AWS
AWS is Amazon's cloud computing platform.
Regions
Regions are collections of resources in a geographic area. They're isolated and independent of one another, except where replication makes resources available across a boundary.
Regions introduced before 20th March 2019 are enabled by default, and cannot be disabled. Other regions can be enabled via the Console.
Quotas
Quotas are hard limits beyond which an account can't provision additional resources. They're usually region-specific.
Some quotas can't be increased.
Tagging
Resources can be tagged with metadata that can make them easier to locate, in key-value pairs AWS calls tags. Tags make it easier to manage, identify, organise, search for and filter resources.
Consider tagging by:
- Owner
- Environment
- Purpose
- Application
- Stack
- Operating System
Resource groups
AWS resource groups allow grouping related resources into a structure for easier bulk operations.
Not all services support resource groups.
ARNs
Amazon Resource Names uniquely identify resources. They're in the following format:
arn:partition:service:region:account-id:resource-id
arn:partition:service:region:account-id:resource-type:resource-id
arn:partition:service:region:account-id:resource-type/resource-id
And are comprised of:
partition
describes the group of regions in which the account exists:aws
- AWS consumer regions,aws-cn
- AWS China consumer regions.aws-us-gov
- AWS GovCloud regions.
service
- identifies the service, e.g.s3
.region
contains the region name.account-id
contains the owning AWS account ID.resource-type
define subtypes within a service; treat these as opaque.resource-id
is the resource-specific section of the identifier, and may contain a path.
If resource-id
is a path, wildcards (*
) can be used to match segments, but not subsegments.
Clients
- Console
- AWS Terraform provider (Private)
- CLI
Services
AWS is broken up into a number of services, most with regional availability. AWS services are generally accessible via service endpoints of the form:
protocol:service-code.region-code.amazonaws.com
Global services (services that aren't regional) will omit the region-code
segment.
Children
- ACM
- API Gateway
- Amazon Redshift
- Amplify
- AppStream
- AppSync
- Application Auto Scaling
- Athena
- Batch
- Billing
- CLI
- Cloud Directory
- CloudFormation
- CloudFront
- CloudHSM
- CloudSearch
- CloudTrail
- CloudWatch
- CodeBuild
- CodeCommit
- CodeDeploy
- CodePipeline
- CodeStar
- Cognito
- Config
- DMS
- Device Farm
- Direct Connect
- Directory Service
- DocumentDB
- DynamoDB
- EC2
- ECR
- ECS
- EFS
- EKS
- ELB
- EMR
- ElastiCache
- Elastic Beanstalk
- EventBridge
- FSx
- Fargate
- Global Accelerator
- Glue
- GuardDuty
- IAM
- Inspector
- KMS
- Keyspaces
- Kinesis
- Lambda
- License Manager
- MSK
- Macie
- Managed Services
- Neptune
- OpenSearch Service
- OpsWorks
- Organisations
- Outposts
- QLDB
- RDS
- Route 53
- S3
- SCT
- SDKs
- SES
- SWF
- SageMaker
- Secrets Manager
- Security Hub
- Service Catalog
- Shield
- Simple Notification Service
- Simple Queue Service
- SimpleDB
- Snow family
- Step Functions
- Systems Manager
- Timestream
- Trusted Advisor
- VPC
- VPN
- WAF
- X-Ray
Backlinks