My AWS DevOps and SA associate notes – Part 1 – Overview

During the pursuit of these two certifications I jotted down some notes along the way. Sharing is caring, here they are:

Note: These are just notes, items of interest I happened to notice and should 100% not be taken as things that will appear on your exam. Make sure you only use these to run through various things only. Your main resources should be video lessons (acloudguru type stuff), real lab time time (or on the job experience which is always better) and AWS’ own whitepapers, case studies etc..

Links to other sections:

Part 2 – IAM, Security Groups, EBS, EFS

Part 3 – ELB, CLI commands, EC2, Lambda

Part 4 – VPC, Elastic Beanstalk, S3

Part 5 – SNS, CloudFormation, SQS, DynamoDB


Compute – EC2

Storage – S3

22 Regions. 60 something availability zones

Region – geo area
Region is 2 or more AZ, AZ is a datacenter
Resources across multiple AZ to tolerate failure

Edge location – endpoints. Caching of information.
96 Edge locaations. Called CloudFront.

EC2 – Elastic Compute Cloud (VMs inside the platform)

EC2 Container – location for Docker containers

Beanstalk – for devs without the need to learn the tech

Lightsail – virtual private service for people that don’t want to know about underlying infra. provisions server, fixed IP address, RDP/ssh access granted. Mgmt console available


S3 – Simple Storage Service
– object based
– buckets

EFS – Elastic file system (NAS). Can be mounted to multiple VMs
Glacier – archival purposes
Snowball – bring in large data into AWS datacenter. Manually/physically done
Storage gateway – virtual appliances


RDS – MySQL, PostgreSQL, Microsoft SQL, Oracle. Any relational database.
DynamoDB – non-relational
Elasticache – way of caching commonly queries thing. Top 10 products etc rather than have pulled from back-end SQL
Red shift – data wareshousing, complex queries.


AWS Migration Hub – tracking services.
App discovery service – automated set of tools for apps and dependencies (say on AD/SQL etc)

DB Migration Service – upload DB to the AWS cloud

Server Migration Service – upload VM and physical VMs to AWS cloud

Snowball – used for migrating large amounts of data

VPC – Amazon Virtual Private Cloud . Virtual datacenter. Configure firewalls, NATs, ACLs, root tables etc

CloudFront – caching of images/videos. access from nearest edge location
Route 53 – AWS’ DNS service

API gateway service – create severless websites. way to create own API for your services toi talk to
Directo Connect – direct line from head office to VPC

Developer Tools

Codestar – gets devs to work together. PM your code. Continuous delivery chain. Dev collaboration
CodeCommit- source code. Git repository
Codebuild – compile code, run tests against it. prep software packages
CodeDeploy – automated deployment to anything (on prem and AWS cloud)
Xray – debug and analyze, find root cause of issues/perf
Cloud9 – IDE environment. develop code inside the AWS console (via web browser).

Mgmt tools

CloudWatch – monitoring service. MUST know for exam.
Cloudformation – for architecture. scripting the infra!!
Template to deploy WP, Sharepoint, Joomla etc.
CloudTrail – anything done inside AWS, triggers an API call and logs changes made. Only stores records for 1 week only by default.
Config – monitors config, point in time snapshots to see what was done earlier. Visualizer.
Opsworks – Chef and Puppet for automation.
Service Catalog- manage IT services catalog. for use on AWS (images/software/ anything). governance/audit requirements
Systems Manager – patch maintenance. grouping apps/services
Trusted Advisor – advice around various disciplines. sort of alike an accountant.
Managed services – let AWS manage your own AWS instance

Media Services

Elastic transcoder – video recording are taken and resized on any user device
MediaConvert, Live, Package, Store, Tailor. Not on exam

Deeplens – physical hardware like an ACL
Lex – powers the Alexa service. communicate with customer
Polly – turns text to speech
Rekognition – upload file, goes through picture and tells what’s in it
Translate – machine translation service. English to others
Transcribe – for hard of hearing folks


Athena – SQL queries against things in S3 bucket. Serverless.

Kinesis – ingesting large amount of data into AWS.

Quicksight – BI tool. Low cost.

Glue – Extract, Transform, Load. Large data load into AWS.

Security, Identity and Compliance

IAM – Kknow this inside/out.

Cognito – device auth. requests temp access to AWS resources.

Guard Duty – malicious activity detection

Inspector – agent on VMs, EC2 instances. Run tests against this.

Macie – scans S3 bucket. detected personally identifiable information (passport, cc, DOB – alerts)

Cert Manager – manages SSL certs

CloudHSM – store keys to access EC2 instances. Hardware Security Module.

Directory Service – not in exam

WAF – layer 7 firewall. looks at the apps.

Shield – get by default for CloudFront, LB, Route 53. DDOS mitigation. Advanced shield – 2417. If you suffer DDOS, AWS waive off fees.

Artifact – audit/compliance. ondemand access for compliance reports.

Mobile Services

Mobile Hub – mgmt console. go in and creates AWS searices, generated cloud services file. Not in exam.

Pinpoint – targetted push notification for mobile user engagement.

Appsync – updates apps. not in exam.

Device Farm- way of testing apps on real live devices. Not in exam.


Sumerian – first language ever.

Application Integration

Amazon MQ – mesaage queues like RabbitMQ. Not in exam.

SNS/SQS/SWF – notification service (bill alarm to email/phone). decoupling infra (holds info in a queue. sends to EC2 queue. processed by it. order package, creates simple workflow job.

Business productivity.

Alexa for business. Dial into meetings, call people/services. Not in exam.

Chime. Hangouts for example. Video conf. Record meets
Work docs – droppbox for AWS. Store work docs.
Workmail – like O365. Not in exam.

Desktop and App streaming

Workspace – VDI solution. Windows/Linux on AWS. Streams to your BYOD.
Appstream – apps runs on the cloud. streamed down.

Leave a Comment

Your email address will not be published.