GovCloud Region Pricing

AWS GovCloud (US) is an isolated AWS region designed to host sensitive data and regulated workloads in the cloud, helping customers support their U.S. government compliance requirements, including the International Traffic in Arms Regulations (ITAR) and Federal Risk and Authorization Management Program (FedRAMP). AWS GovCloud (US) is operated by employees who are vetted "U.S. Persons" and root account holders of AWS accounts must confirm they are U.S. Persons before being granted access credentials to the region. AWS GovCloud (US) is available to U.S. government agencies and organizations in government-regulated industries, that meet GovCloud (US) requirements for access. AWS GovCloud (US) Region EC2 Availability Zones: 2. (June, 2017) Retrieved from: https://aws.amazon.com/govcloud-us.

Please note that the AWS GovCloud (US) Region is not necessary to operate under the AWS FedRAMP Agency ATO. The AWS US East/West regions have a separate FedRAMP ATO that may be sufficient to satisfy your requirements. Not all AWS services are available in the GovCloud. The GovCloud is currently available in only the Northwestern region of the United States, which may result in unacceptable network latency from the U.S. East coast. In many cases, appropriate security policies may mitigate the requirement that appears to necessitate GovCloud. For example, encryption of data at rest and in transit may meet any requirement to limit data access to only U.S. Persons.

AWS GovCloud (US) root user must sign the AWS GovCloud (US) Region Addendum and must be a U.S. Person.

The AWS GovCloud (US) Region contains may not contain all services available in standard AWS regions. Please see the Services in the AWS GovCloud (US) Region for the latest information on GovCloud services.

Services

AWS Backup | Centralized Cloud Backup

AWS Backup is a fully managed backup service that makes it easy to centralize and automate the back up of data across AWS services in the cloud as well as on premises using the AWS Storage Gateway. Using AWS Backup, you can centrally configure backup policies and monitor backup activity for AWS resources, such as Amazon EBS volumes, Amazon RDS databases, Amazon DynamoDB tables, Amazon EFS file systems, and AWS Storage Gateway volumes. AWS Backup automates and consolidates backup tasks previously performed service-by-service, removing the need to create custom scripts and manual processes. With just a few clicks in the AWS Backup console, you can create backup policies that automate backup schedules and retention management. AWS Backup provides a fully managed, policy-based backup solution, simplifying your backup management, enabling you to meet your business and regulatory backup compliance requirements. (June, 2019) Retrieved from: https://aws.amazon.com/backup/.

AWS Certificate Manager - Easily Provision, Manage, and Deploy Public and Private SSL/TLS

AWS Certificate Manager is a service that lets you easily provision, manage, and deploy public and private Secure Sockets Layer/Transport Layer Security (SSL/TLS) certificates for use with AWS services and your internal connected resources. SSL/TLS certificates are used to secure network communications and establish the identity of websites over the Internet as well as resources on private networks. AWS Certificate Manager removes the time-consuming manual process of purchasing, uploading, and renewing SSL/TLS certificates. With AWS Certificate Manager, you can quickly request a certificate, deploy it on ACM-integrated AWS resources, such as Elastic Load Balancers, Amazon CloudFront distributions, and APIs on API Gateway, and let AWS Certificate Manager handle certificate renewals. It also enables you to create private certificates for your internal resources and manage the certificate lifecycle centrally. Public and private certificates provisioned through AWS Certificate Manager for use with ACM-integrated services are free. You pay only for the AWS resources you create to run your application. For private certificates, you pay monthly for the operation of the private CA and for the private certificates you issue. (June, 2018) Retrieved from: https://aws.amazon.com/certificate-manager/.

AWS CloudFormation - Model and provision all your cloud infrastructure resources

AWS CloudFormation provides a common language for you to model and provision AWS and third party application resources in your cloud environment. AWS CloudFormation allows you to use programming languages or a simple text file to model and provision, in an automated and secure manner, all the resources needed for your applications across all regions and accounts. This gives you a single source of truth for your AWS and third party resources. (June, 2020) Retrieved from: https://aws.amazon.com/cloudformation/.

AWS Cloud Map - Service discovery for cloud resources

AWS Cloud Map is a cloud resource discovery service. With Cloud Map, you can define custom names for your application resources, and it maintains the updated location of these dynamically changing resources. This increases your application availability because your web service always discovers the most up-to-date locations of its resources. (June, 2019) Retrieved from: https://aws.amazon.com/cloud-map/.

AWS CloudTrail - Track User Activity and API Usage

AWS CloudTrail is a service that enables governance, compliance, operational auditing, and risk auditing of your AWS account. With CloudTrail, you can log, continuously monitor, and retain events related to API calls across your AWS infrastructure. CloudTrail provides a history of AWS API calls for your account, including API calls made through the AWS Management Console, AWS SDKs, command line tools, and other AWS services. This history simplifies security analysis, resource change tracking, and troubleshooting.

With AWS CloudTrail, simplify your compliance audits by automatically recording and storing activity logs for actions made within your AWS account. Integration with Amazon CloudWatch Logs provides a convenient way to search through log data, identify out-of-compliance events, accelerate incident investigations, and expedite responses to auditor requests.

With AWS CloudTrail, you can discover and troubleshoot security and operational issues by capturing a comprehensive history of changes that occurred in your AWS account within a specified period of time. (June, 2017) Retrieved from: https://aws.amazon.com/cloudtrail/.

AWS CodeDeploy - Automated Software Deployment

AWS CodeDeploy is a service that automates code deployments to any instance, including Amazon EC2 instances and instances running on-premises. AWS CodeDeploy makes it easier for you to rapidly release new features, helps you avoid downtime during application deployment, and handles the complexity of updating your applications. You can use AWS CodeDeploy to automate software deployments, eliminating the need for error-prone manual operations, and the service scales with your infrastructure so you can easily deploy to one instance or thousands. (June, 2017) Retrieved from: https://aws.amazon.com/codedeploy/.

AWS CodePipeline - Continuous Integration & Continuous Delivery

AWS CodePipeline is a continuous integration and continuous delivery service for fast and reliable application and infrastructure updates. CodePipeline builds, tests, and deploys your code every time there is a code change, based on the release process models you define. This enables you to rapidly and reliably deliver features and updates. You can easily build out an end-to-end solution by using our pre-built plugins for popular third-party services like GitHub or integrating your own custom plugins into any stage of your release process. With AWS CodePipeline, you only pay for what you use. There are no upfront fees or long-term commitments. (June, 2017) Retrieved from: https://aws.amazon.com/codepipeline/.

AWS Config - AWS Resource Inventory, Configuration History, and Configuration Change Notifications

AWS Config is a fully managed service that provides you with an AWS resource inventory, configuration history, and configuration change notifications to enable security and governance. Config Rules enables you to create rules that automatically check the configuration of AWS resources recorded by AWS Config. With AWS Config, you can discover existing and deleted AWS resources, determine your overall compliance against rules, and dive into configuration details of a resource at any point in time. These capabilities enable compliance auditing, security analysis, resource change tracking, and troubleshooting. (June, 2017) Retrieved from: https://aws.amazon.com/config/.

AWS DataSync - Easily transfer data to and from AWS

AWS DataSync is a data transfer service that makes it easy for you to automate moving data between on premises storage and Amazon S3 or Amazon Elastic File System (Amazon EFS). DataSync automatically handles many of the tasks related to data transfers that can slow down migrations or burden your IT operations, including running your own instances, handling encryption, managing scripts, network optimization, and data integrity validation. You can use DataSync to transfer data at speeds up to 10 times faster than open source tools. DataSync uses an on premises software agent to connect to your existing storage or file systems using the Network File System (NFS) protocol, so you don’t have to write scripts or modify your applications to work with AWS APIs. You can use DataSync to copy data over AWS Direct Connect or internet links to AWS. The service enables one time data migrations, recurring data processing workflows, and automated replication for data protection and recovery. Getting started with DataSync is easy: Deploy the DataSync agent on premises, connect it to a file system or storage array, select Amazon EFS or S3 as your AWS storage, and start moving data. You pay only for the data you copy. (June, 2019) Retrieved from: https://aws.amazon.com/datasync/.

AWS Data Transfer - Accelerated data transfer

AWS Database Migration Service

AWS Database Migration Service helps you migrate databases to AWS easily and securely. The source database remains fully operational during the migration, minimizing downtime to applications that rely on the database. The AWS Database Migration Service can migrate your data to and from most widely used commercial and open-source databases. The service supports homogenous migrations such as Oracle to Oracle, as well as heterogeneous migrations between different database platforms, such as Oracle to Amazon Aurora or Microsoft SQL Server to MySQL. It also allows you to stream data to Amazon Redshift, Amazon DynamoDB, and Amazon S3 from any of the supported sources including Amazon Aurora, PostgreSQL, MySQL, MariaDB, Oracle, SAP ASE, SQL Server and MongoDB, enabling consolidation and easy analysis of data in the petabyte-scale data warehouse. AWS Database Migration Service can also be used for continuous data replication with high-availability. (June, 2017) Retrieved from: https://aws.amazon.com/dms/.

AWS Direct Connect - Reduce Your Bandwidth Cost

AWS Direct Connect makes it easy to establish a dedicated network connection from your premises to AWS. Using AWS Direct Connect, you can establish private connectivity between AWS and your datacenter, office, or colocation environment, which in many cases can reduce your network costs, increase bandwidth throughput, and provide a more consistent network experience than Internet-based connections.

AWS Direct Connect lets you establish a dedicated network connection between your network and one of the AWS Direct Connect locations. Using industry standard 802.1q VLANs, this dedicated connection can be partitioned into multiple virtual interfaces. This allows you to use the same connection to access public resources such as objects stored in Amazon S3 using public IP address space, and private resources such as Amazon EC2 instances running within an Amazon Virtual Private Cloud (VPC) using private IP space, while maintaining network separation between the public and private environments. Virtual interfaces can be reconfigured at any time to meet your changing needs. (June, 2017) Retrieved from: https://aws.amazon.com/directconnect/.

AWS Directory Service

AWS Directory Service makes it easy to setup and run Microsoft Active Directory (AD) in the AWS cloud, or connect your AWS resources with an existing on-premises Microsoft Active Directory. Once your directory is created, you can use it to manage users and groups, provide single sign-on to applications and services, create and apply group policy, domain join Amazon EC2 instances, as well as simplify the deployment and management of cloud-based Linux and Microsoft Windows workloads. AWS Directory Service provides you with three directory types to choose from including AWS Directory Service for Microsoft Active Directory (Enterprise Edition), also referred to as Microsoft AD, as well as Simple AD, and AD Connector. (June, 2017) Retrieved from: https://aws.amazon.com/directoryservice/.

AWS Elastic Load Balancing - Achieve fault tolerance for any application by ensuring scalability, performance, and security.

Elastic Load Balancing automatically distributes incoming application traffic across multiple targets, such as Amazon EC2 instances, containers, IP addresses, and Lambda functions. It can handle the varying load of your application traffic in a single Availability Zone or across multiple Availability Zones. Elastic Load Balancing offers three types of load balancers that all feature the high availability, automatic scaling, and robust security necessary to make your applications fault tolerant. (June, 2020) Retrieved from: https://aws.amazon.com/elasticloadbalancing/.

AWS Elemental MediaConvert - Process video files and clips to prepare on-demand content for distribution or archiving

AWS Elemental MediaConvert is a file-based video transcoding service with broadcast-grade features. It allows you to easily create video-on-demand (VOD) content for broadcast and multiscreen delivery at scale. The service combines advanced video and audio capabilities with a simple web services interface and pay-as-you-go pricing. With AWS Elemental MediaConvert, you can focus on delivering compelling media experiences without having to worry about the complexity of building and operating your own video processing infrastructure. (June, 2018) Retrieved from: https://aws.amazon.com/mediaconvert/.

AWS Events - Respond to state changes in your AWS Resources

Amazon CloudWatch Events helps you to respond to state changes in your AWS resources. When your resources change state, they automatically send events into an event stream. You can create rules that match selected events in the stream and route them to targets to take action. You can also use rules to take action on a pre-determined schedule. For example, you can configure rules to: automatically invoke an AWS Lambda function to update DNS entries when an event notifies you that Amazon EC2 instance enters the running state; direct specific API records from CloudTrail to an Amazon Kinesis stream for detailed analysis of potential security or availability risks; and periodically invoke a built-in target to create a snapshot of an Amazon EBS volume. (June, 2018) Retrieved from: https://docs.aws.amazon.com/cli/latest/reference/events/index.html#cli-aws-events.

AWS Firewall Manager - Centrally configure and manage firewall rules

AWS Firewall Manager is a security management service that makes it easier to centrally configure and manage AWS WAF rules across your accounts and applications. Using Firewall Manager, you can easily roll out AWS WAF rules for your Application Load Balancers and Amazon CloudFront distributions across accounts in AWS Organizations. As new applications are created, Firewall Manager also makes it easy to bring new applications and resources into compliance with a common set of security rules from day one. Now you have a single service to build firewall rules, create security policies, and enforce them in a consistent, hierarchical manner across your entire Application Load Balancers and Amazon CloudFront infrastructure. (June, 2019) Retrieved from: https://aws.amazon.com/firewall-manager/.

AWS Glue - Fully Managed Extract, Transform, and Load (ETL) Service

AWS Glue is a fully managed extract, transform, and load (ETL) service that makes it easy for customers to prepare and load their data for analytics. You can create and run an ETL job with a few clicks in the AWS Management Console. You simply point AWS Glue to your data stored on AWS, and AWS Glue discovers your data and stores the associated metadata (e.g. table definition and schema) in the AWS Glue Data Catalog. Once cataloged, your data is immediately searchable, queryable, and available for ETL. AWS Glue generates the code to execute your data transformations and data loading processes.

AWS Glue generates code that is customizable, reusable, and portable. Once your ETL job is ready, you can schedule it to run on AWS Glue's fully managed, scale-out Apache Spark environment. AWS Glue provides a flexible scheduler with dependency resolution, job monitoring, and alerting.

AWS Glue is serverless, so there is no infrastructure to buy, set up, or manage. It automatically provisions the environment needed to complete the job, and customers pay only for the compute resources consumed while running ETL jobs. With AWS Glue, data can be available for analytics in minutes. (June, 2018) Retrieved from: https://aws.amazon.com/glue/.

AWS Greengrass - Embedded Lambda Compute for Connected Devices

AWS Greengrass is software that lets you run local compute, messaging, data caching, and synch capabilities for connected devices in a secure way. With AWS Greengrass, connected devices can run AWS Lambda functions, keep device data in sync, and communicate with other devices securely - even when not connected to the Internet. Using AWS Lambda, Greengrass ensures your IoT devices can respond quickly to local events, operate with intermittent connections, and minimize the cost of transmitting IoT data to the cloud.

AWS Greengrass seamlessly extends AWS to devices so they can act locally on the data they generate, while still using the cloud for management, analytics, and durable storage. With Greengrass, you can use familiar languages and programming models to create and test your device software in the cloud, and then deploy it to your devices. AWS Greengrass can be programmed to filter device data and only transmit necessary information back to the cloud. AWS Greengrass authenticates and encrypts device data at all points of connection using AWS IoT’s security and access management capabilities. This way data is never exchanged between devices when they communicate with each other and the cloud without proven identity. (June, 2017) Retrieved from: https://aws.amazon.com/greengrass/.

AWS Internet of Things

The Internet of Things (IoT) is a term coined by Kevin Ashton, a British technology pioneer working on radio-frequency identification (RFID) who conceived a system of ubiquitous sensors connecting the physical world to the Internet. Although things, Internet, and connectivity are the three core components of IoT, the value is in closing the gap between the physical and digital world in self-reinforcing and self-improving systems. If you knew the state of every thing in the world, and could reason on top of the data: What problems would you solve? To help you answer that question and extract the value from your connected devices, AWS has built IoT specific services, such as AWS Greengrass and AWS IoT. They help you collect and send data to the cloud, make it easy to load and analyze that information, and provide the ability to manage your devices, so you can focus on developing applications that fit your needs. To get started with the Internet of Things on AWS, choose a service to learn more. (June, 2017) Retrieved from: https://aws.amazon.com/iot/.

AWS IoT Events - Easily detect and respond to events from IoT sensors and applications

AWS IoT Events is a fully managed service that makes it easy to detect and respond to events from IoT sensors and applications. Events are patterns of data identifying more complicated circumstances than expected, such as changes in equipment when a belt is stuck or motion detectors using movement signals to activate lights and security cameras. Before IoT Events, you had to build costly, custom applications to collect data, apply decision logic to detect an event, and then trigger another application to react to the event. Using IoT Events, it’s simple to detect events across thousands of IoT sensors sending different telemetry data, such as temperature from a freezer, humidity from respiratory equipment, and belt speed on a motor. You simply select the relevant data sources to ingest, define the logic for each event using simple ‘if-then-else’ statements, and select the alert or custom action to trigger when an event occurs. IoT Events continuously monitors data from multiple IoT sensors and applications, and it integrates with other services, such as AWS IoT Core and AWS IoT Analytics, to enable early detection and unique insights into events. IoT Events automatically triggers alerts and actions in response to events based on the logic you define to resolve issues quickly, reduce maintenance costs, and increase operational efficiency. (June, 2020) Retrieved from: https://aws.amazon.com/iot-events/.

AWS IoT SiteWise - Easily collect, organize and analyze data from industrial equipment at scale

AWS IoT SiteWise is a managed service that makes it easy to collect, store, organize and monitor data from industrial equipment at scale to help you make better, data-driven decisions. You can use AWS IoT SiteWise to monitor operations across facilities, quickly compute common industrial performance metrics, and create applications that analyze industrial equipment data to prevent costly equipment issues and reduce gaps in production. This allows you to collect data consistently across devices, identify issues with remote monitoring more quickly, and improve multi-site processes with centralized data.

Today, getting performance metrics from industrial equipment is challenging because data is often locked into proprietary on-premises data stores and typically requires specialized expertise to retrieve and place in a format that is useful for analysis. AWS IoT SiteWise simplifies this process by providing software running on a gateway that resides in your facilities and automates the process of collecting and organizing industrial equipment data. This gateway securely connects to your on-premises data servers, collects data, and sends the data to the AWS Cloud. AWS IoT SiteWise also provides interfaces for collecting data from modern industrial applications through MQTT messages or APIs.

You can use AWS IoT SiteWise to model your physical assets, processes and facilities, quickly compute common industrial performance metrics, and create fully managed web applications to help analyze industrial equipment data, reduce costs and make faster decisions. With AWS IoT SiteWise, you can focus on understanding and optimizing your operations, rather than building costly in-house data collection and management applications. (June, 2020) Retrieved from: https://aws.amazon.com/iot-sitewise/.

AWS Lambda - Serverless Compute

AWS Lambda lets you run code without provisioning or managing servers. You pay only for the compute time you consume - there is no charge when your code is not running. With Lambda, you can run code for virtually any type of application or backend service - all with zero administration. Just upload your code and Lambda takes care of everything required to run and scale your code with high availability. You can set up your code to automatically trigger from other AWS services or call it directly from any web or mobile app. (June, 2017) Retrieved from: https://aws.amazon.com/lambda/.

AWS Outposts - Run AWS infrastructure and services on premises for a truly consistent hybrid experience

AWS Outposts is a fully managed service that extends AWS infrastructure, AWS services, APIs, and tools to virtually any datacenter, co-location space, or on-premises facility for a truly consistent hybrid experience. AWS Outposts is ideal for workloads that require low latency access to on-premises systems, local data processing, or local data storage.

AWS Outposts offers you the same AWS hardware infrastructure, services, APIs, and tools to build and run your applications on premises and in the cloud for a truly consistent hybrid experience. AWS compute, storage, database, and other services run locally on Outposts, and you can access the full range of AWS services available in the Region to build, manage, and scale your on-premises applications using familiar AWS services and tools.

Outposts are connected to the nearest AWS Region to provide the same management and control plane services on premises for a truly consistent operational experience across your on-premises and cloud environments. Your Outposts infrastructure and AWS services are managed, monitored, and updated by AWS just like in the cloud. (June, 2020) Retrieved from: https://aws.amazon.com/outposts/.

Amazon SQS - Message Queuing Service

Amazon Simple Queue Service (SQS) is a fast, reliable, scalable, fully managed message queuing service. SQS makes it simple and cost-effective to decouple the components of a cloud application. You can use SQS to transmit any volume of data, at any level of throughput, without losing messages or requiring other services to be always available. With SQS, you can offload the administrative burden of operating and scaling a highly available messaging cluster, while paying a low price for only what you use. (June, 2017) Retrieved from: https://aws.amazon.com/sqs/.

AWS Secrets Manager - Easily rotate, manage, and retrieve database credentials, API keys, and other secrets through their lifecycle

AWS Secrets Manager helps you protect secrets needed to access your applications, services, and IT resources. The service enables you to easily rotate, manage, and retrieve database credentials, API keys, and other secrets throughout their lifecycle. Users and applications retrieve secrets with a call to Secrets Manager APIs, eliminating the need to hardcode sensitive information in plain text. Secrets Manager offers secret rotation with built-in integration for Amazon RDS for MySQL, PostgreSQL, and Amazon Aurora. Also, the service is extensible to other types of secrets, including API keys and OAuth tokens. In addition, Secrets Manager enables you to control access to secrets using fine-grained permissions and audit secret rotation centrally for resources in the AWS Cloud, third-party services, and on-premises. (June, 2018) Retrieved from: https://aws.amazon.com/secrets-manager/.

AWS Security Hub - Centrally view and manage security alerts and automate security checks

AWS Security Hub gives you a comprehensive view of your high-priority security alerts and security posture across your AWS accounts. There are a range of powerful security tools at your disposal, from firewalls and endpoint protection to vulnerability and compliance scanners. But oftentimes this leaves your team switching back-and-forth between these tools to deal with hundreds, and sometimes thousands, of security alerts every day. With Security Hub, you now have a single place that aggregates, organizes, and prioritizes your security alerts, or findings, from multiple AWS services, such as Amazon GuardDuty, Amazon Inspector, Amazon Macie, AWS Identity and Access Management (IAM) Access Analyzer, and AWS Firewall Manager, as well as from AWS Partner solutions. AWS Security Hub continuously monitors your environment using automated security checks based on the AWS best practices and industry standards that your organization follows. You can also take action on these security findings by investigating them in Amazon Detective or by using Amazon CloudWatch Event rules to send the findings to ticketing, chat, Security Information and Event Management (SIEM), Security Orchestration Automation and Response (SOAR), and incident management tools or to custom remediation playbooks. Get started with AWS Security Hub in just a few clicks in the Management Console and once enabled, Security Hub will begin aggregating and prioritizing findings and conducting security checks. (June, 2020) Retrieved from: https://aws.amazon.com/security-hub/.

AWS Service Catalog - Catalog IT services

AWS Service Catalog allows organizations to create and manage catalogs of IT services that are approved for use on AWS. These IT services can include everything from virtual machine images, servers, software, and databases to complete multi-tier application architectures. AWS Service Catalog allows you to centrally manage commonly deployed IT services, and helps you achieve consistent governance and meet your compliance requirements, while enabling users to quickly deploy only the approved IT services they need. (June, 2017) Retrieved from: https://aws.amazon.com/servicecatalog/.

AWS Shield - Managed DDoS Protection

AWS Shield is a managed Distributed Denial of Service (DDoS) protection service that safeguards web applications running on AWS. AWS Shield provides always-on detection and automatic inline mitigations that minimize application downtime and latency, so there is no need to engage AWS Support to benefit from DDoS protection. There are two tiers of AWS Shield - Standard and Advanced.

All AWS customers benefit from the automatic protections of AWS Shield Standard, at no additional charge. AWS Shield Standard defends against most common, frequently occurring network and transport layer DDoS attacks that target your web site or applications.

For higher levels of protection against attacks targeting your web applications running on Elastic Load Balancing (ELB), Amazon CloudFront, and Amazon Route 53 resources, you can subscribe to AWS Shield Advanced. In addition to the common network and transport layer protections that come with Standard, AWS Shield Advanced provides additional detection and mitigation against large and sophisticated DDoS attacks, near real-time visibility into attacks, and integration with AWS WAF, a web application firewall. AWS Shield Advanced also gives you access to the AWS DDoS Response Team (DRT) and protection against DDoS related spikes in your ELB, CloudFront or Route 53 charges.

AWS Shield Advanced is available globally on all Amazon CloudFront and Amazon Route 53 edge locations. You can protect your web applications hosted anywhere in the world by deploying Amazon CloudFront in front of your application. Your origin servers can be Amazon S3, Amazon EC2, Elastic Load Balancing, or a custom server outside of AWS. You can also enable AWS Shield Advanced directly on Elastic Load Balancing in the following AWS Regions - Northern Virginia, Oregon, Ireland, and Tokyo. (June, 2017) Retrieved from: https://aws.amazon.com/shield/.

AWS Storage Gateway - Hybrid Cloud Storage

AWS Storage Gateway is a hybrid storage service that enables your on-premises applications to seamlessly use storage in the AWS Cloud. You can use the service for backup and archiving, disaster recovery, cloud bursting, storage tiering, and migration. Your applications connect to the service through a gateway appliance using standard storage protocols, such as NFS and iSCSI. The gateway connects to AWS storage services, such as Amazon S3, Amazon Glacier, and Amazon EBS, providing storage for files, volumes, and virtual tapes in AWS. The service includes a highly-optimized data transfer mechanism, with bandwidth management, automated network resilience, and efficient data transfer, along with a local cache for low-latency on-premises access to your most active data. (June, 2017) Retrieved from: https://aws.amazon.com/storagegateway/.

AWS Storage Gateway - Hybrid Cloud Storage

AWS Systems Manager - Gain operational insights and take action on AWS resources

AWS Systems Manager gives you visibility and control of your infrastructure on AWS. Systems Manager provides a unified user interface so you can view operational data from multiple AWS services and allows you to automate operational tasks across your AWS resources. With Systems Manager, you can group resources, like Amazon EC2 instances, Amazon S3 buckets, or Amazon RDS instances, by application, view operational data for monitoring and troubleshooting, and take action on your groups of resources. Systems Manager simplifies resource and application management, shortens the time to detect and resolve operational problems, and makes it easy to operate and manage your infrastructure securely at scale. (June, 2019) Retrieved from: https://aws.amazon.com/systems-manager/.

AWS Transfer for SFTP - Fully managed SFTP service

AWS Transfer for SFTP is a fully managed service that enables the transfer of files directly into and out of Amazon S3 using the Secure File Transfer Protocol (SFTP)—also known as Secure Shell (SSH) File Transfer Protocol. AWS helps you seamlessly migrate your file transfer workflows to AWS Transfer for SFTP—by integrating with existing authentication systems, and providing DNS routing with Amazon Route 53—so nothing changes for your customers and partners, or their applications. With your data in S3, you can use it with AWS services for processing, analytics, machine learning, and archiving. Getting started with AWS Transfer for SFTP (AWS SFTP) is easy; there is no infrastructure to buy and setup. (June, 2019) Retrieved from: https://aws.amazon.com/sftp/.

AWS X-Ray - Distributed Tracing System

AWS X-Ray helps developers analyze and debug production, distributed applications, such as those built using a microservices architecture. With X-Ray, you can understand how your application and its underlying services are performing to identify and troubleshoot the root cause of performance issues and errors. X-Ray provides an end-to-end view of requests as they travel through your application, and shows a map of your application’s underlying components. You can use X-Ray to analyze both applications in development and in production, from simple three-tier applications to complex microservices applications consisting of thousands of services. (June, 2017) Retrieved from: https://aws.amazon.com/xray/.

Amazon API Gateway - Fully Managed API Service

Amazon API Gateway is a fully managed service that makes it easy for developers to create, publish, maintain, monitor, and secure APIs at any scale. With a few clicks in the AWS Management Console, you can create an API that acts as a “front door” for applications to access data, business logic, or functionality from your back-end services, such as workloads running on Amazon Elastic Compute Cloud (Amazon EC2), code running on AWS Lambda, or any Web application. Amazon API Gateway handles all the tasks involved in accepting and processing up to hundreds of thousands of concurrent API calls, including traffic management, authorization and access control, monitoring, and API version management. Amazon API Gateway has no minimum fees or startup costs. You pay only for the API calls you receive and the amount of data transferred out. (June, 2017) Retrieved from: https://aws.amazon.com/api-gateway/.

AmazonAppStream - Securely Instant Access to Desktop Applications from Anywhere

Amazon AppStream 2.0 is a fully managed, secure application streaming service that allows you to stream desktop applications from AWS to an HTML 5 compatible web browser, without rewriting them. Amazon AppStream 2.0 can provide users instant-on access to the applications they need, with a responsive, fluid user experience. (June, 2018) Retrieved from: https://aws.amazon.com/appstream/.

Amazon Athena — Serverless Interactive Query Service

Amazon Athena is an interactive query service that makes it easy to analyze data in Amazon S3 using standard SQL. Athena is serverless, so there is no infrastructure to manage, and you pay only for the queries that you run.

Athena is easy to use. Simply point to your data in Amazon S3, define the schema, and start querying using standard SQL. Most results are delivered within seconds. With Athena, there’s no need for complex ETL jobs to prepare your data for analysis. This makes it easy for anyone with SQL skills to quickly analyze large-scale datasets. (June, 2017) Retrieved from: https://aws.amazon.com/athena/.

Amazon Chime - Online Meetings

Amazon Chime is designed to help you run productive and efficient online meetings from your mobile device or your desktop. Meetings start on time, they’re easy to join with a single tap or click, the visual roster shows who is participating, and anyone can mute background noise. It’s easy to participate, and you can join from anywhere. (June, 2017) Retrieved from: https://chime.aws/features/.

Amazon Chime - Online Meetings

Amazon Cloud Directory - Managed Cloud-native Directory Service

Amazon Cloud Directory enables you to build flexible cloud-native directories for organizing hierarchies of data along multiple dimensions. With Cloud Directory, you can create directories for a variety of use cases, such as organizational charts, course catalogs, and device registries. While traditional directory solutions, such as Active Directory Lightweight Directory Services (AD LDS) and other LDAP-based directories, limit you to a single hierarchy, Cloud Directory offers you the flexibility to create directories with hierarchies that span multiple dimensions. For example, you can create an organizational chart that can be navigated through separate hierarchies for reporting structure, location, and cost center.

Amazon Cloud Directory automatically scales to hundreds of millions of objects and provides an extensible schema that can be shared with multiple applications. As a fully-managed service, Cloud Directory eliminates time-consuming and expensive administrative tasks, such as scaling infrastructure and managing servers. You simply define the schema, create a directory, and then populate your directory by making calls to the Cloud Directory API. (June, 2017) Retrieved from: https://aws.amazon.com/cloud-directory/.

Amazon CloudFront - Content Delivery Network (CDN)

Amazon CloudFront Service Level Agreement. Amazon CloudFront is a global content delivery network (CDN) service that accelerates delivery of your websites, APIs, video content or other web assets. It integrates with other Amazon Web Services products to give developers and businesses an easy way to accelerate content to end users with no minimum usage commitments. Amazon CloudFront can be used to deliver your entire website, including dynamic, static, streaming, and interactive content using a global network of edge locations. Requests for your content are automatically routed to the nearest edge location, so content is delivered with the best possible performance. Amazon CloudFront is optimized to work with other Amazon Web Services, like Amazon Simple Storage Service (Amazon S3), Amazon Elastic Compute Cloud (Amazon EC2), Amazon Elastic Load Balancing, and Amazon Route 53. Amazon CloudFront also works seamlessly with any non-AWS origin server, which stores the original, definitive versions of your files. Like other Amazon Web Services products, there are no long-term contracts or minimum monthly usage commitments for using Amazon CloudFront - you pay only for as much or as little content as you actually deliver through the content delivery service. (June, 2017) Retrieved from: https://aws.amazon.com/cloudfront/.

Amazon CloudWatch - Cloud and Network Monitoring Services

Amazon CloudWatch is a monitoring service for AWS cloud resources and the applications you run on AWS. You can use Amazon CloudWatch to collect and track metrics, collect and monitor log files, set alarms, and automatically react to changes in your AWS resources. Amazon CloudWatch can monitor AWS resources such as Amazon EC2 instances, Amazon DynamoDB tables, and Amazon RDS DB instances, as well as custom metrics generated by your applications and services, and any log files your applications generate. You can use Amazon CloudWatch to gain system-wide visibility into resource utilization, application performance, and operational health. You can use these insights to react and keep your application running smoothly. (June, 2017) Retrieved from: https://aws.amazon.com/cloudwatch/.

Amazon Cognito - AWS User Authentication & Mobile Data Service

Amazon Cognito lets you easily add user sign-up and sign-in to your mobile and web apps. With Amazon Cognito, you also have the options to authenticate users through social identity providers such as Facebook, Twitter, or Amazon, with SAML identity solutions, or by using your own identity system. In addition, Amazon Cognito enables you to save data locally on users devices, allowing your applications to work even when the devices are offline. You can then synchronize data across users devices so that their app experience remains consistent regardless of the device they use. With Amazon Cognito, you can focus on creating great app experiences instead of worrying about building, securing, and scaling a solution to handle user management, authentication, and sync across devices. With Cognito Identity, you can easily and securely add sign-up and sign-in functionality to your mobile and web apps. Cognito Identity is fully managed and can scale to support hundreds of millions of users. You can also implement enhanced security features, such as email and phone number verification, and multi-factor authentication. In addition, Cognito Identity lets you customize workflows through AWS Lambda such as adding app-specific logic to user registration for fraud detection and user validation. Cognito Identity allows you to easily federate identities so that your users can sign-in through social identity providers such as Facebook, Twitter, Google, and Amazon or using your own identity solution. You can also let your users sign-in through identity providers that support Security Assertion Markup Language (SAML) such as Microsoft ADFS. When you use Amazon Cognito, your app is provided with temporary, limited-privilege credentials that it can use to access AWS resources. You can set granular access permissions on your AWS resources, for example, you can limit access to a folder within an S3 bucket to a particular app user, or enable unauthenticated users to access a restricted set of resources. (June, 2017) Retrieved from: https://aws.amazon.com/cognito/.

Amazon Connect - Simple to Use, Cloud-based Contact Center

Amazon Connect is a self-service, cloud-based contact center service that makes it easy for any business to deliver better customer service at lower cost. Amazon Connect is based on the same contact center technology used by Amazon customer service associates around the world to power millions of customer conversations. The self-service graphical interface in Amazon Connect makes it easy for non-technical users to design contact flows, manage agents, and track performance metrics - no specialized skills required. There are no up-front payments or long-term commitments and no infrastructure to manage with Amazon Connect; customers pay by the minute for Amazon Connect usage plus any associated telephony services. (June, 2017) Retrieved from: https://aws.amazon.com/connect/.

Amazon Detective - Analyze and visualize security data to rapidly get to the root cause of potential security issues

Amazon Detective makes it easy to analyze, investigate, and quickly identify the root cause of potential security issues or suspicious activities. Amazon Detective automatically collects log data from your AWS resources and uses machine learning, statistical analysis, and graph theory to build a linked set of data that enables you to easily conduct faster and more efficient security investigations.

AWS security services like Amazon GuardDuty, Amazon Macie, and AWS Security Hub as well as partner security products can be used to identify potential security issues, or findings. These services are really helpful in alerting you when something is wrong and pointing out where to go to fix it. But sometimes there might be a security finding where you need to dig a lot deeper and analyze more information to isolate the root cause and take action. Determining the root cause of security findings can be a complex process that often involves collecting and combining logs from many separate data sources, using extract, transform, and load (ETL) tools or custom scripting to organize the data, and then security analysts having to analyze the data and conduct lengthy investigations.

Amazon Detective simplifies this process by enabling your security teams to easily investigate and quickly get to the root cause of a finding. Amazon Detective can analyze trillions of events from multiple data sources such as Virtual Private Cloud (VPC) Flow Logs, AWS CloudTrail, and Amazon GuardDuty, and automatically creates a unified, interactive view of your resources, users, and the interactions between them over time. With this unified view, you can visualize all the details and context in one place to identify the underlying reasons for the findings, drill down into relevant historical activities, and quickly determine the root cause.

You can get started with Amazon Detective in just a few clicks in the AWS Console. There is no software to deploy, or data sources to enable and maintain. (June, 2020) Retrieved from: https://aws.amazon.com/detective/.

Amazon DocumentDB - Fast, scalable, highly available MongoDB compatible database

Amazon DocumentDB is designed from the ground-up to give you the performance, scalability, and availability you need when operating mission critical MongoDB workloads at scale. Amazon DocumentDB implements the Apache 2.0 open source MongoDB 3.6 API by emulating the responses that a MongoDB client expects from a MongoDB server, allowing you to use your existing MongoDB drivers and tools with Amazon DocumentDB. In Amazon DocumentDB, the storage and compute are decoupled, allowing each to scale independently, and you can increase the read capacity to millions of requests per second by adding up to 15 low latency read replicas in minutes, regardless of the size of your data. Amazon DocumentDB is designed for 99.99% availability and replicates six copies of your data across three AWS Availability Zones (AZs). You can use AWS Database Migration Service (DMS) for free (for six months) to easily migrate their on premises or Amazon Elastic Compute Cloud (EC2) MongoDB databases to Amazon DocumentDB with virtually no downtime. (June, 2019) Retrieved from: https://aws.amazon.com/documentdb/.

Amazon DynamoDB - NoSQL Cloud Database Service

Amazon DynamoDB is a fast and flexible NoSQL database service for all applications that need consistent, single-digit millisecond latency at any scale. It is a fully managed cloud database and supports both document and key-value store models. Its flexible data model and reliable performance make it a great fit for mobile, web, gaming, ad tech, IoT, and many other applications. Amazon DynamoDB is designed to deliver consistent, fast performance at any scale for all applications. Average service-side latencies are typically single-digit milliseconds. As your data volumes grow and application performance demands increase, Amazon DynamoDB uses automatic partitioning and SSD technologies to meet your throughput requirements and deliver low latencies at any scale. (June, 2017) Retrieved from: https://aws.amazon.com/dynamodb/.

Amazon EC2 - Elastic Compute Cloud Server & Hosting

Amazon EC2 Service Level Agreement. Amazon Elastic Compute Cloud (Amazon EC2) is a web service that provides resizable compute capacity in the cloud. Amazon EC2 enables you to increase or decrease capacity within minutes, not hours or days. You can commission one, hundreds or even thousands of server instances simultaneously. Of course, because this is all controlled with web service APIs, your application can automatically scale itself up and down depending on its needs. You have the choice of multiple instance types, operating systems, and software packages. Amazon EC2 allows you to select a configuration of memory, CPU, instance storage, and the boot partition size that is optimal for your choice of operating system and application. (June, 2017) Retrieved from: https://aws.amazon.com/ec2/. With On-Demand instances, you pay for compute capacity by the hour with no long-term commitments or upfront payments. You can increase or decrease your compute capacity depending on the demands of your application and only pay the specified hourly rate for the instances you use. For applications that have steady state or predictable usage, Reserved Instances can provide significant savings (up to 75%) compared to On-Demand instance pricing. A Dedicated Host is a physical EC2 server dedicated for your use. Dedicated Hosts can help you reduce costs by allowing you to use your existing server-bound software licenses, including Windows Server, SQL Server, and SUSE Linux Enterprise Server (subject to your license terms), and can also help you meet compliance requirements. Amazon EC2 Spot instances allow you to bid on spare Amazon EC2 computing capacity for up to 90% off the On-Demand price. (June, 2017) Retrieved from: https://aws.amazon.com/ec2/pricing/.

Amazon EC2 Container Registry - Docker Registry

Amazon EC2 Container Registry (ECR) is a fully-managed Docker container registry that makes it easy for developers to store, manage, and deploy Docker container images. Amazon ECR is integrated with Amazon EC2 Container Service (ECS), simplifying your development to production workflow. Amazon ECR eliminates the need to operate your own container repositories or worry about scaling the underlying infrastructure. Amazon ECR hosts your images in a highly available and scalable architecture, allowing you to reliably deploy containers for your applications. Integration with AWS Identity and Access Management (IAM) provides resource-level control of each repository. With Amazon ECR, there are no upfront fees or commitments. You pay only for the amount of data you store in your repositories and data transferred to the Internet. (June, 2017) Retrieved from: https://aws.amazon.com/ecr/.

AmazonECS - Amazon Elastic Container Service

Amazon Elastic Container Service (Amazon ECS) is a highly scalable, high-performance container orchestration service that supports Docker containers and allows you to easily run and scale containerized applications on AWS. Amazon ECS eliminates the need for you to install and operate your own container orchestration software, manage and scale a cluster of virtual machines, or schedule containers on those virtual machines.

With simple API calls, you can launch and stop Docker-enabled applications, query the complete state of your application, and access many familiar features such as IAM roles, security groups, load balancers, Amazon CloudWatch Events, AWS CloudFormation templates, and AWS CloudTrail logs. (June, 2018) Retrieved from: https://aws.amazon.com/ecs/.

Amazon EFS - Cloud File Storage

Amazon Elastic File System (Amazon EFS) provides simple, scalable file storage for use with Amazon EC2 instances in the AWS Cloud. Amazon EFS is easy to use and offers a simple interface that allows you to create and configure file systems quickly and easily. With Amazon EFS, storage capacity is elastic, growing and shrinking automatically as you add and remove files, so your applications have the storage they need, when they need it. When mounted to Amazon EC2 instances, an Amazon EFS file system provides a standard file system interface and file system access semantics, allowing you to seamlessly integrate Amazon EFS with your existing applications and tools. Multiple Amazon EC2 instances can access an Amazon EFS file system at the same time, allowing Amazon EFS to provide a common data source for workloads and applications running on more than one Amazon EC2 instance. It's designed for high availability and durability, and provides performance for a broad spectrum of workloads and applications, including Big Data and analytics, media processing workflows, content management, web serving, and home directories. (June, 2017) Retrieved from: https://aws.amazon.com/efs/.

Amazon EKS - Managed Kubernetes Service

Amazon Elastic Container Service for Kubernetes (Amazon EKS) makes it easy to deploy, manage, and scale containerized applications using Kubernetes on AWS. Amazon EKS runs the Kubernetes management infrastructure for you across multiple AWS availability zones to eliminate a single point of failure. Amazon EKS is certified Kubernetes conformant so you can use existing tooling and plugins from partners and the Kubernetes community. Applications running on any standard Kubernetes environment are fully compatible and can be easily migrated to Amazon EKS. (June, 2018) Retrieved from: https://aws.amazon.com/eks/.

Amazon Elasticsearch Service - Fullt Managed Search and Analytics Service

Amazon Elasticsearch Service makes it easy to deploy, operate, and scale Elasticsearch for log analytics, full text search, application monitoring, and more. Amazon Elasticsearch Service is a fully managed service that delivers Elasticsearch’s easy-to-use APIs and real-time capabilities along with the availability, scalability, and security required by production workloads. The service offers built-in integrations with Kibana, Logstash, and AWS services including Amazon Kinesis Firehose, AWS Lambda, and Amazon CloudWatch so that you can go from raw data to actionable insights quickly. It’s easy to get started with Amazon Elasticsearch Service. You can set up and configure your Amazon Elasticsearch Service domain in minutes from the AWS Management Console. Amazon Elasticsearch Service provisions all the resources for your domain and launches it. The service automatically detects and replaces failed Elasticsearch nodes, reducing the overhead associated with self-managed infrastructure and Elasticsearch software. Amazon Elasticsearch Service allows you to easily scale your cluster via a single API call or a few clicks in the console. With Amazon Elasticsearch Service, you get direct access to the Elasticsearch open-source API so that code and applications you’re already using with your existing Elasticsearch environments will work seamlessly. (June, 2017) Retrieved from: https://aws.amazon.com/elasticsearch-service/.

Amazon ElastiCache - In-memory Data Store and Cache

Amazon ElastiCache is a web service that makes it easy to deploy, operate, and scale an in-memory data store or cache in the cloud. The service improves the performance of web applications by allowing you to retrieve information from fast, managed, in-memory data stores, instead of relying entirely on slower disk-based databases. Amazon ElastiCache supports two open-source in-memory engines: Redia and Memchached. Amazon ElastiCache automatically detects and replaces failed nodes, reducing the overhead associated with self-managed infrastructures and provides a resilient system that mitigates the risk of overloaded databases, which slow website and application load times. Through integration with Amazon CloudWatch, Amazon ElastiCache provides enhanced visibility into key performance metrics associated with your Redis or Memcached nodes. (June, 2017) Retrieved from: https://aws.amazon.com/elasticache/.

Amazon FSx - Fully managed third-party file systems

Amazon FSx provides fully managed third-party file systems. Amazon FSx provides you with the native compatibility of third-party file systems with feature sets for workloads such as Windows-based storage, high-performance computing (HPC), machine learning, and electronic design automation (EDA). You don’t have to worry about managing file servers and storage, as Amazon FSx automates the time-consuming administration tasks such as hardware provisioning, software configuration, patching, and backups. Amazon FSx integrates the file systems with cloud-native AWS services, making them even more useful for a broader set of workloads. (June, 2019) Retrieved from: https://aws.amazon.com/fsx/.

Amazon Glacier - Cloud Archive

Amazon Glacier is a secure, durable, and extremely low-cost cloud storage service for data archiving and long-term backup. Customers can reliably store large or small amounts of data for as little as $0.007 per gigabyte per month, a significant savings compared to on-premises solutions. To keep costs low, Amazon Glacier is optimized for infrequently accessed data where a retrieval time of several hours is suitable. You pay for what you need, with no minimum commitments or up-front fees. Amazon Glacier supports data transfer over SSL and automatically encrypts your data at rest. You can also control access to your data using AWS Identity and Access Management (IAM). Amazon Glacier provides a highly durable storage infrastructure designed for long-term backup and archive. Your data is redundantly stored across multiple facilities and multiple devices in each facility. Through Amazon S3 lifecycle policies, you can optimize your storage costs by moving infrequently accessed objects from Amazon S3 to Amazon Glacier (or vice-versa). (June, 2017) Retrieved from: https://aws.amazon.com/glacier/.

Amazon GuardDuty - Intelligent Threat Detection

Amazon GuardDuty is a managed threat detection service that continuously monitors for malicious or unauthorized behavior to help you protect your AWS accounts and workloads. It monitors for activity such as unusual API calls or potentially unauthorized deployments that indicate a possible account compromise. GuardDuty also detects potentially compromised instances or reconnaissance by attackers.

Enabled with a few clicks in the AWS Management Console, Amazon GuardDuty can immediately begin analyzing billions of events across your AWS accounts for signs of risk. GuardDuty identifies suspected attackers through integrated threat intelligence feeds and uses machine learning to detect anomalies in account and workload activity. When a potential threat is detected, the service delivers a detailed security alert to the GuardDuty console and AWS CloudWatch Events. This makes alerts actionable and easy to integrate into existing event management and workflow systems. (June, 2018) Retrieved from: https://aws.amazon.com/guardduty/.

Amazon Inspector - Automated Security Assessment Service

Amazon Inspector is an automated security assessment service that helps improve the security and compliance of applications deployed on AWS. Amazon Inspector automatically assesses applications for vulnerabilities or deviations from best practices. After performing an assessment, Amazon Inspector produces a detailed list of security findings prioritized by level of severity. These findings can be reviewed directly or as part of detailed assessment reports which are available via the Amazon Inspector console or API. To help you get started quickly, Amazon Inspector includes a knowledge base of hundreds of rules mapped to common security best practices and vulnerability definitions. Examples of built-in rules include checking for remote root login being enabled, or vulnerable software versions installed. These rules are regularly updated by AWS security researchers. (June, 2017) Retrieved from: https://aws.amazon.com/inspector/.

Amazon Inspector - Automated Security Assessment Service

Amazon Kendra - Enterprise search service powered by machine learning

Amazon Kendra is a highly accurate and easy to use enterprise search service that’s powered by machine learning. Kendra delivers powerful natural language search capabilities to your websites and applications so your end users can more easily find the information they need within the vast amount of content spread across your company.

Use natural language questions instead of just simple keywords to get the answers you’re looking for, whether that is a precise answer, an FAQ, or an entire document. Say goodbye to sifting through long lists of links and hoping one has the information you need.

Get rid of information silos. Kendra lets you easily add content from file systems, SharePoint, intranet sites, file sharing services, and more, into a centralized location so you can quickly search all of your information to find the best answer.

Your results get better over time search, because Kendra’s machine learning algorithms learn which results your users find most valuable. You also have the option to fine-tune results by manually adjusting the importance of certain data sources or document freshness. (June, 2020) Retrieved from: https://aws.amazon.com/kendra/.

Amazon Kinesis - Easily Collect, Process, and Analyze Real-time, Streaming Data

Amazon Kinesis makes it easy to collect, process, and analyze real-time, streaming data so you can get timely insights and react quickly to new information. Amazon Kinesis offers key capabilities to cost effectively process streaming data at any scale, along with the flexibility to choose the tools that best suit the requirements of your application. With Amazon Kinesis, you can ingest real-time data such as application logs, website clickstreams, IoT telemetry data, and more into your databases, data lakes and data warehouses, or build your own real-time applications using this data. Amazon Kinesis enables you to process and analyze data as it arrives and respond in real-time instead of having to wait until all your data is collected before the processing can begin. (June, 2017) Retrieved from: https://aws.amazon.com/kinesis/.

Amazon Kinesis Analytics - Get Actionable Insights from Streaming Data in Real-time

Amazon Kinesis Analytics is the easiest way to process streaming data in real time with standard SQL without having to learn new programming languages or processing frameworks. Amazon Kinesis Analytics enables you to query streaming data or build entire streaming applications using SQL, so that you can gain actionable insights and respond to your business and customer needs promptly. Amazon Kinesis Analytics takes care of everything required to run your queries continuously and scales automatically to match the volume and throughput rate of your incoming data. With Amazon Kinesis Analytics, you only pay for the resources your queries consume. There is no minimum fee or setup cost. (June, 2017) Retrieved from: https://aws.amazon.com/kinesis/analytics/.

Amazon Kinesis Firehose - Easily Prepare and Load Real-time Streaming Data into AWS

Amazon Kinesis Firehose is the easiest way to load streaming data into AWS. It can capture, transform, and load streaming data into Amazon Kinesis Analytics, Amazon S3, Amazon Redshift, and Amazon Elasticsearch Service, enabling near real-time analytics with existing business intelligence tools and dashboards you’re already using today. It is a fully managed service that automatically scales to match the throughput of your data and requires no ongoing administration. It can also batch, compress, and encrypt the data before loading it, minimizing the amount of storage used at the destination and increasing security. You can easily create a Firehose delivery stream from the AWS Management Console, configure it with a few clicks, and start sending data to the stream from hundreds of thousands of data sources to be loaded continuously to AWS - all in just a few minutes. With Amazon Kinesis Firehose, you only pay for the amount of data you transmit through the service. There is no minimum fee or setup cost. (June, 2017) Retrieved from: https://aws.amazon.com/kinesis/firehose/.

Amazon Lex - Build Conversation Bots

Amazon Lex is a service for building conversational interfaces into any application using voice and text. Amazon Lex provides the advanced deep learning functionalities of automatic speech recognition (ASR) for converting speech to text, and natural language understanding (NLU) to recognize the intent of the text, to enable you to build applications with highly engaging user experiences and lifelike conversational interactions. With Amazon Lex, the same deep learning technologies that power Amazon Alexa are now available to any developer, enabling you to quickly and easily build sophisticated, natural language, conversational bots (“chatbots”). Speech recognition and natural language understanding are some of the most challenging problems to solve in computer science, requiring sophisticated deep learning algorithms to be trained on massive amounts of data and infrastructure. Amazon Lex democratizes these deep learning technologies by putting the power of Amazon Alexa within reach of all developers. Harnessing these technologies, Amazon Lex enables you to define entirely new categories of products made possible through conversational interfaces. As a fully managed service, Amazon Lex scales automatically, so you don’t need to worry about managing infrastructure. With Amazon Lex, you pay only for what you use. There are no upfront commitments or minimum fees. (June, 2017) Retrieved from: https://aws.amazon.com/lex/.

Amazon MQ - Managed message broker service for Apache ActiveMQ

Amazon MQ is a managed message broker service for Apache ActiveMQ that makes it easy to set up and operate message brokers in the cloud. Message brokers allow different software systems-often using different programming languages, and on different platforms-to communicate and exchange information. Messaging is the communications backbone that connects and integrates the components of distributed applications, such as order processing, inventory management, and order fulfillment for e-commerce. Amazon MQ manages the administration and maintenance of ActiveMQ, a popular open-source message broker. The underlying infrastructure is automatically provisioned for high availability and message durability to support the reliability of your applications. With Amazon MQ, you get direct access to the ActiveMQ console and industry standard APIs and protocols for messaging, including JMS, NMS, AMQP, STOMP, MQTT, and WebSocket. You can easily move from any message broker that uses these standards to Amazon MQ because you don’t have to rewrite any messaging code in your applications. (June, 2018) Retrieved from: https://aws.amazon.com/amazon-mq/.

Amazon Managed Streaming for Apache Kafka

Amazon MSK is a fully managed service that makes it easy for you to build and run applications that use Apache Kafka to process streaming data. Apache Kafka is an open-source platform for building real-time streaming data pipelines and applications. With Amazon MSK, you can use Apache Kafka APIs to populate data lakes, stream changes to and from databases, and power machine learning and analytics applications. (June, 2019) Retrieved from: https://aws.amazon.com/msk/.

Amazon Neptune - Fast, Reliable Graph Database built for the cloud

Amazon Neptune is a fast, reliable, fully-managed graph database service that makes it easy to build and run applications that work with highly connected datasets. The core of Amazon Neptune is a purpose-built, high-performance graph database engine optimized for storing billions of relationships and querying the graph with milliseconds latency. Amazon Neptune supports popular graph models Property Graph and W3C's RDF, and their respective query languages Apache TinkerPop Gremlin and SPARQL, allowing you to easily build queries that efficiently navigate highly connected datasets. Neptune powers graph use cases such as recommendation engines, fraud detection, knowledge graphs, drug discovery, and network security.

Amazon Neptune is highly available, with read replicas, point-in-time recovery, continuous backup to Amazon S3, and replication across Availability Zones. Neptune is secure, with support for encryption at rest and in transit. Neptune is fully-managed, so you no longer need to worry about database management tasks such as hardware provisioning, software patching, setup, configuration, or backups. (June, 2018) Retrieved from: https://aws.amazon.com/neptune/.

Amazon Pinpoint - Targeted Push Notifications & Mobile Engagement

Amazon Pinpoint makes it easy to message users directly from your application or backend service, or run targeted campaigns to drive user engagement. Amazon Pinpoint helps you understand user behavior, select the best channel to engage users, determine the most effective messages to send, schedule the best time to deliver the messages, and then track user engagement. Amazon Pinpoint lets you send messages using a variety of channels, including Email, Text Messages (SMS) and Mobile Push Notifications so you can send the appropriate message using the best channel for a particular campaign or interaction. Getting started with Amazon Pinpoint is easy. You can message individual users from the console by creating a project, selecting the channel, and then defining the message to send. To engage segments of users via targeted campaigns, the console guides you through the process of defining your target segments, campaign message, and delivery schedule. Once your campaign is running, Amazon Pinpoint provides metrics so you can run analytics and track the impact of your campaign. With Amazon Pinpoint, there are no upfront setup or fixed monthly costs. You only pay for the number of users you target, the messages you send, and the application events you collect, so you can start small and scale as your application grows. (June, 2017) Retrieved from: https://aws.amazon.com/pinpoint/.

Amazon Polly - Lifelike Text-to-Speech

Amazon Polly is a service that turns text into lifelike speech. Amazon Polly lets you create applications that talk, enabling you to build entirely new categories of speech-enabled products. Amazon Polly is an Amazon AI service that uses advanced deep learning technologies to synthesize speech that sounds like a human voice. Amazon Polly includes dozens of lifelike voices across a variety of languages, so you can select the ideal voice and build speech-enabled applications that work in many different countries. Amazon Polly delivers the consistently fast response times required to support real-time, interactive dialog. You can cache and save Amazon Polly’s speech audio to replay offline or redistribute. And Amazon Polly is easy to use. You simply send the text you want converted into speech to the Amazon Polly API, and Amazon Polly immediately returns the audio stream to your application so your application can play it directly or store it in a standard audio file format, such as MP3. With Amazon Polly, you only pay for the number of characters you convert to speech, and you can save and replay Amazon Polly’s generated speech. Amazon Polly’s low cost per character converted, and lack of restrictions on storage and reuse of voice output, make it a cost-effective way to enable Text-to-Speech everywhere. (June, 2017) Retrieved from: https://aws.amazon.com/polly/.

Amazon QuickSight - Business Intelligence for Big Data

Amazon QuickSight is a fast, cloud-powered business analytics service that makes it easy to build visualizations, perform ad-hoc analysis, and quickly get business insights from your data. Using our cloud-based service you can easily connect to your data, perform advanced analysis, and create stunning visualizations and rich dashboards that can be accessed from any browser or mobile device. Go from zero to analytics expert in minutes. Just log in, point to a data source, and create your first visualization in minutes. QuickSight suggests the best visualizations for your data using its innovative AutoGraph technology. You can import massive amounts of data from various data sources; our Super-fast, Parallel, In-memory, Calculation Engine (SPICE) works in the cloud to get you fast responses - just connect to your data, visualize and share. QuickSight is 1/10th of the cost of traditional BI solutions with no upfront investments, no expensive hardware to purchase or infrastructure to manage, and no additional license or maintenance fees. (June, 2017) Retrieved from: https://quicksight.aws/.

Amazon RDS - Relational Database Service

Amazon RDS Service Level Agreement. Amazon Relational Database Service (Amazon RDS) makes it easy to set up, operate, and scale a relational database in the cloud. It provides cost-efficient and resizable capacity while managing time-consuming database administration tasks, freeing you up to focus on your applications and business. Amazon RDS provides you six familiar database engines to choose from, including Amazon Aurora, Oracle, Microsoft SQL Server, PostgreSQL, MySQL and MariaDB. (June, 2017) Retrieved from: https://aws.amazon.com/rds/. On-Demand Instances let you pay for your database by the hour with no long-term commitments or upfront fees. This frees you from the cost and complexity of planning and purchasing database capacity ahead of your needs. On-Demand pricing lets you pay as you go and is ideal for development, test and other short-lived workloads. Instance pricing applies to both Primary instances, used for read-write workloads, and Amazon Aurora Replicas, used to scale reads and enhance failover. Amazon RDS Multi-AZ technology is used to failover to one of your Replicas if an outage occurs. To maximize availability, we recommend placing at least one Replica in a different Availability Zone from the Primary instance. Reserved Instances are appropriate for steady-state database workloads and offer significant savings over On-Demand. One Year Reserved Instances provide discounts up to 44% and Three Year Reserved Instances provide discounts of up to 63% over On-Demand. You commit to the entire duration of the Reserved Instance term and pay an upfront charge and a discounted hourly rate as shown below. You will be billed for each hour of the term regardless of whether any usage has occurred. Backup storage is the storage associated with your automated database backups and any user-initiated DB Snapshots you have taken. Increasing your backup retention period or taking DB Snapshots may increase the backup storage consumed by your database. There is no additional charge for backup storage up to 100% of your consumed database storage for an active DB Instance. For example, if you have an active DB Instance with 10GB-month of consumed database storage, we will provide up to 10GB-month of backup storage at no additional charge. Backup storage beyond this amount and backups stored after your DB Instance is terminated are billed at standard Amazon S3 rates. (June, 2017) Retrieved from: https://aws.amazon.com/rds/pricing.

Amazon Redshift - Data Warehouse Solution

Amazon Redshift is a fast, fully managed, petabyte-scale data warehouse that makes it simple and cost-effective to analyze all your data using your existing business intelligence tools. Start small for $0.25 per hour with no commitments and scale to petabytes for $1,000 per terabyte per year, less than a tenth the cost of traditional solutions. Customers typically see 3x compression, reducing their costs to $333 per uncompressed terabyte per year. Amazon Redshift delivers fast query performance by using columnar storage technology to improve I/O efficiency and parallelizing queries across multiple nodes. Data load speed scales linearly with cluster size, with integrations to Amazon S3, Amazon DynamoDB, Amazon Elastic MapReduce, Amazon Kinesis or any SSH-enabled host. (June, 2017) Retrieved from: https://aws.amazon.com/redshift/.

Amazon Rekognition - Deep Learning-based Image Recognition

Amazon Rekognition is a service that makes it easy to add image analysis to your applications. With Rekognition, you can detect objects, scenes, faces; recognize celebrities; and identify inappropriate content in images. You can also search and compare faces. Rekognition’s API enables you to quickly add sophisticated deep learning-based visual search and image classification to your applications. Amazon Rekognition is based on the same proven, highly scalable, deep learning technology developed by Amazon’s computer vision scientists to analyze billions of images daily for Prime Photos. Amazon Rekognition uses deep neural network models to detect and label thousands of objects and scenes in your images, and we are continually adding new labels and facial recognition features to the service.

Rekognition’s API lets you easily build powerful visual search and discovery into your applications. With Amazon Rekognition, you only pay for the images you analyze and the face metadata you store. There are no minimum fees and there are no upfront commitments. (June, 2017) Retrieved from: https://aws.amazon.com/rekognition/.

Amazon Route 53 - Domain Name Service

Amazon Route 53 is a highly available and scalable cloud Domain Name System (DNS) web service. Amazon Route 53 effectively connects user requests to infrastructure running in AWS - such as Amazon EC2 instances, Elastic Load Balancing load balancers, or Amazon S3 buckets - and can also be used to route users to infrastructure outside of AWS. You can use Amazon Route 53 to configure DNS health checks to route traffic to healthy endpoints or to independently monitor the health of your application and its endpoints. Amazon Route 53 Traffic Flow makes it easy for you to manage traffic globally through a variety of routing types, including Latency Based Routing, Geo DNS, and Weighted Round Robin-all of which can be combined with DNS Failover in order to enable a variety of low-latency, fault-tolerant architectures. Using Amazon Route 53 Traffic Flow's simple visual editor, you can easily manage how your end-users are routed to your application's endpoints-whether in a single AWS region or distributed around the globe. Amazon Route 53 also offers Domain Name Registration - you can purchase and manage domain names such as example.com and Amazon Route 53 will automatically configure DNS settings for your domains. (June, 2017) Retrieved from: https://aws.amazon.com/route53/.

Amazon S3 - Simple Storage Service

Amazon S3 Service Level Agreement. Amazon Simple Storage Service (Amazon S3), provides developers and IT teams with secure, durable, highly-scalable cloud storage. Amazon S3 is easy to use object storage, with a simple web service interface to store and retrieve any amount of data from anywhere on the web. With Amazon S3, you pay only for the storage you actually use. There is no minimum fee and no setup cost. Amazon S3 offers a range of storage classes designed for different use cases including Amazon S3 Standard for general-purpose storage of frequently accessed data, Amazon S3 Standard - Infrequent Access (Standard - IA) for long-lived, but less frequently accessed data, and Amazon Glacier for long-term archive. Amazon S3 also offers configurable lifecycle policies for managing your data throughout its lifecycle. Once a policy is set, your data will automatically migrate to the most appropriate storage class without any changes to your applications. Amazon S3 can be used alone or together with other AWS services such as Amazon Elastic Compute Cloud (Amazon EC2) and AWS Identity and Access Management (IAM), as well as cloud data migration services and gateways for initial or ongoing data ingestion. Amazon S3 provides cost-effective object storage for a wide variety of use cases including backup and recovery, nearline archive, big data analytics, disaster recovery, cloud applications, and content distribution. (June, 2017) Retrieved from: https://aws.amazon.com/s3/.

Amazon S3 - Simple Storage Service

Amazon SES - Simple Email Service

Amazon Simple Email Service (Amazon SES) is a cost-effective email service built on the reliable and scalable infrastructure that Amazon.com developed to serve its own customer base. With Amazon SES, you can send and receive email with no required minimum commitments - you pay as you go, and you only pay for what you use. Amazon SES runs within Amazon's cloud network infrastructure and datacenters. Multiple servers and datacenters provide high availability and data durability. There are no up-front fees or fixed expenses with Amazon SES. You pay low charges for the number of emails sent, number of emails received, data transfer fees, and attachments. Amazon SES takes proactive steps to maximize the percentage of your emails that arrive in your recipients' inboxes. (June, 2017) Retrieved from: https://aws.amazon.com/ses/.

Amazon Simple Notification Service - Pub/Sub Messaging and Mobile Notifications

Amazon Simple Notification Service (SNS) is a flexible, fully managed pub/sub messaging and mobile notifications service for coordinating the delivery of messages to subscribing endpoints and clients. With SNS you can fan-out messages to a large number of subscribers, including distributed systems and services, and mobile devices. It is easy to set up, operate, and reliably send notifications to all your endpoints - at any scale. You can get started using SNS in a matter of minutes using the AWS Management Console, AWS Command Line Interface, or using the AWS SDK with just three simple APIs. SNS eliminates the complexity and overhead associated with managing and operating dedicated messaging software and infrastructure. (June, 2017) Retrieved from: https://aws.amazon.com/sns/.

Amazon Simple Workflow Service - Cloud Workflow Development

Amazon SWF helps developers build, run, and scale background jobs that have parallel or sequential steps. You can think of Amazon SWF as a fully-managed state tracker and task coordinator in the Cloud.

If your app's steps take more than 500 milliseconds to complete, you need to track the state of processing, and you need to recover or retry if a task fails, Amazon SWF can help you.

Amazon SWF promotes a separation between the control flow of your background job's stepwise logic and the actual units of work that contain your unique business logic. This allows you to separately manage, maintain, and scale "state machinery" of your application from the core business logic that differentiates it. As your business requirements change, you can easily change application logic without having to worry about the underlying state machinery, task dispatch, and flow control.

Amazon SWF runs within Amazon’s high-availability data centers, so the state tracking and task processing engine is available whenever applications need them. Amazon SWF redundantly stores the tasks, reliably dispatches them to application components, tracks their progress, and keeps their latest state. (June, 2017) Retrieved from: https://aws.amazon.com/swf/.

Amazon SageMaker - Machine Learning Platform

Amazon SageMaker is a fully-managed platform that enables developers and data scientists to quickly and easily build, train, and deploy machine learning models at any scale. Amazon SageMaker removes all the barriers that typically slow down developers who want to use machine learning.

Machine learning often feels a lot harder than it should be to most developers because the process to build and train models, and then deploy them into production is too complicated and too slow. First, you need to collect and prepare your training data to discover which elements of your data set are important. Then, you need to select which algorithm and framework you’ll use. After deciding on your approach, you need to teach the model how to make predictions by training, which requires a lot of compute. Then, you need to tune the model so it delivers the best possible predictions, which is often a tedious and manual effort. After you’ve developed a fully trained model, you need to integrate the model with your application and deploy this application on infrastructure that will scale. All of this takes a lot of specialized expertise, access to large amounts of compute and storage, and a lot of time to experiment and optimize every part of the process. In the end, it's not a surprise that the whole thing feels out of reach for most developers. (June, 2018) Retrieved from: https://aws.amazon.com/sagemaker/.

Amazon States Language - AWS Step Functions

AWS Step Functions makes it easy to coordinate the components of distributed applications and microservices using visual workflows. Building applications from individual components that each perform a discrete function lets you scale and change applications quickly. Step Functions is a reliable way to coordinate components and step through the functions of your application. Step Functions provides a graphical console to arrange and visualize the components of your application as a series of steps. This makes it simple to build and run multistep applications. Step Functions automatically triggers and tracks each step, and retries when there are errors, so your application executes in order and as expected. Step Functions logs the state of each step, so when things do go wrong, you can diagnose and debug problems quickly. You can change and add steps without even writing code, so you can easily evolve your application and innovate faster.

AWS Step Functions is part of the AWS Serverless Platform, and makes it simple to orchestrate AWS Lambda functions for serverless applications. You can also use Step Functions for microservices orchestration using compute resources such as Amazon EC2 and Amazon ECS.

AWS Step Functions manages the operations and underlying infrastructure for you to help ensure your application is available at any scale. (June, 2017) Retrieved from: https://aws.amazon.com/step-functions/.

Amazon Textract | Extract Text & Data

Amazon Textract is a service that automatically extracts text and data from scanned documents. Amazon Textract goes beyond simple optical character recognition (OCR) to also identify the contents of fields in forms and information stored in tables. (June, 2019) Retrieved from: https://aws.amazon.com/textract/.

Amazon VPC - Virtual Private Cloud

Amazon Virtual Private Cloud (Amazon VPC) lets you provision a logically isolated section of the Amazon Web Services (AWS) cloud where you can launch AWS resources in a virtual network that you define. You have complete control over your virtual networking environment, including selection of your own IP address range, creation of subnets, and configuration of route tables and network gateways. You can easily customize the network configuration for your Amazon Virtual Private Cloud. For example, you can create a public-facing subnet for your webservers that has access to the Internet, and place your backend systems such as databases or application servers in a private-facing subnet with no Internet access. You can leverage multiple layers of security, including security groups and network access control lists, to help control access to Amazon EC2 instances in each subnet. Additionally, you can create a Hardware Virtual Private Network (VPN) connection between your corporate datacenter and your VPC and leverage the AWS cloud as an extension of your corporate datacenter. (June, 2017) Retrieved from: https://aws.amazon.com/vpc/.

Amazon WorkSpaces - Virtual Desktops in the Cloud

Amazon WorkSpaces is a fully managed, secure Desktop-as-a-Service (DaaS) solution which runs on AWS. With Amazon WorkSpaces, you can easily provision virtual, cloud-based Microsoft Windows desktops for your users, providing them access to the documents, applications, and resources they need, anywhere, anytime, from any supported device. With just a few clicks in the AWS Management Console, you can deploy high-quality cloud desktops for any number of users. With Amazon WorkSpaces, you pay either monthly or hourly just for the Amazon WorkSpaces you launch, which helps you save money when compared to traditional desktops and on-premises Virtual Desktop Infrastructure (VDI) solutions. In a recent whitepaper, sponsored by AWS, Enterprise Strategy Group draws on research to highlight how Desktop-as-a-Service offerings like Amazon WorkSpaces can benefit organizations today. (June, 2017) Retrieved from: https://aws.amazon.com/workspaces/.

Amazon Hardware Security Module

The AWS CloudHSM service helps you meet corporate, contractual and regulatory compliance requirements for data security by using dedicated Hardware Security Module (HSM) appliances within the AWS cloud. With CloudHSM, you control the encryption keys and cryptographic operations performed by the HSM. AWS and AWS Marketplace partners offer a variety of solutions for protecting sensitive data within the AWS platform, but for applications and data subject to rigorous contractual or regulatory requirements for managing cryptographic keys, additional protection is sometimes necessary. Until now, your only option was to store the sensitive data (or the encryption keys protecting the sensitive data) in your on-premises datacenters. Unfortunately, this either prevented you from migrating these applications to the cloud or significantly slowed their performance. The AWS CloudHSM service allows you to protect your encryption keys within HSMs designed and validated to government standards for secure key management. You can securely generate, store, and manage the cryptographic keys used for data encryption such that they are accessible only by you. AWS CloudHSM helps you comply with strict key management requirements without sacrificing application performance. The AWS CloudHSM service works with Amazon Virtual Private Cloud (VPC). CloudHSM instances are provisioned inside your VPC with an IP address that you specify, providing simple and private network connectivity to your Amazon Elastic Compute Cloud (EC2) instances. Placing CloudHSM instances near your EC2 instances decreases network latency, which can improve application performance. AWS provides dedicated and exclusive (single tenant) access to CloudHSM instances, isolated from other AWS customers. Available in multiple Regions and Availability Zones (AZs), AWS CloudHSM allows you to add secure and durable key storage to your applications. (June, 2017) Retrieved from: https://aws.amazon.com/cloudhsm/.

AWS CodeBuild - Fully Managed Build Service

AWS CodeBuild is a fully managed build service that compiles source code, runs tests, and produces software packages that are ready to deploy. With CodeBuild, you don’t need to provision, manage, and scale your own build servers. CodeBuild scales continuously and processes multiple builds concurrently, so your builds are not left waiting in a queue. You can get started quickly by using prepackaged build environments, or you can create custom build environments that use your own build tools. With CodeBuild, you are charged by the minute for the compute resources you use. AWS CodeBuild eliminates the need to set up, patch, update, and manage your own build servers and software. There is no software to install or manage. AWS CodeBuild scales automatically to meet your build volume. It immediately processes each build you submit and can run separate builds concurrently, which means your builds are not left waiting in a queue. With AWS CodeBuild, you are charged based on the number of minutes it takes to complete your build. This means you no longer have to worry about paying for idle build server capacity. You can bring your own build tools and programming runtimes to use with AWS CodeBuild by creating customized build environments in addition to the prepackaged build tools and runtimes supported by CodeBuild. AWS CodeBuild belongs to a family of AWS Code Services, which you can use to create complete, automated software release workflows for continuous integration and delivery (CI/CD). You can also integrate CodeBuild into your existing CI/CD workflow. For example, you can use CodeBuild as a worker node for your existing Jenkins server setup for distributed builds. With AWS CodeBuild, your build artifacts are encrypted with customer-specific keys that are managed by the AWS Key Management Service (KMS). CodeBuild is integrated with AWS Identity and Access Management (IAM), so you can assign user-specific permissions to your build projects. (June, 2017) Retrieved from: https://aws.amazon.com/codebuild/.

Amazon Connect - Simple to Use, Cloud-based Contact Center Telecommunications

Amazon Connect is a self-service, cloud-based contact center service that makes it easy for any business to deliver better customer service at lower cost. Amazon Connect is based on the same contact center technology used by Amazon customer service associates around the world to power millions of customer conversations. The self-service graphical interface in Amazon Connect makes it easy for non-technical users to design contact flows, manage agents, and track performance metrics - no specialized skills required. There are no up-front payments or long-term commitments and no infrastructure to manage with Amazon Connect; customers pay by the minute for Amazon Connect usage plus any associated telephony services. (June, 2019) Retrieved from: https://aws.amazon.com/connect/.

Amazon Elastic Map Reduce - Easily Run and Scale Big Data Frameworks

Amazon EMR provides a managed Hadoop framework that makes it easy, fast, and cost-effective to process vast amounts of data across dynamically scalable Amazon EC2 instances. You can also run other popular distributed frameworks such as Apache Spark, HBase, Presto, and Flink in Amazon EMR, and interact with data in other AWS data stores such as Amazon S3 and Amazon DynamoDB.

Amazon EMR securely and reliably handles a broad set of big data use cases, including log analysis, web indexing, data transformations (ETL), machine learning, financial analysis, scientific simulation, and bioinformatics. (June, 2017) Retrieved from: https://aws.amazon.com/emr/.

Snowball Ingestion - Petabyte-scale Data Transport

Snowball is a petabyte-scale data transport solution that uses secure appliances to transfer large amounts of data into and out of the AWS cloud. Using Snowball addresses common challenges with large-scale data transfers including high network costs, long transfer times, and security concerns. Transferring data with Snowball is simple, fast, secure, and can be as little as one-fifth the cost of highspeed Internet.

With Snowball, you don’t need to write any code or purchase any hardware to transfer your data. Simply create a job in the AWS Management Console and a Snowball appliance will be automatically shipped to you*. Once it arrives, attach the appliance to your local network, download and run the Snowball client to establish a connection, and then use the client to select the file directories that you want to transfer to the appliance. The client will then encrypt and transfer the files to the appliance at high speed. Once the transfer is complete and the appliance is ready to be returned, the E Ink shipping label will automatically update and you can track the job status via Amazon Simple Notification Service (SNS), text messages, or directly in the Console. (June, 2017) Retrieved from: https://aws.amazon.com/snowball/.

AWS IoT Device Defender - Security management for IoT devices

AWS IoT Device Defender is a fully managed service that helps you secure your fleet of IoT devices. AWS IoT Device Defender continuously audits your IoT configurations to make sure that they aren’t deviating from security best practices. A configuration is a set of technical controls you set to help keep information secure when devices are communicating with each other and the cloud. AWS IoT Device Defender makes it easy to maintain and enforce IoT configurations, such as ensuring device identity, authenticating and authorizing devices, and encrypting device data. AWS IoT Device Defender continuously audits the IoT configurations on your devices against a set of predefined security best practices. AWS IoT Device Defender sends an alert if there are any gaps in your IoT configuration that might create a security risk, such as identity certificates being shared across multiple devices or a device with a revoked identity certificate trying to connect to AWS IoT Core. (June, 2019) Retrieved from: https://aws.amazon.com/iot-device-defender/.

AWS IoT Device Management - Onboard, organize, monitor, and remotely manage connected devices at scale

AWS IoT Device Management makes it easy to securely onboard, organize, monitor, and remotely manage IoT devices at scale. With AWS IoT Device Management, you can register your connected devices individually or in bulk, and easily manage permissions so that devices remain secure. You can also organize your devices, monitor and troubleshoot device functionality, query the state of any IoT device in your fleet, and send firmware updates over-the-air (OTA). AWS IoT Device Management is agnostic to device type and OS, so you can manage devices from constrained microcontrollers to connected cars all with the same service. AWS IoT Device Management allows you to scale your fleets and reduce the cost and effort of managing large and diverse IoT device deployments. (June, 2019) Retrieved from: https://aws.amazon.com/iot-device-management/.

Snowball Ingestion - Petabyte-scale Data Transport

VMwareCloudOnAWS

Amazon KMS - Key Management Service

AWS Key Management Service (KMS) is a managed service that makes it easy for you to create and control the encryption keys used to encrypt your data, and uses Hardware Security Modules (HSMs) to protect the security of your keys. AWS Key Management Service is integrated with several other AWS services to help you protect the data you store with these services. AWS Key Management Service is also integrated with AWS CloudTrail to provide you with logs of all key usage to help meet your regulatory and compliance needs. AWS Key Management Service is a fully managed service, so you can focus on the encryption needs of your applications while AWS handles availability, physical security, and hardware maintenance of the underlying infrastructure. AWS Key Management Service provides you with centralized control of your encryption keys. KMS presents a single view into all of the key usage in your organization. You can easily create, import, and rotate keys as well as define usage policies and audit usage from the AWS Management Console or by using the AWS SDK or CLI. (June, 2017) Retrieved from: https://aws.amazon.com/kms/.

AWS Web Application Firewall - Protect Apps From Attacks

AWS WAF is a web application firewall that helps protect your web applications from common web exploits that could affect application availability, compromise security, or consume excessive resources. AWS WAF gives you control over which traffic to allow or block to your web applications by defining customizable web security rules. You can use AWS WAF to create custom rules that block common attack patterns, such as SQL injection or cross-site scripting, and rules that are designed for your specific application. New rules can be deployed within minutes, letting you respond quickly to changing traffic patterns. Also, AWS WAF includes a full-featured API that you can use to automate the creation, deployment, and maintenance of web security rules. With AWS WAF you pay only for what you use. AWS WAF pricing is based on how many rules you deploy and how many web requests your web application receives. There are no upfront commitments. You can deploy AWS WAF on either Amazon CloudFront as part of your CDN solution or the Application Load Balancer (ALB) that fronts your web servers or origin servers running on EC2. (June, 2017) Retrieved from: https://aws.amazon.com/waf/.

Amazon Comprehend - Discover insights and relationships in text

Amazon Comprehend uses machine learning to help you uncover the insights and relationships in your unstructured data. The service identifies the language of the text; extracts key phrases, places, people, brands, or events; understands how positive or negative the text is; analyzes text using tokenization and parts of speech; and automatically organizes a collection of text files by topic. You can also use AutoML capabilities in Amazon Comprehend to build a custom set of entities or text classification models that are tailored uniquely to your organization’s needs. (June, 2019) Retrieved from: https://aws.amazon.com/comprehend/.

Amazon Comprehend Medical - Extract information from unstructured medical text

Amazon Comprehend Medical is a natural language processing service that makes it easy to use machine learning to extract relevant medical information from unstructured text. Using Amazon Comprehend Medical, you can quickly and accurately gather information, such as medical condition, medication, dosage, strength, and frequency from a variety of sources like doctors’ notes, clinical trial reports, and patient health records. (June, 2019) Retrieved from: https://aws.amazon.com/comprehend/medical/.

Amazon Transcribe – Automatic Speech Recognition

Amazon Transcribe is an automatic speech recognition (ASR) service that makes it easy for developers to add speech-to-text capability to their applications. Using the Amazon Transcribe API, you can analyze audio files stored in Amazon S3 and have the service return a text file of the transcribed speech. You can also send a live audio stream to Amazon Transcribe and receive a stream of transcripts in real time. (June, 2019) Retrieved from: https://aws.amazon.com/transcribe/.

Amazon Translate – Neural Machine Translation

Amazon Translate is a neural machine translation service that delivers fast, high-quality, and affordable language translation. Neural machine translation is a form of language translation automation that uses deep learning models to deliver more accurate and more natural sounding translation than traditional statistical and rule-based translation algorithms. Amazon Translate allows you to localize content - such as websites and applications - for international users, and to easily translate large volumes of text efficiently. (June, 2019) Retrieved from: https://aws.amazon.com/translate/.

20220405T172630Z

GovCloud Region Pricing

Services

AWS Backup | Centralized Cloud Backup

AWS Certificate Manager - Easily Provision, Manage, and Deploy Public and Private SSL/TLS

AWS Cloud​Formation - Model and provision all your cloud infrastructure resources

AWS Cloud Map - Service discovery for cloud resources

AWS CloudTrail - Track User Activity and API Usage

AWS CodePipeline - Continuous Integration & Continuous Delivery

AWS Config - AWS Resource Inventory, Configuration History, and Configuration Change Notifications

AWS DataSync - Easily transfer data to and from AWS

AWS Data Transfer - Accelerated data transfer

AWS Database Migration Service

AWS Direct Connect - Reduce Your Bandwidth Cost

AWS Elastic Load Balancing - Achieve fault tolerance for any application by ensuring scalability, performance, and security.

AWS Elemental MediaConvert - Process video files and clips to prepare on-demand content for distribution or archiving

AWS Events - Respond to state changes in your AWS Resources

AWS Firewall Manager - Centrally configure and manage firewall rules

AWS Glue - Fully Managed Extract, Transform, and Load (ETL) Service

AWS IoT Events - Easily detect and respond to events from IoT sensors and applications

AWS IoT SiteWise - Easily collect, organize and analyze data from industrial equipment at scale

AWS Outposts - Run AWS infrastructure and services on premises for a truly consistent hybrid experience

AWS Secrets Manager - Easily rotate, manage, and retrieve database credentials, API keys, and other secrets through their lifecycle

AWS Security Hub - Centrally view and manage security alerts and automate security checks

AWS Service Catalog - Catalog IT services

AWS Shield - Managed DDoS Protection

AWS Storage Gateway - Hybrid Cloud Storage

AWS Systems Manager - Gain operational insights and take action on AWS resources

AWS Transfer for SFTP - Fully managed SFTP service

AWS X-Ray - Distributed Tracing System

Amazon API Gateway - Fully Managed API Service

AmazonAppStream - Securely Instant Access to Desktop Applications from Anywhere

Amazon Athena — Serverless Interactive Query Service

Amazon Chime - Online Meetings

Amazon Chime - Online Meetings

Amazon Cloud Directory - Managed Cloud-native Directory Service

Amazon CloudWatch - Cloud and Network Monitoring Services

Amazon Cognito - AWS User Authentication & Mobile Data Service

Amazon Connect - Simple to Use, Cloud-based Contact Center

Amazon Detective - Analyze and visualize security data to rapidly get to the root cause of potential security issues

Amazon DynamoDB - NoSQL Cloud Database Service

Amazon EC2 - Elastic Compute Cloud Server & Hosting

Amazon EC2 Container Registry - Docker Registry

AmazonECS - Amazon Elastic Container Service

Amazon EKS - Managed Kubernetes Service

Amazon Elasticsearch Service - Fullt Managed Search and Analytics Service

Amazon ElastiCache - In-memory Data Store and Cache

Amazon FSx - Fully managed third-party file systems

Amazon Glacier - Cloud Archive

Amazon GuardDuty - Intelligent Threat Detection

Amazon Inspector - Automated Security Assessment Service

Amazon Kendra - Enterprise search service powered by machine learning

Amazon Kinesis Analytics - Get Actionable Insights from Streaming Data in Real-time

Amazon Kinesis Firehose - Easily Prepare and Load Real-time Streaming Data into AWS

Amazon Lex - Build Conversation Bots

Amazon MQ - Managed message broker service for Apache ActiveMQ

Amazon Managed Streaming for Apache Kafka

Amazon Neptune - Fast, Reliable Graph Database built for the cloud

Amazon Polly - Lifelike Text-to-Speech

Amazon QuickSight - Business Intelligence for Big Data

Amazon RDS - Relational Database Service

Amazon Redshift - Data Warehouse Solution

Amazon Rekognition - Deep Learning-based Image Recognition

Amazon S3 - Simple Storage Service

Amazon S3 - Simple Storage Service

Amazon SES - Simple Email Service

Amazon Simple Notification Service - Pub/Sub Messaging and Mobile Notifications

Amazon Simple Workflow Service - Cloud Workflow Development

Amazon VPC - Virtual Private Cloud

Amazon WorkSpaces - Virtual Desktops in the Cloud

Amazon Hardware Security Module

AWS CodeBuild - Fully Managed Build Service

Amazon Connect - Simple to Use, Cloud-based Contact Center Telecommunications

Amazon Elastic Map Reduce - Easily Run and Scale Big Data Frameworks

AWS IoT Device Management - Onboard, organize, monitor, and remotely manage connected devices at scale

Snowball Ingestion - Petabyte-scale Data Transport

Amazon KMS - Key Management Service

AWS Web Application Firewall - Protect Apps From Attacks

Amazon Comprehend - Discover insights and relationships in text

Amazon Comprehend Medical - Extract information from unstructured medical text

Amazon Transcribe – Automatic Speech Recognition

AWS CloudFormation - Model and provision all your cloud infrastructure resources