AWS Service Cheat Sheet for Developers

image.png

Security, Identity & Compliance

Secure access and protection for your AWS environment and data.

ServiceDescription
IAMManage access to AWS resources with fine-grained permissions.
CognitoUser sign-up, sign-in, and access control with OAuth support.
GuardDutyDetects threats using machine learning.
InspectorScans EC2 for vulnerabilities and misconfigurations.
Certificate ManagerIssue and manage SSL/TLS certificates for websites.
Directory ServiceConnect AWS with Microsoft Active Directory.
WAFWeb Application Firewall for protecting from malicious traffic.
Shield & Shield AdvancedDDoS protection service built into AWS.
ArtifactProvides access to compliance and audit reports.

Most used service is IAM. Used in every AWS project for user/role management - e.g., creating permission to access database to developers.


Compute Services

Run applications on virtual servers, containers, or serverless environments.

ServiceDescription
EC2Fully configurable virtual machines.
LambdaRun event-driven functions with automatic scaling.
ECSContainer orchestration for Docker workloads.
FargateRun containers without managing servers.
LightSailSimple VPS hosting ideal for small projects.
BatchProcess large volumes of jobs efficiently.

Most used is EC2 which is backbone for traditional applications - e.g., hosting web servers, application servers. Lambda is popular for event-driven tasks - e.g., image processing when uploaded to S3


Storage Services

Store and retrieve data reliably and at scale.

ServiceDescription
S3Object storage for files, media, and backups.
EBSBlock storage for use with EC2 instances.
EFSShared file system storage for multiple instances.
GlacierLow-cost storage for long-term archives.
SnowballPhysical device to move large data into/out of AWS.
Storage GatewayHybrid storage between on-prem and AWS.

Object Storage vs Block Storage

  • Object Storage (S3): Stores data with metadata and a unique ID. Ideal for unstructured data like images.
  • Block Storage (EBS): Raw block-level storage, great for databases and OS-level file systems.

Databases

Managed services for structured, unstructured, and analytical workloads.

ServiceDescription
RDSManaged relational DBs (MySQL, PostgreSQL, etc.).
AuroraHigh-performance cloud-native SQL database.
DynamoDBNoSQL key-value and document store.
NeptuneGraph database for highly connected data.
RedshiftAnalytics and OLAP at scale using columnar storage.
ElastiCacheIn-memory caching for fast performance.

OLTP vs OLAP

  • **OLTP (**Online transaction processing) - Handles day-to-day transactions. Ex - RDS, DynamoDB
  • OLAP (Online analytical processing) - For analytics and reporting Ex - Redshift

Networking & Routing

Connect your services securely and reliably across the cloud.

ServiceDescription
CloudFrontContent Delivery Network (CDN).
VPCIsolated virtual network to launch AWS resources.
Route 53DNS service with traffic routing capabilities.
Direct ConnectDedicated network line to AWS from on-prem.
NAT GatewayEnable internet access for private subnets.
NACLStateless firewall rules for subnets.
Bastion HostJump server to access private EC2 instances.
VPC PeeringPrivately connect two VPCs.

VPC is most commonly used service. It is foundation of AWS network architecture - e.g., isolating production and development environments

Routing Policies

  • Simple: Direct to one resource.
  • Weighted: A/B test across resources.
  • Latency-based: Route to the lowest-latency region.
  • Geolocation / Geoproximity: Based on user or resource location.

Developer Tools & DevOps

Tools for building, testing, and deploying applications.

ServiceDescription
CodeBuildCloud-native build service.
CodeStarManage your CI/CD toolchain in one place.
CodeCommitGit-based source control.
CodeDeployAutomate code deployments.

CodePipeline is commonly used in CI/CD workflows e.g., automating deployment from GitHub to production


Application Integration

Decouple application components using messaging and orchestration.

ServiceDescription
SQSSimple queue for message buffering.
SNSPub/sub system for notifications.
Step FunctionsCoordinate workflows using visual states.
Amazon MQManaged message broker using popular standards.
SWFOlder workflow orchestration tool.

Many a times, SNS, SQS and Lambda are used together to create decoupled apps. Often called a fan-out pattern where an event notification (SNS) triggers messages to be placed in multiple queues (SQS) which are then processed by different Lambda functions - for example, when a new user signs up, one Lambda could send a welcome email, another could update analytics, and a third could process user preferences.


Management & Monitoring

Monitor and automate your AWS environment.

ServiceDescription
CloudWatchLogs, metrics, and dashboards for monitoring.
CloudTrailTrack all API calls across your AWS account.
CloudFormationInfrastructure as Code using templates.

Cloudwatch is essential for monitoring, can also set up alerts in it.


AI/ML & Analytics Services

Build intelligent applications and analyze data at scale.

ServiceDescription
SageMakerTrain and deploy ML models.
RekognitionAnalyze images and videos for labels and faces.
PollyConvert text to lifelike speech.
ComprehendNatural Language Processing (NLP).
AthenaQuery S3 data with SQL.
GlueServerless ETL service.
QuickSightBusiness intelligence and dashboards.
EMRManaged Hadoop/Spark clusters.

As developers, cant see using Sagemaker but Athena is quite interesting, can be used in many places e.g., analyzing logs stored in S3, business intelligence queries.


Media Services

Tools to process, stream, and manage video content.

ServiceDescription
Elastic TranscoderConvert media files to different formats.
MediaConvertHigh-quality media transcoding.
Kinesis Video StreamsStream video from connected devices.
MediaLive, MediaTailor, MediaPackageEnd-to-end pipeline for live video broadcasting.