logs": Records of all transactions that have occurred in a database.
"Transactional": Relating to transactions.
"Transactional consistency": Ensuring that database transactions are processed reliably and maintain data integrity.
"Transactional data": Data related to business transactions.
"Transactional database workload": A workload that involves a high volume of transactions.
"Transactions": A sequence of operations performed as a single logical unit of work.
"Transitive routing": When a network can route traffic between two spokes through a central hub.
"Transport layer": Layer 4 of the OSI model, which provides host-to-host communication services for applications.
"Trendy specialization": A specialization that is currently popular or in high demand.
"Troubleshooting": The process of diagnosing and resolving problems.
"Troubleshooting connectivity issues": The process of diagnosing and resolving network connectivity problems.
"True practical proficiency": A high level of skill and competence in a practical context.
"Two-pass approach": An exam-taking strategy that involves going through the questions twice.
"TypeScript": A programming language that is a superset of JavaScript.
"UDP (User Datagram Protocol)": A communications protocol that is used for establishing low-latency and loss-tolerating connections between applications on the internet.
"Ultra-low latency": Extremely low delay in data transmission.
"Under-provisioning": Allocating fewer resources to a system than are actually needed.
"Underutilized resources": Resources that are not being used to their full potential.
"Unforeseen dependencies": Dependencies between components that were not identified during the planning phase.
"Unforeseen issues": Problems that were not anticipated.
"Unified authentication experience": A seamless and consistent authentication process across multiple applications and services.
"Unified interface": A single, consistent interface for managing multiple resources or services.
"Uninterrupted service delivery": Providing a service without any interruptions.
"Unmanageable mesh": A network topology that is too complex to manage effectively.
"Unpredictable": Not able to be foreseen or predicted.
"Unpredictable access": When it is not possible to predict when data will be accessed.
"Unpredictable access patterns": See "Unpredictable access".
"Unpredictable loads": Workloads that fluctuate in an unpredictable manner.
"Unpredictable traffic": Network traffic that fluctuates unpredictably.
"Unpredictable traffic surges": Sudden, large increases in traffic that are not predictable.
"Unpredictable workloads": See "Unpredictable loads".
"Unreplicated data": Data that exists in only one location and has no copies.
"Unresponsive instances": Compute instances that are not responding to requests.
"Unstructured data": Data that does not have a predefined data model or is not organized in a pre-defined manner.
"Unusual access patterns": Access patterns that deviate from the normal baseline.
"Unusual API calls": API calls that are not typical for a given user or role.
"Unusual spending patterns": Spending patterns that are not typical for a given account.
"Update DNS records": To change the information in a DNS record.
"Uptime": The amount of time that a system is operational.
"Uptime targets": The desired level of uptime for a system.
"Up-to-date": Current.
"URL path": The part of a URL that specifies the location of a resource on a web server.
"Usability": The ease with which a system can be used.
"Usage data": Data about how a system or service is being used.
"User profiles": Collections of data about users.
"User session data": Information about a user's session in a web application.
"User-defined": Defined by the user.
"User-impacting outage": An outage that affects end-users.
"Validation": The process of checking that something is correct or meets certain criteria.
"Value creation": The process of creating value for an organization.
"Variable performance": Performance that fluctuates over time.
"Variable spend": Costs that fluctuate based on usage.
"Variable workloads": See "Highly variable workloads".
"Vault Lock": A feature of "S3 Glacier" that allows you to enforce compliance controls on individual vaults.
"vCPU": Virtual Central Processing Unit.
"Verifiable history": A history of events that can be proven to be accurate and complete.
"Version control": The practice of tracking and managing changes to software code.
"Version control system": A tool that helps manage changes to code over time.
"Vertical Scaling (Scale Up)": Increasing the capacity of a single instance by adding more resources like CPU or memory.
"Video files": Digital files that contain video data.
"Virtual meetups": Meetups that are held online.
"Virtual machine images": Templates for creating virtual machines.
"Virtual machines (VMs)": Software-based emulations of physical computers.
"Virtual networks": Networks that are created using software, rather than physical hardware.
"Virtual servers": See "Virtual machines (VMs)".
"Virtualization environment": A software environment that allows you to run multiple virtual machines on a single physical server.
"Virtualizations": See "Virtual machines (VMs)".
"Visibility": The ability to see and understand what is happening in a system.
"Visualizations": Graphical representations of data or concepts.
"VM Import/Export": An AWS service for importing and exporting virtual machine images.
"VMware": A popular virtualization software company.
"VMware environment": An IT environment that uses "VMware" virtualization software.
"Volume discounts": Price reductions for purchasing in large quantities.
"VPC (Virtual Private Cloud)": A logically isolated section of the AWS Cloud where you can launch AWS resources in a virtual network that you define.
"VPC border": The boundary of a "VPC".
"VPC Endpoint": A feature that enables you to privately connect your "VPC" to supported AWS services and "VPC endpoint" services powered by "AWS PrivateLink" without requiring an internet gateway, "NAT" device, "VPN" connection, or "AWS Direct Connect" connection.
"VPC Flow Logs": A feature that enables you to capture information about the IP traffic going to and from network interfaces in your "VPC".
"VPC layout": The design and configuration of a "VPC".
"VPC Peering": A networking connection between two "VPCs" that enables you to route traffic between them using private IPv4 addresses or IPv6 addresses.
"VPN (Virtual Private Network)": A technology that creates a secure connection over a public network, such as the internet.
"VPN as backup": Using a "VPN" connection as a backup for a "Direct Connect" connection.
"VPN connection": A secure connection established using a "VPN".
"VPN Gateways": The component on the AWS side of a "Site-to-Site VPN" connection.
"Vulnerabilities": Weaknesses in a system that could be exploited by an attacker.
"WAF (Web Application Firewall)": A firewall that helps protect your web applications from common web exploits.
"Warm Data": Data that is accessed infrequently, but still requires relatively fast access.
"Warm Standby": A disaster recovery strategy where a scaled-down, fully functional replica of the production environment is continuously running in the "DR Region".
"WCU (Write Capacity Unit)": In "DynamoDB", one write per second for an item up to 1 KB in size.
"Web application": An application that is accessed over a network such as the internet or an intranet.
"Web content delivery": The process of delivering web content to users.
"Web exploits": Attacks that target vulnerabilities in web applications.
"Web filtering": The practice of blocking access to certain websites or web content.
"Web servers": Servers that host websites and deliver web content to users.
"Web-based": Accessed through a web browser.
"Weighted routing": A "Route 53" routing policy that allows you to route traffic to multiple resources in proportions that you specify.
"Well-architected": Designed according to best practices for the cloud.
"Well-Architected Framework": A set of best practices for designing and operating reliable, secure, efficient, and cost-effective systems in the cloud.
"Whiteboarding Practice": The practice of drawing out architectural designs on a whiteboard.
"Windows File Server": A file server that runs the Windows Server operating system.
"Windows Server": A server operating system developed by Microsoft.
"Windows-based applications": Applications that are designed to run on the Windows operating system.
"Worker nodes": The machines (nodes) that run containerized applications in a "Kubernetes" cluster.
"Workloads": The applications and processes that run on a system.
"WORM (Write Once Read Many)": A data storage model that allows data to be written once and read many times, but not modified or deleted.
"YAML": A human-readable data serialization language.
"Zero data loss": A state where no data is lost during a failure or migration.
"Zero trust": A security model that assumes that no user or device can be trusted by default, and requires verification for every request.