0% found this document useful (0 votes)

190 views122 pages

AWS Glossary

The document provides definitions for over 200 terms related to AWS services and concepts. It includes short descriptions and links for AWS services like Amazon S3, EC2, IAM, Lambda, and more. The glossary is organized alphabetically from A-Z and covers fundamental AWS terms, services, and features.

Uploaded by

FTI ACC

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as PDF, TXT or read online on Scribd

0% found this document useful (0 votes)

190 views122 pages

AWS Glossary

Uploaded by

FTI ACC

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as PDF, TXT or read online on Scribd

You are on page 1/ 122

AWS glossary

https://docs.aws.amazon.com/general/latest/gr/glos-chap.html

Numbers and symbols | A | B | C | D | E | F | G | H | I | J | K | L | M | N | O | P | Q | R | S | T | U | V

| W | X, Y, Z

Numbers and symbols

100-continue

A method that gives a client the ability to see whether a server can accept a request
before actually sending it. For large PUT requests, this method can save both time and
bandwidth charges.

Numbers and symbols | A | B | C | D | E | F | G | H | I | J | K | L | M | N | O | P | Q | R | S | T | U | V

| W | X, Y, Z

AAD

See additional authenticated data.

Access Analyzer

A feature of AWS Identity and Access Management (IAM) that helps you identify the
resources in your organization and accounts, such as Amazon S3 buckets or IAM roles
that are shared with an external entity.

access control list (ACL)

A document that defines who can access a particular bucket or object. Each bucket and
object in Amazon S3 has an ACL. The document defines what each type of user can do,
such as write and read permissions.

access identifiers

See credentials.
access key

The combination of an access key ID (for example, AKIAIOSFODNN7EXAMPLE) and a

secret access key (for example, wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY). You
use access keys to sign API requests that you make to AWS.

access key ID

A unique identifier that's associated with a secret access key; the access key ID and secret
access key are used together to sign programmatic AWS requests cryptographically.

access key rotation

A method to increase security by changing the AWS access key ID. You can use this
method to retire an old key at your discretion.

access policy language

A language for writing documents (specifically, policies) that specify who can access a
particular AWS resource and under what conditions.

account

A formal relationship with AWS that's associated with all of the following:

• The owner email address and password

• The control of resources created under its umbrella
• Payment for the AWS activity related to those resources

The AWS account has permission to do anything and everything with all the AWS
account resources. This is in contrast to a user, which is an entity contained within the
account.

account activity

A webpage showing your month-to-date AWS usage and costs. The account activity page
is located at https://aws.amazon.com/account-activity/

ACL

See access control list (ACL).

ACM
See AWS Certificate Manager (ACM).

ACM PCA

See AWS Certificate Manager Private Certificate Authority (ACM PCA).

ACM Private CA

See AWS Certificate Manager Private Certificate Authority (ACM PCA).

action

An API function. Also called operation or call. The activity the principal has permission
to perform. The action is B in the statement "A has permission to do B to C where D
applies." For example, Jane sends a request to Amazon SQS with
Action=ReceiveMessage.

Amazon CloudWatch: The response initiated by the change in an alarm's state (for
example, from OK to ALARM). The state change might be caused by a metric reaching the
alarm threshold, or by a SetAlarmState request. Each alarm can have one or more
actions assigned to each state. Actions are performed once each time the alarm changes to
a state that has an action assigned, such as an Amazon Simple Notification Service
notification, the running of an Amazon EC2 Auto Scaling policy, or an Amazon EC2
instance stop/terminate action.

active trusted key groups

A list showing each of the trusted key groups, and the IDs of the public keys in each key
group, that are active for a distribution in Amazon CloudFront. CloudFront can use the
public keys in these key groups to verify the signatures of CloudFront signed URLs and
signed cookies.

active trusted signers

See active trusted key groups.

additional authenticated data

Information that's checked for integrity but not encrypted, such as headers or other
contextual metadata.

administrative suspension

Amazon EC2 Auto Scaling might suspend processes for Auto Scaling group that
repeatedly fail to launch instances. Auto Scaling groups that most commonly experience
administrative suspension have zero running instances, have been trying to launch
instances for more than 24 hours, and have not succeeded in that time.

alarm

An item that watches a single metric over a specified time period and starts an Amazon
SNS topic or an Amazon EC2 Auto Scaling policy if the value of the metric crosses a
threshold value over a predetermined number of time periods.

allow

One of two possible outcomes (the other is deny) when an IAM access policy is
evaluated. When a user makes a request to AWS, AWS evaluates the request based on all
permissions that apply to the user and then returns either allow or deny.

Amazon API Gateway

A fully managed service that makes it easy for developers to create, publish, maintain,
monitor, and secure APIs at any scale.

Amazon AppStream 2.0

A fully managed, secure service for streaming desktop applications to users without
rewriting those applications.

A secure, real-time, unified communications service that transforms meetings by making

them more efficient and easier to conduct.

Amazon Cloud Directory (Cloud Directory)

A service that provides a highly scalable directory store for your application’s
multihierarchical data.

Amazon CloudWatch Events

A web service that you can use to deliver a timely stream of system events that describe
changes in AWS resources to AWS Lambda functions, streams in Amazon Kinesis Data
Streams, Amazon Simple Notification Service topics, or built-in targets.

Amazon CloudWatch Logs

A web service for monitoring and troubleshooting your systems and applications from
your existing system, application, and custom log files. You can send your existing log
files to CloudWatch Logs and monitor these logs in near-real time.

Amazon Comprehend Medical

A HIPAA-eligible natural language processing (NLP) service that uses machine learning
to extract health data from medical text.
See also https://aws.amazon.com/comprehend/medical/

Amazon Connect

A service solution that offers easy, self-service configuration and provides dynamic,
personal, and natural customer engagement at any scale.

A no-cost, multiplatform, production-ready distribution of the Open Java Development

Kit (OpenJDK).

Amazon DocumentDB (with MongoDB compatibility)

A managed database service that you can use to set up, operate, and scale MongoDB-
compatible databases in the cloud.

Amazon DynamoDB Encryption Client

A software library that helps you protect your table data before you send it to Amazon
DynamoDB.

Amazon DynamoDB Storage Backend for Titan

A storage backend for the Titan graph database implemented on top of Amazon
DynamoDB. Titan is a scalable graph database optimized for storing and querying
graphs.

Amazon DynamoDB Streams

An AWS service that captures a time-ordered sequence of item-level modifications in any

Amazon DynamoDB table, and stores this information in a log for up to 24 hours.
Applications can access this log and view the data items as they appeared before and after
they were modified, in near real time.

Amazon EBS-backed AMI

A type of Amazon Machine Image (AMI) whose instances use an Amazon EBS volume
as their root device. Compare this with instances launched from instance store-backed
AMIs, which use the instance store as the root device.

Amazon EC2

A web service for launching and managing Linux/UNIX and Windows Server instances
in Amazon's data centers.

A web service designed to launch or terminate instances automatically based on user-

defined policies, schedules, and health checks.

Amazon Elastic Block Store (Amazon EBS)

A service that provides block level storage volumes for use with EC2 instances.

Amazon Elastic Compute Cloud (Amazon EC2)

A web service for launching and managing Linux/UNIX and Windows Server instances
in Amazon's data centers.

Amazon Elastic Container Registry (Amazon ECR)

A fully managed Docker container registry that makes it easy for developers to store,
manage, and deploy Docker container images. Amazon ECR is integrated with Amazon
Elastic Container Service (Amazon ECS) and AWS Identity and Access Management
(IAM).

Amazon Elastic Container Service (Amazon ECS)

A highly scalable, fast, container management service that makes it easy to run, stop, and
manage Docker containers on a cluster of EC2 instances.

Amazon Elastic Kubernetes Service (Amazon EKS)

A managed service that simplifies running Kubernetes on AWS without your needing to
stand up or maintain your own Kubernetes control plane.

Amazon Elastic Transcoder

A cloud-based media transcoding service. Elastic Transcoder is a highly scalable tool for
converting (or transcoding) media files from their source format into versions that play
on devices such as smartphones, tablets, and PCs.

Amazon Elasticsearch Service (Amazon ES)

An AWS managed service for deploying, operating, and scaling Elasticsearch, an open-
source search and analytics engine, in the AWS Cloud. Amazon Elasticsearch Service
(Amazon ES) also offers security options, high availability, data durability, and direct
access to the Elasticsearch API.
See also https://aws.amazon.com/elasticsearch-service

Amazon EMR

A web service that makes it easy to process large amounts of data efficiently. Amazon
EMR uses Hadoop processing combined with several AWS products to do such tasks as
web indexing, data mining, log file analysis, machine learning, scientific simulation, and
data warehousing.

A managed service for deploying, operating, and scaling session-based multiplayer

games.

Amazon Kinesis Data Firehose

A fully managed service for loading streaming data into AWS. Kinesis Data Firehose can
capture and automatically load streaming data into Amazon S3 and Amazon Redshift ,
enabling near real-time analytics with existing business intelligence tools and dashboards.
Kinesis Data Firehose automatically scales to match the throughput of your data and
requires no ongoing administration. It can also batch, compress, and encrypt the data
before loading it.

Amazon Kinesis Data Streams

A web service for building custom applications that process or analyze streaming data for
specialized needs. Amazon Kinesis Data Streams can continuously capture and store
terabytes of data per hour from hundreds of thousands of sources.
See also https://aws.amazon.com/kinesis/streams/

Amazon Lightsail

Lightsail is designed to be the easiest way to launch and manage a virtual private server
with AWS. Lightsail offers bundled plans that include everything you need to deploy a
virtual private server, for a low monthly rate.

Amazon Lookout for Equipment

A machine learning service that uses data from sensors mounted on factory equipment to
detect abnormal behavior so you can take action before machine failures occur.

Amazon Lookout for Vision

A machine learning service that uses computer vision (CV) to find defects in industrial
products. Amazon Lookout for Vision can identify missing components in an industrial
product, damage to vehicles or structures, irregularities in production lines, and even
minuscule defects in silicon wafers—or any other physical item where quality is
important.

Amazon Machine Image (AMI)

An encrypted machine image stored in Amazon Elastic Block Store (Amazon EBS) or
Amazon Simple Storage Service. AMIs function similar to a template of a computer's
root drive. They contain the operating system and can also include software and layers of
your application, such as database servers, middleware, and web servers.

Amazon Machine Learning

A cloud-based service that creates machine learning (ML) models by finding patterns in
your data, and uses these models to process new data and generate predictions.

Amazon Managed Blockchain

A fully managed service for creating and managing scalable blockchain networks using
popular open source frameworks.

See Amazon Machine Learning.

Amazon Mobile Analytics (Mobile Analytics)

A service for collecting, visualizing, understanding, and extracting mobile app usage data
at scale.

An artificial intelligence service for creating individualized product and content

recommendations.

A fast, cloud-powered business analytics service that makes it easy to build

visualizations, perform analysis, and quickly get business insights from your data.

Amazon Relational Database Service (Amazon RDS)

A web service that makes it easier to set up, operate, and scale a relational database in the
cloud. It provides cost-efficient, resizable capacity for an industry-standard relational
database and manages common database administration tasks.

Amazon Resource Name (ARN)

A standardized way to refer to an AWS resource (for example,

arn:aws:iam::123456789012:user/division_abc/subdivision_xyz/Bob).

Amazon Route 53
A web service you can use to create a new DNS service or to migrate your existing DNS
service to the cloud.

Amazon S3-Backed AMI

See instance store-backed AMI.

Amazon S3 Glacier

A secure, durable, and low-cost storage service for data archiving and long-term backup.
You can reliably store large or small amounts of data for significantly less than on-
premises solutions. S3 Glacier is optimized for infrequently accessed data, where a
retrieval time of several hours is suitable.

AWS Security Hub

A service that provides a comprehensive view of the security state of your AWS
resources. Security Hub collects security data from AWS accounts and services and helps
you analyze your security trends to identify and prioritize the security issues across your
AWS environment.

Amazon Simple Email Service (Amazon SES)

An easy-to-use, cost-effective email solution for applications.

Amazon Simple Notification Service (Amazon SNS)

A web service that applications, users, and devices can use to instantly send and receive
notifications from the cloud.

Amazon Simple Queue Service (Amazon SQS)

Reliable and scalable hosted queues for storing messages as they travel between
computers.

Amazon Simple Storage Service (Amazon S3)

Storage for the internet. You can use it to store and retrieve any amount of data at any
time, from anywhere on the web.

Amazon Simple Workflow Service (Amazon SWF)

A fully managed service that helps developers build, run, and scale background jobs that
have parallel or sequential steps. Amazon SWF functions similar to a state tracker and
task coordinator in the AWS Cloud.

Amazon Transcribe Medical

An automatic speech recognition (ASR) service for adding medical speech-to-text

capabilities to voice-enabled clinical documentation applications.

Amazon Virtual Private Cloud (Amazon VPC)

A web service for provisioning a logically isolated section of the AWS Cloud virtual
network that you define. You control your virtual networking environment, including
selection of your own IP address range, creation of subnets, and configuration of route
tables and network gateways.

See Amazon Virtual Private Cloud (Amazon VPC).

Amazon Web Services (AWS)

An infrastructure web services platform in the cloud for companies of all sizes.

Amazon WorkSpaces Application Manager (Amazon WAM)

A web service for deploying and managing applications for WorkSpaces. Amazon WAM
accelerates software deployment, upgrades, patching, and retirement by packaging
Windows desktop applications into virtualized application containers.

See Amazon Machine Image (AMI).

analysis scheme

Amazon CloudSearch: Language-specific text analysis options that are applied to a text
field to control stemming and configure stopwords and synonyms.

application

AWS Elastic Beanstalk: A logical collection of components, including environments,

versions, and environment configurations. An application is conceptually similar to a
folder.

AWS CodeDeploy: A name that uniquely identifies the application to be deployed. AWS
CodeDeploy uses this name to ensure the correct combination of revision, deployment
configuration, and deployment group are referenced during a deployment.

Application Auto Scaling

A web service that you can use to configure automatic scaling for AWS resources beyond
Amazon EC2, such as Amazon ECS services, Amazon EMR clusters, and DynamoDB
tables.

AWS CodeDeploy: An archive file containing source content—such as source code,

webpages, executable files, and deployment scripts—along with an application
specification file. Revisions are stored in Amazon S3 buckets or GitHub repositories. For
Amazon S3, a revision is uniquely identified by its Amazon S3 object key and its ETag,
version, or both. For GitHub, a revision is uniquely identified by its commit ID.

application specification file

AWS CodeDeploy: A YAML-formatted file used to map the source files in an

application revision to destinations on the instance. The file is also used to specify
custom permissions for deployed files and specify scripts to be run on each instance at
various stages of the deployment process.

application version

AWS Elastic Beanstalk: A specific, labeled iteration of an application that represents a

functionally consistent set of deployable application code. A version points to an Amazon
S3 object (a JAVA WAR file) that contains the application code.

AppSpec file

See application specification file.

ARN

See Amazon Resource Name (ARN).

artifact
AWS CodePipeline: A copy of the files or changes that will be worked upon by the
pipeline.

asymmetric encryption

Encryption that uses both a public key and a private key.

asynchronous bounce

A type of bounce that occurs when a receiver initially accepts an email message for
delivery and then subsequently fails to deliver it.

atomic counter

DynamoDB: A method of incrementing or decrementing the value of an existing attribute

without interfering with other write requests.

attribute

A fundamental data element, something that doesn't need to be broken down any further.
In DynamoDB, attributes are similar in many ways to fields or columns in other database
systems.

Amazon Machine Learning: A unique, named property within an observation in a dataset.

In tabular data, such as spreadsheets or comma-separated values (.csv) files, the column
headings represent the attributes, and the rows contain values for each attribute.

AUC

Area Under a Curve. An industry-standard metric to evaluate the quality of a binary

classification machine learning model. AUC measures the ability of the model to predict
a higher score for positive examples, those that are “correct,” than for negative examples,
those that are “incorrect.” The AUC metric returns a decimal value from 0 to 1. AUC
values near 1 indicate an ML model that's highly accurate.

Aurora

See Amazon Aurora.

authenticated encryption

Encryption that provides confidentiality, data integrity, and authenticity assurances of the
encrypted data.

authentication
The process of proving your identity to a system.

Auto Scaling group

A representation of multiple EC2 instances that share similar characteristics, and that are
treated as a logical grouping for the purposes of instance scaling and management.

Availability Zone

A distinct location within a Region that's insulated from failures in other Availability
Zones, and provides inexpensive, low-latency network connectivity to other Availability
Zones in the same Region.

AWS

See Amazon Web Services (AWS).

AWS Application Discovery Service

A web service that helps you plan to migrate to AWS by identifying IT assets in a data
center—including servers, virtual machines, applications, application dependencies, and
network infrastructure.

AWS Auto Scaling

A fully managed service that you can use to quickly discover the scalable AWS resources
that are part of your application and configure dynamic scaling.

AWS Billing and Cost Management

The AWS Cloud computing model where you pay for services on demand and use as
much or as little as you need. While resources are active under your account, you pay for
the cost of allocating those resources. You also pay for any incidental usage associated
with those resources, such as data transfer or allocated storage.

AWS Blockchain Templates

A service for creating and deploying open-source blockchain frameworks on AWS, such
as Ethereum and Hyperledger Fabric.

AWS Certificate Manager (ACM)

A web service for provisioning, managing, and deploying Secure Sockets

Layer/Transport Layer Security (SSL/TLS) certificates for use with AWS services.

AWS Certificate Manager Private Certificate Authority (ACM PCA)

A hosted private certificate authority service for issuing and revoking private digital
certificates.

An open-source software development framework for defining your cloud infrastructure

in code and provisioning it through AWS CloudFormation.

AWS Cloud Map

A service that you use to create and maintain a map of the backend services and resources
that your applications depend on. With AWS Cloud Map, you can name and discover
your AWS Cloud resources.

AWS CodeDeploy agent

A software package that, when installed and configured on an instance, enables that
instance to be used in CodeDeploy deployments.

AWS CodePipeline

A continuous delivery service for fast and reliable application updates.

See also https://aws.amazon.com/codepipeline

AWS Command Line Interface (AWS CLI)

A unified downloadable and configurable tool for managing AWS services. Control
multiple AWS services from the command line and automate them through scripts.

AWS Database Migration Service

A web service that can help you migrate data to and from many widely used commercial
and open-source databases.

AWS Data Pipeline

A web service for processing and moving data between different AWS compute and
storage services, as well as on-premises data sources, at specified intervals.

AWS Device Farm (Device Farm)

An app testing service that allows developers to test Android, iOS, and Fire OS devices
on real, physical phones and tablets that are hosted by AWS.
See also https://aws.amazon.com/device-farm

AWS Direct Connect

A web service that simplifies establishing a dedicated network connection from your
premises to AWS. Using AWS Direct Connect, you can establish private connectivity
between AWS and your data center, office, or colocation environment.

AWS Directory Service

A managed service for connecting your AWS resources to an existing on-premises

Microsoft Active Directory or to set up and operate a new, standalone directory in the
AWS Cloud.

AWS Elastic Beanstalk

A web service for deploying and managing applications in the AWS Cloud without
worrying about the infrastructure that runs those applications.

AWS Elemental MediaConnect

A service that broadcasters and other premium video providers can reliably use to ingest
live video into the AWS Cloud and distribute it to multiple destinations inside or outside
the AWS Cloud.

AWS Elemental MediaConvert

A file-based video conversion service that transforms media into formats required for
traditional broadcast and for internet streaming to multi-screen devices.

AWS Elemental MediaLive

A video service that you can use to create live outputs for broadcast and streaming
delivery.

AWS Elemental MediaPackage

A just-in-time packaging and origination service that you can use to format highly secure
and reliable live outputs for a variety of devices.

AWS Elemental MediaStore

A storage service optimized for media that provides the performance, consistency, and
low latency required to deliver live and on-demand video content at scale.

AWS Elemental MediaTailor

A video service that you can use to serve targeted ads to viewers while maintaining
broadcast quality in over-the-top (OTT) video applications.

AWS Encryption SDK

A client-side encryption library designed to make it easy for everyone to encrypt and
decrypt data using industry standards and best practices.

AWS Firewall Manager

A service that you use with AWS WAF to simplify your AWS WAF administration and
maintenance tasks across multiple accounts and resources. With AWS Firewall Manager,
you set up your firewall rules only once. The service automatically applies your rules
across your accounts and resources, even as you add new resources.

AWS Global Accelerator

A network layer service that you use to create accelerators that direct traffic to optimal
endpoints over the AWS global network. This improves the availability and performance
of your internet applications that are used by a global audience.

AWS GovCloud (US)

An isolated AWS Region designed to host sensitive workloads in the cloud, ensuring that
this work meets the US government's regulatory and compliance requirements. The AWS
GovCloud (US) Region adheres to United States International Traffic in Arms
Regulations (ITAR), Federal Risk and Authorization Management Program (FedRAMP)
requirements, Department of Defense (DOD) Cloud Security Requirements Guide (SRG)
Levels 2 and 4, and Criminal Justice Information Services (CJIS) Security Policy
requirements.

AWS Identity and Access Management (IAM)

A web service that Amazon Web Services (AWS) customers can use to manage users and
user permissions within AWS.

AWS IoT Core

A managed cloud platform that lets connected devices easily and securely interact with
cloud applications and other devices.

AWS IoT 1-Click

A service that simple devices can use to launch AWS Lambda functions.

AWS IoT Analytics

A fully managed service used to run sophisticated analytics on massive volumes of IoT
data.
See also https://aws.amazon.com/iot-analytics

AWS IoT Device Defender

An AWS IoT security service that you can use to audit the configuration of your devices,
monitor your connected devices to detect abnormal behavior, and to mitigate security
risks.

AWS IoT Device Management

A service used to securely onboard, organize, monitor, and remotely manage IoT devices
at scale.

AWS IoT Events

A fully managed AWS IoT service that makes it easy to detect and respond to events
from IoT sensors and applications.

AWS IoT Greengrass

Software that you can use to run local compute, messaging, data caching, sync, and ML
inference capabilities for connected devices in a secure way.

AWS IoT SiteWise

A managed service that you can use to collect, organize, and analyze data from industrial
equipment at scale.
See also https://aws.amazon.com/iot-sitewise

AWS IoT Things Graph

A service that makes it easy to visually connect different devices and web services to
build IoT applications.

AWS Key Management Service (AWS KMS)

A managed service that simplifies the creation and control of encryption keys that are
used to encrypt data.

AWS managed key

One type of customer master key (CMK) in AWS Key Management Service (AWS
KMS).

AWS managed policy

An IAM managed policy that's created and managed by AWS.

AWS Management Console

A graphical interface to manage compute, storage, and other cloud resources.

See also https://aws.amazon.com/console

AWS Management Portal for vCenter

A web service for managing your AWS resources using VMware vCenter. You install the
portal as a vCenter plugin within your existing vCenter environment. Once installed, you
can migrate VMware VMs to Amazon EC2 and manage AWS resources from within
vCenter.

AWS Mobile Hub (Mobile Hub)

An integrated console for building, testing, and monitoring mobile apps.

AWS Mobile SDK

A software development kit whose libraries, code examples, and documentation help you
build high quality mobile apps for the iOS, Android, Fire OS, Unity, and Xamarin
platforms.

AWS Resource Access Manager

A service that you can use to share your resources with any AWS account or organization
in AWS Organizations.

AWS SDK for C++

A software development kit for that provides C++ APIs for many AWS services
including Amazon S3, Amazon EC2, Amazon DynamoDB, and more. The single,
downloadable package includes the AWS C++ library, code examples, and
documentation.

AWS SDK for Go

A software development kit for integrating your Go application with the full suite of
AWS services.

AWS SDK for Java

A software development kit that provides Java API operations for many AWS services
including Amazon S3, Amazon EC2, Amazon DynamoDB, and more. The single,
downloadable package includes the AWS Java library, code examples, and
documentation.

AWS SDK for JavaScript in the Browser

A software development kit for accessing AWS services from JavaScript code running in
the browser. Authenticate users through Facebook, Google, or Login with Amazon using
web identity federation. Store application data in Amazon DynamoDB, and save user
files to Amazon S3.

AWS SDK for JavaScript in Node.js

A software development kit for accessing AWS services from JavaScript in Node.js. The
SDK provides JavaScript objects for AWS services, including Amazon S3, Amazon EC2,
Amazon DynamoDB, and Amazon Simple Workflow Service (Amazon SWF) . The
single, downloadable package includes the AWS JavaScript library and documentation.

AWS SDK for .NET

A software development kit that provides .NET API operations for AWS services
including Amazon S3, Amazon EC2, IAM, and more. You can download the SDK as
multiple service-specific packages on NuGet.

AWS SDK for Python (Boto)

A software development kit for using Python to access AWS services such as Amazon
EC2, Amazon EMR, Amazon EC2 Auto Scaling, Amazon Kinesis, or AWS Lambda.

AWS SDK for Ruby

A software development kit for accessing AWS services from Ruby. The SDK provides
Ruby classes for many AWS services including Amazon S3, Amazon EC2, Amazon
DynamoDB. and more. The single, downloadable package includes the AWS Ruby
Library and documentation.

AWS Secrets Manager

A service for securely encrypting, storing, and rotating credentials for databases and other
services.

AWS Security Token Service (AWS STS)

A web service for requesting temporary, limited-privilege credentials for AWS Identity
and Access Management (IAM) users or for users that you authenticate (federated users).

AWS Service Catalog

A web service that helps organizations create and manage catalogs of IT services that are
approved for use on AWS. These IT services can include everything from virtual
machine images, servers, software, and databases to complete multitier application
architectures.

AWS Single Sign-On

A cloud-based service that simplifies managing SSO access to AWS accounts and
business applications. You can control SSO access and user permissions across all your
AWS accounts in AWS Organizations.

AWS Step Functions

A web service that coordinates the components of distributed applications as a series of

steps in a visual workflow.

AWS Storage Gateway

A web service that connects an on-premises software appliance with cloud-based storage.
AWS Storage Gateway provides seamless and secure integration between an
organization’s on-premises IT environment and AWS storage infrastructure.

AWS Toolkit for Eclipse

An open-source plugin for the Eclipse Java integrated development environment (IDE)
that makes it easier to develop, debug, and deploy Java applications using Amazon Web
Services.

AWS Toolkit for JetBrains

An open-source plugin for the integrated development environments (IDEs) from

JetBrains that makes it easier to develop, debug, and deploy serverless applications using
Amazon Web Services.

AWS Toolkit for Visual Studio

An extension for Visual Studio that helps in developing, debugging, and deploying .NET
applications using Amazon Web Services.

AWS Toolkit for Visual Studio Code

An open-source plugin for the Visual Studio Code (VS Code) editor that makes it easier
to develop, debug, and deploy applications using Amazon Web Services.

AWS Tools for PowerShell

A set of PowerShell cmdlets to help developers and administrators manage their AWS
services from the PowerShell scripting environment.

AWS Toolkit for Microsoft Azure DevOps

Provides tasks you can use in build and release definitions in VSTS to interact with AWS
services.

AWS Trusted Advisor

A web service that inspects your AWS environment and makes recommendations for
saving money, improving system availability and performance, and helping to close
security gaps.

AWS VPN CloudHub

Enables secure communication between branch offices using a simple hub-and-spoke

model, with or without a VPC.

AWS WAF
A web application firewall service that controls access to content by allowing or blocking
web requests based on criteria that you specify. For example, you can filter access based
on the header values or the IP addresses that the requests originate from. AWS WAF
helps protect web applications from common web exploits that could affect application
availability, compromise security, or consume excessive resources.

Numbers and symbols | A | B | C | D | E | F | G | H | I | J | K | L | M | N | O | P | Q | R | S | T | U | V

| W | X, Y, Z

basic monitoring

Monitoring of AWS provided metrics derived at a 5-minute frequency.

batch

See document batch.

BGP ASN

Border Gateway Protocol Autonomous System Number. A unique identifier for a

network, for use in BGP routing. Amazon EC2 supports all 2-byte ASN numbers in the
range of 1 – 65335, with the exception of 7224, which is reserved.

batch prediction

Amazon Machine Learning: An operation that processes multiple input data observations
at one time (asynchronously). Unlike real-time predictions, batch predictions aren't
available until all predictions have been processed.

See AWS Billing and Cost Management.

binary attribute

Amazon Machine Learning: An attribute for which one of two possible values is possible.
Valid positive values are 1, y, yes, t, and true answers. Valid negative values are 0, n, no,
f, and false. Amazon Machine Learning outputs 1 for positive values and 0 for negative
values.

binary classification model

Amazon Machine Learning: A machine learning model that predicts the answer to
questions where the answer can be expressed as a binary variable. For example, questions
with answers of “1” or “0”, “yes” or “no”, “will click” or “will not click” are questions
that have binary answers. The result for a binary classification model is always either a
“1” (for a “true” or affirmative answers) or a “0” (for a “false” or negative answers).

block

A dataset. Amazon EMR breaks large amounts of data into subsets. Each subset is called
a data block. Amazon EMR assigns an ID to each block and uses a hash table to keep
track of block processing.

block device

A storage device that supports reading and (optionally) writing data in fixed-size blocks,
sectors, or clusters.

block device mapping

A mapping structure for every AMI and instance that specifies the block devices attached
to the instance.

blue/green deployment

CodeDeploy: A deployment method where the instances in a deployment group (the

original environment) are replaced by a different set of instances (the replacement
environment).

bootstrap action
A user-specified default or custom action that runs a script or an application on all nodes
of a job flow before Hadoop starts.

Border Gateway Protocol Autonomous System Number

See BGP ASN.

bounce

A failed email delivery attempt.

breach

Amazon EC2 Auto Scaling: The condition where a user-set threshold (upper or lower
boundary) is passed. If the duration of the breach is significant, as set by a breach
duration parameter, it can possibly start a scaling activity.

bucket

Amazon Simple Storage Service (Amazon S3): A container for stored objects. Every
object is contained in a bucket. For example, if the object named photos/puppy.jpg is
stored in the DOC-EXAMPLE-BUCKET bucket, then authorized users can access the object
with the URL https://s3-bucket-endpoint/DOC-EXAMPLE-
BUCKET/photos/puppy.jpg.

bucket owner

The person or organization that owns a bucket in Amazon S3. In the same way that
Amazon is the only owner of the domain name Amazon.com, only one person or
organization can own a bucket.

bundling

A commonly used term for creating an Amazon Machine Image (AMI). It specifically
refers to creating instance store-backed AMIs.

Numbers and symbols | A | B | C | D | E | F | G | H | I | J | K | L | M | N | O | P | Q | R | S | T | U | V

| W | X, Y, Z

cache cluster

A logical cache distributed over multiple cache nodes. A cache cluster can be set up with
a specific number of cache nodes.
cache cluster identifier

Customer-supplied identifier for the cache cluster that must be unique for that customer
in an AWS Region.

cache engine version

The version of the Memcached service that's running on the cache node.

cache node

A fixed-size chunk of secure, network-attached RAM. Each cache node runs an instance
of the Memcached service, and has its own DNS name and port. Multiple types of cache
nodes are supported, each with varying amounts of associated memory.

cache node type

An EC2 instance type used to run the cache node.

cache parameter group

A container for cache engine parameter values that can be applied to one or more cache
clusters.

cache security group

A group maintained by ElastiCache that combines inbound authorizations to cache nodes

for hosts belonging to Amazon EC2 security groups specified through the console or the
API or command line tools.

campaign

Amazon Personalize: A deployed solution version (trained model) with provisioned

dedicated transaction capacity for creating real-time recommendations for your
application users. After you create a campaign, you use the getRecommendations or
getPersonalizedRanking personalization operations to get recommendations.

canned access policy

A standard access control policy that you can apply to a bucket or object. Options
include: private, public-read, public-read-write, and authenticated-read.
canonicalization

The process of converting data into a standard format that a service such as Amazon S3
can recognize.

capacity

The amount of available compute size at a given time. Each Auto Scaling group is
defined with a minimum and maximum compute size. A scaling activity increases or
decreases the capacity within the defined minimum and maximum values.

Cartesian product processor

A processor that calculates a Cartesian product. Also known as a Cartesian data

processor.

Cartesian product

A mathematical operation that returns a product from multiple sets.

CDN

See content delivery network (CDN).

certificate

A credential that some AWS products use to authenticate AWS accounts and users. Also
known as an X.509 certificate. The certificate is paired with a private key.

chargeable resources

Features or services whose use incurs fees. Although some AWS products are free, others
include charges. For example, in an AWS CloudFormation stack, AWS resources that
have been created incur charges. The amount charged depends on the usage load. Use the
Amazon Web Services Simple Monthly Calculator to estimate your cost prior to creating
instances, stacks, or other resources.

CIDR block

Classless Inter-Domain Routing. An internet protocol address allocation and route

aggregation methodology.

A feature for linking an EC2-Classic instance to a VPC, allowing your EC2-Classic

instance to communicate with VPC instances using private IP addresses.

See AWS Command Line Interface (AWS CLI).

Cloud Directory

See Amazon Cloud Directory (Cloud Directory).

cloud service provider (CSP)

A company that provides subscribers with access to internet-hosted computing, storage,

and software services.

CloudHub

See AWS VPN CloudHub.

cluster

A logical grouping of container instances that you can place tasks on.
Amazon Elasticsearch Service (Amazon ES): A logical grouping of one or more data
nodes, optional dedicated master nodes, and storage required to run Amazon
Elasticsearch Service (Amazon ES) and operate your Amazon ES domain.

cluster compute instance

A type of instance that provides a great amount of CPU power coupled with increased
networking performance, making it well suited for High Performance Compute (HPC)
applications and other demanding network-bound applications.

cluster placement group

A logical cluster compute instance grouping to provide lower latency and high-bandwidth
connectivity between the instances.

cluster status

Amazon Elasticsearch Service (Amazon ES): An indicator of the health of a cluster. A

status can be green, yellow, or red. At the shard level, green means that all shards are
allocated to nodes in a cluster, yellow means that the primary shard is allocated but the
replica shards aren't, and red means that the primary and replica shards of at least one
index aren't allocated. The shard status determines the index status, and the index status
determines the cluster status.

CMK

See customer master key (CMK).

CNAME

Canonical Name Record. A type of resource record in the Domain Name System (DNS)
that specifies that the domain name is an alias of another, canonical domain name.
Specifically, it's an entry in a DNS table that you can use to alias one fully qualified
domain name to another.

Code Signing for AWS IoT

A service for signing code that you create for any IoT device that's supported by Amazon
Web Services (AWS).
complaint

The event where a recipient who doesn't want to receive an email message chooses
"Mark as Spam" within the email client, and the internet service provider (ISP) sends a
notification to Amazon SES.

compound query

Amazon CloudSearch: A search request that specifies multiple search criteria using the
Amazon CloudSearch structured search syntax.

condition

IAM: Any restriction or detail about a permission. The condition is D in the statement "A
has permission to do B to C where D applies."

AWS WAF: A set of attributes that AWS WAF searches for in web requests to AWS
resources such as Amazon CloudFront distributions. Conditions can include values such
as the IP addresses that web requests originate from or values in request headers. Based
on the specified conditions, you can configure AWS WAF to allow or block web requests
to AWS resources.

conditional parameter

See mapping.

configuration API

Amazon CloudSearch: The API call that you use to create, configure, and manage search
domains.

configuration template

A series of key–value pairs that define parameters for various AWS products so that
AWS Elastic Beanstalk can provision them for an environment.

consistency model

The method a service uses to achieve high availability. For example, it could involve
replicating data across multiple servers in a data center.

See AWS Management Console.

consolidated billing

A feature of the AWS Organizations service for consolidating payment for multiple AWS
accounts. You create an organization that contains your AWS accounts, and you use the
management account of your organization to pay for all member accounts. You can see a
combined view of AWS costs that are incurred by all accounts in your organization, and
you can get detailed cost reports for individual accounts.

container

A Linux container that was created from a Docker image as part of a task.

container definition

Specifies which Docker image to use for a container, how much CPU and memory the
container is allocated, and more options. The container definition is included as part of a
task definition.

container instance

An EC2 instance that's running the Amazon Elastic Container Service (Amazon ECS)
agent and has been registered into a cluster. Amazon ECS tasks are placed on active
container instances.

container registry

Stores, manages, and deploys Docker images.

content delivery network (CDN)

A web service that speeds up distribution of your static and dynamic web content—such
as .html, .css, .js, media files, and image files—to your users by using a worldwide
network of data centers. When a user requests your content, the request is routed to the
data center that provides the lowest latency (time delay). If the content is already in the
location with the lowest latency, the CDN delivers it immediately. If not, the CDN
retrieves it from an origin that you specify (for example, a web server or an Amazon S3
bucket). With some CDNs, you can help secure your content by configuring an HTTPS
connection between users and data centers, and between data centers and your origin.
Amazon CloudFront is an example of a CDN.

contextual metadata

Amazon Personalize: Interactions data that you collect about a user's browsing context
(such as device used or location) when an event (such as a click) occurs. Contextual
metadata can improve recommendation relevance for new and existing users.
See also Interactions dataset.

Amazon CloudSearch: A collection of data that you want to search.

coverage
Amazon Personalize: An evaluation metric that tells you the proportion of unique items
that Amazon Personalize might recommend using your model out of the total number of
unique items in Interactions and Items datasets. To make sure Amazon Personalize
recommends more of your items, use a model with a higher coverage score. Recipes that
feature item exploration, such as user-personalization, have higher coverage than those
that don’t, such as popularity-count.

Also called access credentials or security credentials. In authentication and authorization,

a system uses credentials to identify who is making a call and whether to allow the
requested access. In AWS, these credentials are typically the access key ID and the secret
access key.

cross-account access

The process of permitting limited, controlled use of resources in one AWS account by a
user in another AWS account. For example, in AWS CodeCommit and AWS
CodeDeploy you can configure cross-account access so that a user in AWS account A
can access an CodeCommit repository created by account B. Or a pipeline in AWS
CodePipeline created by account A can use CodeDeploy resources created by account B.
In IAM you use a role to delegate temporary access to a user in one account to resources
in another.

cross-Region replication

A solution for replicating data across different AWS Regions, in near-real time.
customer gateway

A router or software application on your side of a VPN tunnel that's managed by Amazon
VPC. The internal interfaces of the customer gateway are attached to one or more devices
in your home network. The external interface is attached to the virtual private gateway
(VGW) across the VPN tunnel.

customer managed policy

An IAM managed policy that you create and manage in your AWS account.

customer master key (CMK)

The fundamental resource that AWS Key Management Service (AWS KMS) manages.
CMKs can be either customer managed keys or AWS managed keys. Use CMKs inside
AWS KMS to encrypt or decrypt up to 4 kilobytes of data directly or to encrypt generated
data keys, which are then used to encrypt or decrypt larger amounts of data outside of the
service.

Numbers and symbols | A | B | C | D | E | F | G | H | I | J | K | L | M | N | O | P | Q | R | S | T | U | V

| W | X, Y, Z

dashboard

See service health dashboard.

data consistency

A concept that describes when data is written or updated successfully and all copies of
the data are updated in all AWS Regions. However, it takes time for the data to propagate
to all storage locations. To support varied application requirements, Amazon DynamoDB
supports both eventually consistent and strongly consistent reads.

The database, file, or repository that provides information required by an application or

database. For example, in AWS OpsWorks, valid data sources include an instance for a
stack’s MySQL layer or a stack’s Amazon RDS service layer. In Amazon Redshift , valid
data sources include text files in an Amazon S3 bucket, in an Amazon EMR cluster, or on
a remote host that a cluster can access through an SSH connection.

The database software and version running on the DB instance.

database name

The name of a database hosted in a DB instance. A DB instance can host multiple

databases, but databases hosted by the same DB instance must each have a unique name
within that instance.

dataset

Amazon Personalize: A container for the data used by Amazon Personalize. There are
three types of Amazon Personalize datasets: Users, Items, and Interactions.

Amazon Personalize: A container for Amazon Personalize components, including

datasets, event trackers, solutions, filters, campaigns, and batch inference jobs. A dataset
group organizes your resources into independent collections, so resources from one
dataset group can’t influence resources in any other dataset group.
See also dataset.

An isolated database environment running in the cloud. A DB instance can contain

multiple user-created databases.

DB instance identifier

User-supplied identifier for the DB instance. The identifier must be unique for that user
in an AWS Region.

DB parameter group

A container for database engine parameter values that apply to one or more DB instances.

DB security group

A method that controls access to the DB instance. By default, network access is turned
off to DB instances. After inbound traffic is configured for a security group, the same
rules apply to all DB instances associated with that group.

DB snapshot

A user-initiated point backup of a DB instance.

Dedicated Host

A physical server with EC2 instance capacity fully dedicated to a user.

Dedicated Instance

An instance that's physically isolated at the host hardware level and launched within a
VPC.

dedicated master node

Amazon Elasticsearch Service (Amazon ES): An Elasticsearch instance that performs

cluster management tasks, but doesn't hold data or respond to data upload requests.
Amazon Elasticsearch Service (Amazon ES) uses dedicated master nodes to increase
cluster stability.

Dedicated Reserved Instance

An option that you purchase to guarantee that sufficient capacity will be available to
launch Dedicated Instances into a VPC.

delegation

Within a single AWS account: Giving AWS users access to resources in your AWS
account.

Between two AWS accounts: Setting up a trust between the account that owns the
resource (the trusting account), and the account that contains the users that need to access
the resource (the trusted account).

Monitoring of AWS provided metrics derived at a 1-minute frequency.

Description property

A property added to parameters, resources, resource properties, mappings, and outputs to

help you to document AWS CloudFormation template elements.

dimension

A name–value pair (for example, InstanceType=m1.small, or EngineName=mysql), that

contains additional information to identify a metric.

discussion forums

A place where AWS users can post technical questions and feedback to help accelerate
their development efforts and to engage with the AWS community. For more
information, see the Amazon Web Services Discussion Forums

distribution

A link between an origin server (such as an Amazon S3 bucket) and a domain name,
which CloudFront automatically assigns. Through this link, CloudFront identifies the
object you have stored in your origin server.
DKIM

DomainKeys Identified Mail. A standard that email senders use to sign their messages.
ISPs use those signatures to verify that messages are legitimate. For more information,
see https://tools.ietf.org/html/rfc6376

DNS

See Domain Name System.

Docker image

A layered file system template that's the basis of a Docker container. Docker images can
comprise specific operating systems or applications.

document

Amazon CloudSearch: An item that can be returned as a search result. Each document
has a collection of fields that contain the data that can be searched or returned. The value
of a field can be either a string or a number. Each document must have a unique ID and at
least one field.

document batch

Amazon CloudSearch: A collection of add and delete document operations. You use the
document service API to submit batches to update the data in your search domain.

document service API

Amazon CloudSearch: The API call that you use to submit document batches to update
the data in a search domain.

document service endpoint

Amazon CloudSearch: The URL that you connect to when sending document updates to
an Amazon CloudSearch domain. Each search domain has a unique document service
endpoint that remains the same for the life of the domain.

domain

Amazon Elasticsearch Service (Amazon ES): The hardware, software, and data exposed
by Amazon Elasticsearch Service (Amazon ES) endpoints. An Amazon ES domain is a
service wrapper around an Elasticsearch cluster. An Amazon ES domain encapsulates the
engine instances that process Amazon ES requests, the indexed data that you want to
search, snapshots of the domain, access policies, and metadata.

Domain Name System

A service that routes internet traffic to websites by translating friendly domain names (for
example, www.example.com) into the numeric IP addresses, such as 192.0.2.1 that
computers use to connect to each other.

Donation button

An HTML-coded button to provide an easy and secure way for US-based, IRS-certified
501(c)3 nonprofit organizations to solicit donations.

DynamoDB stream

An ordered flow of information about changes to items in anAmazon DynamoDB table.

When you enable a stream on a table, DynamoDB captures information about every
modification to data items in the table.

Numbers and symbols | A | B | C | D | E | F | G | H | I | J | K | L | M | N | O | P | Q | R | S | T | U | V

| W | X, Y, Z

EBS

See Amazon Elastic Block Store (Amazon EBS).

EC2

See Amazon EC2.

EC2 compute unit (ECU)

An AWS standard for compute CPU and memory. You can use this measure to evaluate
the CPU capacity of different EC2 instance types.

EC2 instance
A compute instance in the Amazon EC2 service. Other AWS services use the term EC2
instance to distinguish these instances from other types of instances they support.

ECR

See Amazon Elastic Container Registry (Amazon ECR).

ECS

See Amazon Elastic Container Service (Amazon ECS).

edge location

A data center that an AWS service uses to perform service-specific operations. For
example, CloudFront uses edge locations to cache copies of your content, so the content
is closer to your users and can be delivered faster regardless of their location. Route 53
uses edge locations to speed up the response to public DNS queries.

EFS

See Amazon Elastic File System (Amazon EFS).

Elastic

A company that provides open-source solutions—including Elasticsearch, Logstash,

Kibana, and Beats—that are designed to take data from any source and search, analyze,
and visualize it in real time.

Amazon Elasticsearch Service (Amazon ES) is an AWS managed service for deploying,
operating, and scaling Elasticsearch in the AWS Cloud.

Elastic Block Store

See Amazon Elastic Block Store (Amazon EBS).

Elastic IP address

A fixed (static) IP address that you have allocated in Amazon EC2 or Amazon VPC and
then attached to an instance. Elastic IP addresses are associated with your account, not a
specific instance. They are elastic because you can easily allocate, attach, detach, and
free them as your needs change. Unlike traditional static IP addresses, Elastic IP
addresses allow you to mask instance or Availability Zone failures by rapidly remapping
your public IP addresses to another instance.

Elastic Load Balancing

A web service that improves an application's availability by distributing incoming traffic

between two or more EC2 instances.

elastic network interface

An additional network interface that can be attached to an instance. Elastic network

interfaces include a primary private IP address, one or more secondary private IP
addresses, an Elastic IP Address (optional), a MAC address, membership in specified
security groups, a description, and a source/destination check flag. You can create an
elastic network interface, attach it to an instance, detach it from an instance, and attach it
to another instance.

Elasticsearch

An open-source, real-time distributed search and analytics engine used for full-text
search, structured search, and analytics. Elasticsearch was developed by the Elastic
company.

Amazon Elasticsearch Service (Amazon ES) is an AWS managed service for deploying,
operating, and scaling Elasticsearch in the AWS Cloud.

See Amazon EMR.

encrypt

To use a mathematical algorithm to make data unintelligible to unauthorized users.

Encryption also gives authorized users a method (such as a key or password) to convert
the altered data back to its original state.

encryption context
A set of key–value pairs that contains additional information associated with AWS Key
Management Service (AWS KMS)–encrypted information.

endpoint

A URL that identifies a host and port as the entry point for a web service. Every web
service request contains an endpoint. Most AWS products provide endpoints for a Region
to enable faster connectivity.

Amazon ElastiCache: The DNS name of a cache node.

Amazon RDS: The DNS name of a DB instance.

AWS CloudFormation: The DNS name or IP address of the server that receives an HTTP
request.

endpoint port

Amazon ElastiCache: The port number used by a cache node.

Amazon RDS: The port number used by a DB instance.

envelope encryption

The use of a master key and a data key to algorithmically protect data. The master key is
used to encrypt and decrypt the data key and the data key is used to encrypt and decrypt
the data itself.

environment

AWS Elastic Beanstalk: A specific running instance of an application. The application

has a CNAME and includes an application version and a customizable configuration
(which is inherited from the default container type).

AWS CodeDeploy: Instances in a deployment group in a blue/green deployment. At the

start of a blue/green deployment, the deployment group is made up of instances in the
original environment. At the end of the deployment, the deployment group is made up of
instances in the replacement environment.

environment configuration

A collection of parameters and settings that define how an environment and its associated
resources behave.

ephemeral store
See instance store.

epoch

The date from which time is measured. For most Unix environments, the epoch is
January 1, 1970.

ETL

See extract, transform, and load (ETL).

evaluation

Amazon Machine Learning: The process of measuring the predictive performance of a

machine learning (ML) model.

Also a machine learning object that stores the details and result of an ML model
evaluation.

evaluation datasource

The data that Amazon Machine Learning uses to evaluate the predictive accuracy of a
machine learning model.

event

Amazon Personalize: A user activity—such as a click, a purchase, or a video viewing—

that you record and upload to an Amazon Personalize Interactions dataset. You record
events individually in real time or record and upload events in bulk.

eventually consistent read

A read process that returns data from only one Region and might not show the most
recent write information. However, if you repeat your read request after a short time, the
response should eventually return the latest data.

A contraction of exa binary byte, an exbibyte is 2^60 or 1,152,921,504,606,846,976

bytes. An exabyte (EB) is 10^18 or 1,000,000,000,000,000,000 bytes. 1,024 EiB is a
zebibyte (ZiB).

expiration

For CloudFront caching, the time when CloudFront stops responding to user requests
with an object. If you don't use headers or CloudFront distribution settings to specify how
long you want objects to stay in an edge location, the objects expire after 24 hours. The
next time a user requests an object that has expired, CloudFront forwards the request to
the origin.
explicit impressions

Amazon Personalize: A list of items that you manually add to an Amazon Personalize
Interactions dataset to influence future recommendations. Unlike implicit impressions,
where Amazon Personalize automatically derives the impressions data, you choose what
to include in explicit impressions.

explicit launch permission

An Amazon Machine Image (AMI) launch permission granted to a specific AWS

account.

exponential backoff

A strategy that incrementally increases the wait between retry attempts in order to reduce
the load on the system and increase the likelihood that repeated requests will succeed. For
example, client applications might wait up to 400 milliseconds before attempting the first
retry, up to 1600 milliseconds before the second, and up to 6400 milliseconds (6.4
seconds) before the third.

expression

Amazon CloudSearch: A numeric expression that you can use to control how search hits
are sorted. You can construct Amazon CloudSearch expressions using numeric fields,
other rank expressions, a document's default relevance score, and standard numeric
operators and functions. When you use the sort option to specify an expression in a
search request, the expression is evaluated for each search hit and the hits are listed
according to their expression values.

extract, transform, and load (ETL)

A process that's used to integrate data from multiple sources. Data is collected from
sources (extract), converted to an appropriate format (transform), and written to a target
data store (load) for purposes of analysis and querying.

ETL tools combine these three functions to consolidate and move data from one
environment to another. AWS Glue is a fully managed ETL service for discovering and
organizing data, transforming it, and making it available for search and analytics.
F

Numbers and symbols | A | B | C | D | E | F | G | H | I | J | K | L | M | N | O | P | Q | R | S | T | U | V

| W | X, Y, Z

facet

Amazon CloudSearch: An index field that represents a category that you want to use to
refine and filter search results.

facet enabled

Amazon CloudSearch: An index field option that enables facet information to be

calculated for the field.

FBL

See feedback loop (FBL).

feature transformation

Amazon Machine Learning: The machine learning process of constructing more

predictive input representations or “features” from the raw input variables to optimize a
machine learning model’s ability to learn and generalize. Also known as data
transformation or feature engineering.

federated identity management (FIM)

Allows individuals to sign in to different networks or services, using the same group or
personal credentials to access data across all networks. With identity federation in AWS,
external identities (federated users) are granted secure access to resources in an AWS
account without having to create IAM users. These external identities can come from a
corporate identity store (such as LDAP or Windows Active Directory) or from a third
party (such as Login with Amazon, Facebook, or Google). AWS federation also supports
SAML 2.0.

federated user

See federated identity management (FIM).

federation

See federated identity management (FIM).

feedback loop (FBL)

The mechanism by which a mailbox provider (for example, an internet service provider
(ISP)) forwards a recipient's complaint back to the sender.

field weight

The relative importance of a text field in a search index. Field weights control how much
matches in particular text fields affect a document's relevance score.

filter

A criterion that you specify to limit the results when you list or describe your Amazon
EC2 resources.

filter query

A way to filter search results without affecting how the results are scored and sorted.
Specified with the Amazon CloudSearch fq parameter.

FIM

See federated identity management (FIM).

Firehose

See Amazon Kinesis Data Firehose.

format version

See template format version.

forums

See discussion forums.

function

See intrinsic function.

fuzzy search

A simple search query that uses approximate string matching (fuzzy matching) to correct
for typographical errors and misspellings.

G
Numbers and symbols | A | B | C | D | E | F | G | H | I | J | K | L | M | N | O | P | Q | R | S | T | U | V
| W | X, Y, Z

geospatial search

A search query that uses locations specified as a latitude and longitude to determine
matches and sort the results.

gibibyte (GiB)

A contraction of giga binary byte, a gibibyte is 2^30 or 1,073,741,824 bytes. A gigabyte

(GB) is 10^9 or 1,000,000,000 bytes. 1,024 GiB is a tebibyte (TiB).

GitHub

A web-based repository that uses Git for version control.

global secondary index

An index with a partition key and a sort key that can be different from those on the table.
A global secondary index is considered global because queries on the index can span all
of the data in a table, across all partitions.

Numbers and symbols | A | B | C | D | E | F | G | H | I | J | K | L | M | N | O | P | Q | R | S | T | U | V

| W | X, Y, Z

Hadoop

Software that enables distributed processing for big data by using clusters and simple
programming models. For more information, see http://hadoop.apache.org

hard bounce

A persistent email delivery failure such as "mailbox does not exist."

hardware VPN

A hardware-based IPsec VPN connection over the internet.

health check

A system call to check on the health status of each instance in an Amazon EC2 Auto
Scaling group.

high-quality email

Email that recipients find valuable and want to receive. Value means different things to
different recipients and can come in such forms as offers, order confirmations, receipts,
or newsletters.

highlights

Amazon CloudSearch: Excerpts returned with search results that show where the search
terms appear within the text of the matching documents.

highlight enabled

Amazon CloudSearch: An index field option that enables matches within the field to be
highlighted.

hit

A document that matches the criteria specified in a search request. Also referred to as a
search result.
HMAC

Hash-based Message Authentication Code. A specific construction for calculating a

message authentication code (MAC) involving a cryptographic hash function in
combination with a secret key. You can use it to verify both the data integrity and the
authenticity of a message at the same time. AWS calculates the HMAC using a standard,
cryptographic hash algorithm, such as SHA-256.

hosted zone

A collection of resource record sets that Amazon Route 53 hosts. Similar to a traditional
DNS zone file, a hosted zone represents a collection of records that are managed together
under a single domain name.

HRNN

Amazon Personalize: A hierarchical recurrent neural network machine learning algorithm

that models changes in user behavior and predicts the items that a user might interact
with in personal recommendation applications.

HTTP-Query

See Query.

HVM virtualization

Hardware Virtual Machine virtualization. Allows the guest VM to run as though it's on a
native hardware platform, except that it still uses paravirtual (PV) network and storage
drivers for improved performance.

Numbers and symbols | A | B | C | D | E | F | G | H | I | J | K | L | M | N | O | P | Q | R | S | T | U | V

| W | X, Y, Z

IAM

See AWS Identity and Access Management (IAM).

IAM group

See group.

IAM policy simulator

See policy simulator.

IAM role

See role.

IAM user

See user.

Identity and Access Management

See AWS Identity and Access Management (IAM).

identity provider (IdP)

An IAM entity that holds metadata about external identity providers.

IdP

See identity provider (IdP) .

image

See Amazon Machine Image (AMI).

import/export station

A machine that uploads or downloads your data to or from Amazon S3.

import log

A report that contains details about how AWS Import/Export processed your data.

implicit impressions

Amazon Personalize: The recommendations that your application shows a user. Unlike
explicit impressions, where you manually record each impression, Amazon Personalize
automatically derives implicit impressions from your recommendation data.

CodeDeploy: A deployment method where the application on each instance in the

deployment group is stopped, the latest application revision is installed, and the new
version of the application is started and validated. You can choose to use a load balancer
so each instance is deregistered during its deployment and then restored to service after
the deployment is complete.

index

See search index.

index field

A name–value pair that's included in an Amazon CloudSearch domain's index. An index

field can contain text or numeric data, dates, or a location.

indexing options

Configuration settings that define an Amazon CloudSearch domain's index fields, how
document data is mapped to those index fields, and how the index fields can be used.

inline policy

An IAM policy that's embedded in a single IAM user, group, or role.

input data

Amazon Machine Learning: The observations that you provide to Amazon Machine
Learning to train and evaluate a machine learning model and generate predictions.

instance

A copy of an Amazon Machine Image (AMI) running as a virtual server in the AWS
Cloud.
instance family

A general instance type grouping using either storage or CPU capacity.

instance group

A Hadoop cluster contains one master instance group that contains one master node, a
core instance group containing one or more core node and an optional task node instance
group, which can contain any number of task nodes.

instance profile

A container that passes IAM role information to an EC2 instance at launch.

instance store

Disk storage that's physically attached to the host computer for an EC2 instance, and
therefore has the same lifespan as the instance. When the instance is terminated, you lose
any data in the instance store.

instance store-backed AMI

A type of Amazon Machine Image (AMI) whose instances use an instance store volume
as the root device. Compare this with instances launched from Amazon EBS-backed
AMIs, which use an Amazon EBS volume as the root device.

instance type

A specification that defines the memory, CPU, storage capacity, and usage cost for an
instance. Some instance types are designed for standard applications, whereas others are
designed for CPU-intensive, memory-intensive applications, and so on.

Interactions dataset

Amazon Personalize: A container for historical and real-time data collected from
interactions between users and items (called events). Interactions data can include
impressions data and contextual metadata.

internet service provider (ISP)

A company that provides subscribers with access to the internet. Many ISPs are also
mailbox providers. Mailbox providers are sometimes referred to as ISPs, even if they
only provide mailbox services.

intrinsic function

A special action in a AWS CloudFormation template that assigns values to properties not
available until runtime. These functions follow the format Fn::Attribute, such as
Fn::GetAtt. Arguments for intrinsic functions can be parameters, pseudo parameters, or
the output of other intrinsic functions.

IP address

A numerical address (for example, 192.0.2.44) that networked devices use to

communicate with one another using the Internet Protocol (IP). All EC2 instances are
assigned two IP addresses at launch, which are directly mapped to each other through
network address translation (NAT): a private IP address (following RFC 1918) and a
public IP address. Instances launched in a VPC are assigned only a private IP address.
Instances launched in your default VPC are assigned both a private IP address and a
public IP address.

IP match condition

AWS WAF: An attribute that specifies the IP addresses or IP address ranges that web
requests originate from. Based on the specified IP addresses, you can configure AWS
WAF to allow or block web requests to AWS resources such as Amazon CloudFront
distributions.

ISP

See internet service provider (ISP).

issuer

The person who writes a policy to grant permissions to a resource. The issuer (by
definition) is always the resource owner. AWS doesn't permit Amazon SQS users to
create policies for resources they don't own. If John is the resource owner, AWS
authenticates John's identity when he submits the policy he's written to grant permissions
for that resource.
item

A group of attributes that's uniquely identifiable among all of the other items. Items in
Amazon DynamoDB are similar in many ways to rows, records, or tuples in other
database systems.

item exploration

Amazon Personalize: The process that Amazon Personalize uses to test different item
recommendations, including recommendations of new items with no or very little
interaction data, and learn how users respond. You configure item exploration at the
campaign level for solution versions created with the user-personalization recipe.

item-to-item similarities (SIMS) recipe

Amazon Personalize: A RELATED_ITEMS recipe that uses the data from an Interactions
dataset to make recommendations for items that are similar to a specified item. The SIMS
recipe calculates similarity based on the way users interact with items instead of
matching item metadata, such as price or age.

Numbers and symbols | A | B | C | D | E | F | G | H | I | J | K | L | M | N | O | P | Q | R | S | T | U | V

| W | X, Y, Z
job flow

Amazon EMR: One or more steps that specify all of the functions to be performed on the
data.

job ID

A five-character, alphanumeric string that uniquely identifies an AWS Import/Export

storage device in your shipment. AWS issues the job ID in response to a CREATE JOB
email command.

job prefix

An optional string that you can add to the beginning of an AWS Import/Export log file
name to prevent collisions with objects of the same name.

Numbers and symbols | A | B | C | D | E | F | G | H | I | J | K | L | M | N | O | P | Q | R | S | T | U | V

| W | X, Y, Z

key

A credential that identifies an AWS account or user to AWS (such as the AWS secret
access key).

Amazon Simple Storage Service (Amazon S3), Amazon EMR: The unique identifier for
an object in a bucket. Every object in a bucket has exactly one key. Because a bucket and
key together uniquely identify each object, you can think of Amazon S3 as a basic data
map between the bucket + key, and the object itself. You can uniquely address every
object in Amazon S3 through the combination of the web service endpoint, bucket name,
and key, as in this example: http://doc.s3.amazonaws.com/2006-03-
01/AmazonS3.wsdl, where doc is the name of the bucket, and 2006-03-
01/AmazonS3.wsdl is the key.

AWS Import/Export: The name of an object in Amazon S3. It's a sequence of Unicode
characters whose UTF-8 encoding can't exceed 1024 bytes. If a key (for example,
logPrefix + import-log-JOBID) is longer than 1024 bytes, AWS Elastic Beanstalk returns
an InvalidManifestField error.

IAM: In a policy, a specific characteristic that's the basis for restricting access (such as
the current time or the IP address of the requester).

Tagging resources: A general tag label that acts like a category for more specific tag
values. For example, you might have EC2 instance with the tag key of Owner and the tag
value of Jan. You can tag an AWS resource with up to 10 key–value pairs. Not all AWS
resources can be tagged.

key pair

A set of security credentials that you use to prove your identity electronically. A key pair
consists of a private key and a public key.

key prefix

A logical grouping of the objects in a bucket. The prefix value is similar to a directory
name that you can use to store similar data under the same directory in a bucket.

kibibyte (KiB)

A contraction of kilo binary byte, a kibibyte is 2^10 or 1,024 bytes. A kilobyte (KB) is
10^3 or 1,000 bytes. 1,024 KiB is a mebibyte (MiB).

KMS

See AWS Key Management Service (AWS KMS).

Numbers and symbols | A | B | C | D | E | F | G | H | I | J | K | L | M | N | O | P | Q | R | S | T | U | V

| W | X, Y, Z

labeled data

In machine learning, data for which you already know the target or “correct” answer.

launch configuration
A set of descriptive parameters used to create new EC2 instances in an Amazon EC2
Auto Scaling activity.

A template that an Auto Scaling group uses to launch new EC2 instances. The launch
configuration contains information such as the Amazon Machine Image (AMI) ID, the
instance type, key pairs, security groups, and block device mappings, among other
configuration settings.

launch permission

An Amazon Machine Image (AMI) attribute that allows users to launch an AMI.

lifecycle

The lifecycle state of the EC2 instance contained in an Auto Scaling group. EC2
instances progress through several states over their lifespan; these include Pending,
InService, Terminating and Terminated.

lifecycle action

An action that can be paused by Auto Scaling, such as launching or terminating an EC2
instance.

lifecycle hook

A feature for pausing Auto Scaling after it launches or terminates an EC2 instance so that
you can perform a custom action while the instance isn't in service.

link to VPC

The process of linking (or attaching) an EC2-Classic instance to a ClassicLink-enabled

VPC.

local secondary index

An index that has the same partition key as the table, but a different sort key. A local
secondary index is local in the sense that every partition of a local secondary index is
scoped to a table partition that has the same partition key value.

A case-sensitive unique string within an AWS CloudFormation template that identifies a

resource, mapping, parameter, or output. In an AWS CloudFormation template, each
parameter, resource, property, mapping, and output must be declared with a unique
logical name. You use the logical name when dereferencing these items using the Ref
function.

Numbers and symbols | A | B | C | D | E | F | G | H | I | J | K | L | M | N | O | P | Q | R | S | T | U | V

| W | X, Y, Z

Mail Transfer Agent (MTA)

Software that transports email messages from one computer to another by using a client-
server architecture.

mailbox provider

An organization that provides email mailbox hosting services. Mailbox providers are
sometimes referred to as internet service provider (ISP)s, even if they only provide
mailbox services.

mailbox simulator

A set of email addresses that you can use to test an Amazon SES-based email-sending
application without sending messages to actual recipients. Each email address represents
a specific scenario (such as a bounce or complaint) and generates a typical response that's
specific to the scenario.

main route table

The default route table that any new VPC subnet uses for routing. You can associate a
subnet with a different route table of your choice. You can also change which route table
is the main route table.

managed policy
A standalone IAM policy that you can attach to multiple users, groups, and roles in your
IAM account. Managed policies can either be AWS managed policies (which are created
and managed by AWS) or customer managed policies (which you create and manage in
your AWS account).

manifest

When sending a create job request for an import or export operation, you describe your
job in a text file called a manifest. The manifest file is a YAML-formatted file that
specifies how to transfer data between your storage device and the AWS Cloud.

manifest file

Amazon Machine Learning: The file used for describing batch predictions. The manifest
file relates each input data file with its associated batch prediction results. It's stored in
the Amazon S3 output location.

mapping

A way to add conditional parameter values to an AWS CloudFormation template. You

specify mappings in the template's optional Mappings section and retrieve the desired
value using the FN::FindInMap function.

marker

See pagination token.

master node

A process running on an Amazon Machine Image (AMI) that keeps track of the work its
core and task nodes complete.

maximum price

The maximum price you will pay to launch one or more Spot Instances. If your maximum
price exceeds the current Spot price and your restrictions are met, Amazon EC2 launches
instances on your behalf.

maximum send rate

The maximum number of email messages that you can send per second using Amazon
SES.

mean reciprocal rank at 25

Amazon Personalize: An evaluation metric that assesses the relevance of a model’s
highest ranked recommendation. Amazon Personalize calculates this metric using the
average accuracy of the model when ranking the most relevant recommendation out of
the top 25 recommendations over all requests for recommendations.

A contraction of mega binary byte, a mebibyte is 2^20 or 1,048,576 bytes. A megabyte

(MB) is 10^6 or 1,000,000 bytes. 1,024 MiB is a gibibyte (GiB).

member resources

See resource.

message ID

Amazon Simple Email Service (Amazon SES): A unique identifier that's assigned to
every email message that's sent.

Amazon Simple Queue Service (Amazon SQS): The identifier returned when you send a
message to a queue.

metadata

Information about other data or objects. In Amazon Simple Storage Service (Amazon S3)
and Amazon EMR metadata takes the form of name–value pairs that describe the object.
These include default metadata such as the date last modified and standard HTTP
metadata (for example, Content-Type). Users can also specify custom metadata at the
time they store an object. In Amazon EC2 metadata includes data about an EC2 instance
that the instance can retrieve to determine things about itself, such as the instance type or
the IP address.

metric

An element of time-series data defined by a unique combination of exactly one

namespace, exactly one metric name, and between zero and ten dimensions. Metrics and
the statistics derived from them are the basis of Amazon CloudWatch.

metrics

Amazon Personalize: Evaluation data that Amazon Personalize generates when you train
a model. You use metrics to evaluate the performance of the model, view the effects of
modifying a solution’s configuration, and compare results between solutions that use the
same training data but were created with different recipes.

See multi-factor authentication (MFA).

micro instance

A type of EC2 instance that's more economical to use if you have occasional bursts of
high CPU activity.

MIME

See Multipurpose Internet Mail Extensions (MIME).

ML model

In machine learning (ML), a mathematical model that generates predictions by finding

patterns in data. Amazon Machine Learning supports three types of ML models: binary
classification, multiclass classification, and regression. Also known as a predictive model.

See Mail Transfer Agent (MTA).

Multi-AZ deployment

A primary DB instance that has a synchronous standby replica in a different Availability

Zone. The primary DB instance is synchronously replicated across Availability Zones to
the standby replica.
multiclass classification model

A machine learning model that predicts values that belong to a limited, pre-defined set of
permissible values. For example, "Is this product a book, movie, or clothing?"

multi-factor authentication (MFA)

An optional AWS account security feature. Once you enable AWS MFA, you must
provide a six-digit, single-use code in addition to your sign-in credentials whenever you
access secure AWS webpages or the AWS Management Console. You get this single-use
code from an authentication device that you keep in your physical possession.

An attribute with more than one value.

multipart upload

A feature that you can use to upload a single object as a set of parts.

Multipurpose Internet Mail Extensions (MIME)

An internet standard that extends the email protocol to include non-ASCII text and
nontext elements, such as attachments.

Multitool

A cascading application that provides a simple command-line interface for managing

large datasets.

Numbers and symbols | A | B | C | D | E | F | G | H | I | J | K | L | M | N | O | P | Q | R | S | T | U | V

| W | X, Y, Z

namespace

An abstract container that provides context for the items (names, or technical terms, or
words) it holds, and allows disambiguation of homonym items residing in different
namespaces.

NAT
Network address translation. A strategy of mapping one or more IP addresses to another
while data packets are in transit across a traffic routing device. This is commonly used to
restrict internet communication to private instances while allowing outgoing traffic.

Network Address Translation and Protocol Translation

(NAT-PT) An internet protocol standard defined in RFC 2766.

A processor that performs n-gram transformations.

NICE Desktop Cloud Visualization

A remote visualization technology for securely connecting users to graphic-intensive 3D

applications hosted on a remote, high-performance server.

node

Amazon Elasticsearch Service (Amazon ES): An Elasticsearch instance. A node can be

either a data instance or a dedicated master instance.

A property of AWS CloudFormation parameters that prevent the otherwise default

reporting of names and values of a template parameter. Declaring the NoEcho property
causes the parameter value to be masked with asterisks in the report by the cfn-
describe-stacks command.

normalized discounted cumulative gain (NCDG) at K (5/10/25)

Amazon Personalize: An evaluation metric that tells you about the relevance of your
model’s highly ranked recommendations, where K is a sample size of 5, 10, or 25
recommendations. Amazon Personalize calculates this by assigning weight to
recommendations based on their position in a ranked list, where each recommendation is
discounted (given a lower weight) by a factor dependent on its position. The normalized
discounted cumulative gain at K assumes that recommendations that are lower on a list
are less relevant than recommendations higher on the list.

Numbers and symbols | A | B | C | D | E | F | G | H | I | J | K | L | M | N | O | P | Q | R | S | T | U | V

| W | X, Y, Z

object

Amazon Simple Storage Service (Amazon S3): The fundamental entity type stored in
Amazon S3. Objects consist of object data and metadata. The data portion is opaque to
Amazon S3.

Amazon CloudFront: Any entity that can be served either over HTTP or a version of
RTMP.

observation

Amazon Machine Learning: A single instance of data that Amazon Machine Learning
(Amazon ML) uses to either train a machine learning model how to predict or to generate
a prediction. Each row in an Amazon ML input data file is an observation.

On-Demand Instance

An Amazon EC2 pricing option that charges you for compute capacity by the hour or
second (minimum of 60 seconds) with no long-term commitment.

operation

An API function. Also called an action.

optimistic locking

A strategy to ensure that an item that you want to update has not been modified by others
before you perform the update. For Amazon DynamoDB, optimistic locking support is
provided by the AWS SDKs.
organization

AWS Organizations: An entity that you create to consolidate and manage your AWS
accounts. An organization has one management account along with zero or more member
accounts.

organizational unit

AWS Organizations: A container for accounts within a root of an organization. An

organizational unit (OU) can contain other OUs.

origin access identity

Also called OAI. When using Amazon CloudFront to serve content with an Amazon S3
bucket as the origin, a virtual identity that you use to require users to access your content
through CloudFront URLs instead of Amazon S3 URLs. Usually used with CloudFront
private content.

origin server

The Amazon S3 bucket or custom origin containing the definitive original version of the
content you deliver through CloudFront.

original environment

The instances in a deployment group at the start of an CodeDeploy blue/green

deployment.

OSB transformation

Orthogonal sparse bigram transformation. In machine learning, a transformation that aids

in text string analysis and that's an alternative to the n-gram transformation. OSB
transformations are generated by sliding the window of size n words over the text, and
outputting every pair of words that includes the first word in the window.

See organizational unit.

output location

Amazon Machine Learning: An Amazon S3 location where the results of a batch

prediction are stored.
P

Numbers and symbols | A | B | C | D | E | F | G | H | I | J | K | L | M | N | O | P | Q | R | S | T | U | V

| W | X, Y, Z

pagination

The process of responding to an API request by returning a large list of records in small
separate parts. Pagination can occur in the following situations:

• The client sets the maximum number of returned records to a value below the
total number of records.
• The service has a default maximum number of returned records that's lower than
the total number of records.

When an API response is paginated, the service sends a subset of the large list of records
and a pagination token that indicates that more records are available. The client includes
this pagination token in a subsequent API request, and the service responds with the next
subset of records. This continues until the service responds with a subset of records and
no pagination token, indicating that all records have been sent.

pagination token

A marker that indicates that an API response contains a subset of a larger list of records.
The client can return this marker in a subsequent API request to retrieve the next subset
of records until the service responds with a subset of records and no pagination token,
indicating that all records have been sent.

A contiguous portion of the object's data in a multipart upload request.

partition key

A simple primary key, composed of one attribute (also known as a hash attribute).
See also partition key.

Port address translation.

pebibyte (PiB)

A contraction of peta binary byte, a pebibyte is 2^50 or 1,125,899,906,842,624 bytes. A

petabyte (PB) is 10^15 or 1,000,000,000,000,000 bytes. 1,024 PiB is an exbibyte (EiB).

period

See sampling period.

permission

A statement within a policy that allows or denies access to a particular resource. You can
state any permission in the following way: "A has permission to do B to C." For example,
Jane (A) has permission to read messages (B) from John's Amazon SQS queue (C).
Whenever Jane sends a request to Amazon SQS to use John's queue, the service checks to
see if she has permission. It further checks to see if the request satisfies the conditions
John set forth in the permission.

persistent storage

A data storage solution where the data remains intact until it's deleted. Options within
AWS include: Amazon S3, Amazon RDS, Amazon DynamoDB, and other services.

PERSONALIZED_RANKING recipes

Amazon Personalize: Recipes that provide item recommendations in ranked order based
on the predicted interest for a user.

Information that has not been encrypted, as opposed to ciphertext.

policy

IAM: A document defining permissions that apply to a user, group, or role; the
permissions in turn determine what users can do in AWS. A policy typically allows
access to specific actions, and can optionally grant that the actions are allowed for
specific resources, such as EC2 instances or Amazon S3 buckets. Policies can also
explicitly deny access.

Amazon EC2 Auto Scaling: An object that stores the information needed to launch or
terminate instances for an Auto Scaling group. Running the policy causes instances to be
launched or terminated. You can configure an alarm to invoke an Auto Scaling policy.

policy generator

A tool in the IAM AWS Management Console that helps you build a policy by selecting
elements from lists of available options.

policy simulator

A tool in the IAM AWS Management Console that helps you test and troubleshoot
policies so you can see their effects in real-world scenarios.
policy validator

A tool in the IAM AWS Management Console that examines your existing IAM access
control policies to ensure that they comply with the IAM policy grammar.

popularity-count recipe

Amazon Personalize: A USER_PERSONALIZATION recipe that recommends the items

that have had the most interactions with unique users.

See job prefix.

Premium Support

A one-on-one, fast-response support channel that AWS customers can subscribe to for
support for AWS infrastructure services.

A web address that uses query string authentication.

primary key
One or two attributes that uniquely identify each item in a Amazon DynamoDB table, so
that no two items can have the same key.

A VPC subnet whose instances can't be reached from the internet.

product code

An identifier provided by AWS when you submit a product to AWS Marketplace.

properties

See resource property.

property rule
A JSON-compliant markup standard for declaring properties, mappings, and output
values in an AWS CloudFormation template.

Provisioned IOPS

A storage option designed to deliver fast, predictable, and consistent I/O performance.
When you specify an IOPS rate while creating a DB instance, Amazon RDS provisions
that IOPS rate for the lifetime of the DB instance.

pseudo parameter

A predefined setting (for example, AWS:StackName) that can be used in AWS

CloudFormation templates without having to declare them. You can use pseudo
parameters anywhere you can use a regular parameter.

public AMI

An Amazon Machine Image (AMI) that all AWS accounts have permission to launch.

public dataset

A large collection of public information that can be seamlessly integrated into

applications that are based in the AWS Cloud. Amazon stores public datasets at no
charge to the community and, similar to other AWS services, users pay only for the
compute and storage they use for their own applications. These datasets currently include
data from the Human Genome Project, the US Census, Wikipedia, and other sources.

A subnet whose instances can be reached from the internet.

PV virtualization
Paravirtual virtualization. Allows guest VMs to run on host systems that don't have
special support extensions for full hardware and CPU virtualization. Because PV guests
run a modified operating system that doesn't use hardware emulation, they can't provide
hardware-related features, such as enhanced networking or GPU support.

Numbers and symbols | A | B | C | D | E | F | G | H | I | J | K | L | M | N | O | P | Q | R | S | T | U | V

| W | X, Y, Z

quartile binning transformation

Amazon Machine Learning: A process that takes two inputs, a numerical variable and a
parameter called a bin number, and outputs a categorical variable. Quartile binning
transformations discover non-linearity in a variable's distribution by enabling the
machine learning model to learn separate importance values for parts of the numeric
variable’s distribution.

Query

A type of web service that generally uses only the GET or POST HTTP method and a
query string with parameters in the URL.

query string authentication

An AWS feature that you can use to place the authentication information in the HTTP
request query string instead of in the Authorization header, which provides URL-based
access to objects in a bucket.

queue

A sequence of messages or jobs that are held in temporary storage awaiting transmission
or processing.

queue URL

A web address that uniquely identifies a queue.

quota

The maximum value for your resources, actions, and items in your AWS account
R

Numbers and symbols | A | B | C | D | E | F | G | H | I | J | K | L | M | N | O | P | Q | R | S | T | U | V

| W | X, Y, Z

range GET

A request that specifies a byte range of data to get for a download. If an object is large,
you can break up a download into smaller units by sending multiple range GET requests
that each specify a different byte range to GET.

raw email

A type of sendmail request with which you can specify the email headers and MIME
types.

RDS

See Amazon Relational Database Service (Amazon RDS).

read replica

Amazon RDS: An active copy of another DB instance. Any updates to the data on the
source DB instance are replicated to the read replica DB instance using the built-in
replication feature of MySQL 5.1.

real-time predictions

Amazon Machine Learning: Synchronously generated predictions for individual data

observations.

Amazon Personalize: An Amazon Personalize algorithm that's preconfigured to predict

the items that a user will interact with (for USER_PERSONALIZATION recipes), or
calculate items that are similar to specific items that a user has shown interest in (for
RELATED_ITEMS recipes), or rank a collection of items that you provide based on the
predicted interest for a specific user (for PERSONALIZED_RANKING recipes).

Amazon Machine Learning: Preformatted instructions for common data transformations

that fine-tune machine learning model performance.

regression model

A type of machine learning model that predicts a numeric value, such as the exact
purchase price of a house.

regularization

A machine learning (ML) parameter that you can tune to obtain higher-quality ML
models. Regularization helps prevent ML models from memorizing training data
examples instead of learning how to generalize the patterns it sees (called overfitting).
When training data is overfitted, the ML model performs well on the training data, but
doesn't perform well on the evaluation data or on new data.

RELATED_ITEMS recipes

Amazon PersonalizeRecipes that recommend items that are similar to a specified item,
such as the item-to-item (SIMS) recipe.

The instances in a deployment group after the CodeDeploy blue/green deployment.

replica shard

See shard.

reply path

The email address that an email reply is sent to. This is different from the return path.

representational state transfer

See REST.

reputation

1. An Amazon SES metric, based on factors that might include bounces, complaints, and
other metrics, regarding whether or not a customer is sending high-quality email.

2. A measure of confidence, as judged by an internet service provider (ISP) or other

entity that an IP address that they are receiving email from isn't the source of spam.

requester

The person (or application) that sends a request to AWS to perform a specific action.
When AWS receives a request, it first evaluates the requester's permissions to determine
whether the requester is allowed to perform the request action (if applicable, for the
requested resource).

Requester Pays

An Amazon S3 feature that allows a bucket owner to specify that anyone who requests
access to objects in a particular bucket must pay the data transfer and request costs.

reservation

A collection of EC2 instances started as part of the same launch request. Not to be
confused with a Reserved Instance.

Reserved Instance

A pricing option for EC2 instances that discounts the on-demand usage charge for
instances that meet the specified parameters. Customers pay for the entire term of the
instance, regardless of how they use it.

Reserved Instance Marketplace

An online exchange that matches sellers who have reserved capacity that they no longer
need with buyers who are looking to purchase additional capacity. Reserved Instances
that you purchase from third-party sellers have less than a full standard term remaining
and can be sold at different upfront prices. The usage or reoccurring fees remain the same
as the fees set when the Reserved Instances were originally purchased. Full standard
terms for Reserved Instances available from AWS run for one year or three years.

resource

An entity that users can work with in AWS, such as an EC2 instance, an Amazon
DynamoDB table, an Amazon S3 bucket, an IAM user, or an AWS OpsWorks stack.
resource property

A value required when including an AWS resource in an AWS CloudFormation stack.

Each resource can have one or more properties associated with it. For example, an
AWS::EC2::Instance resource might have a UserData property. In an AWS
CloudFormation template, resources must declare a properties section, even if the
resource has no properties.

resource record

Also called resource record set. The fundamental information elements in the Domain
Name System (DNS).

RESTful web service

Also known as RESTful API. A web service that follows REST architectural constraints.
The API operations must use HTTP methods explicitly; expose hierarchical URIs; and
transfer either XML, JSON, or both.

return enabled

Amazon CloudSearch: An index field option that enables the field's values to be returned
in the search results.

return path

The email address that bounced email is returned to. The return path is specified in the
header of the original email. This is different from the reply path.
revision

AWS CodePipeline: A change made to a source that's configured in a source action, such
as a pushed commit to a GitHub repository or an update to a file in a versioned Amazon
S3 bucket.

role

A tool for giving temporary access to AWS resources in your AWS account.

rollback

A return to a previous state that follows the failure to create an object, such as AWS
CloudFormation stack. All resources associated with the failure are deleted during the
rollback. For AWS CloudFormation, you can override this behavior using the --
disable-rollback option on the command line.

root

AWS Organizations: A parent container for the accounts in your organization. If you
apply a service control policy to the root, it applies to every organizational unit and
account in the organization.

root credentials

Authentication information associated with the AWS account owner.

root device volume

A volume that contains the image used to boot the instance (also known as a root device).
If you launched the instance from an AMI backed by instance store, this is an instance
store volume created from a template stored in Amazon S3. If you launched the instance
from an AMI backed by Amazon EBS, this is an Amazon EBS volume created from an
Amazon EBS snapshot.

route table

A set of routing rules that controls the traffic leaving any subnet that's associated with the
route table. You can associate multiple subnets with a single route table, but a subnet can
be associated with only one route table at a time.

row identifier

Amazon Machine Learning: An attribute in the input data that you can include in the
evaluation or prediction output to make it easier to associate a prediction with an
observation.
rule

AWS WAF: A set of conditions that AWS WAF searches for in web requests to AWS
resources such as Amazon CloudFront distributions. You add rules to a web ACL, and
then specify whether you want to allow or block web requests based on each rule.

Numbers and symbols | A | B | C | D | E | F | G | H | I | J | K | L | M | N | O | P | Q | R | S | T | U | V

| W | X, Y, Z

See Amazon Simple Storage Service (Amazon S3).

sampling period

A defined duration of time, such as one minute, which Amazon CloudWatch computes a
statistic over.

sandbox

A testing location where you can test the functionality of your application without
affecting production, incurring charges, or purchasing products.

Amazon SES: An environment that's designed for developers to test and evaluate the
service. In the sandbox, you have full access to the Amazon SES API, but you can only
send messages to verified email addresses and the mailbox simulator. To get out of the
sandbox, you need to apply for production access. Accounts in the sandbox also have
lower sending limits than production accounts.

scale in

To remove EC2 instances from an Auto Scaling group.

scale out

To add EC2 instances to an Auto Scaling group.

scaling policy

A description of how Auto Scaling should automatically scale an Auto Scaling group in
response to changing demand.

The method used for placing tasks on container instances.

schema

Amazon Machine Learning: The information needed to interpret the input data for a
machine learning model, including attribute names and their assigned data types, and the
names of special attributes.

score cut-off value

Amazon Machine Learning: A binary classification model outputs a score that ranges
from 0 to 1. To decide whether an observation should be classified as 1 or 0, you pick a
classification threshold, or cut-off, and Amazon ML compares the score against it.
Observations with scores higher than the cut-off are predicted as target equals 1, and
scores lower than the cut-off are predicted as target equals 0.

SCP

See service control policy.

search API

Amazon CloudSearch: The API that you use to submit search requests to a search
domain.

search domain

Amazon CloudSearch: Encapsulates your searchable data and the search instances that
handle your search requests. You typically set up a separate Amazon CloudSearch
domain for each different collection of data that you want to search.

search domain configuration

Amazon CloudSearch: A domain's indexing options, analysis schemes, expressions,

suggesters, access policies, and scaling and availability options.

search enabled
Amazon CloudSearch: An index field option that enables the field data to be searched.

search endpoint

Amazon CloudSearch: The URL that you connect to when sending search requests to a
search domain. Each Amazon CloudSearch domain has a unique search endpoint that
remains the same for the life of the domain.

search index

Amazon CloudSearch: A representation of your searchable data that facilitates fast and
accurate data retrieval.

search instance

Amazon CloudSearch: A compute resource that indexes your data and processes search
requests. An Amazon CloudSearch domain has one or more search instances, each with a
finite amount of RAM and CPU resources. As your data volume grows, more search
instances or larger search instances are deployed to contain your indexed data. When
necessary, your index is automatically partitioned across multiple search instances. As
your request volume or complexity increases, each search partition is automatically
replicated to provide additional processing capacity.

search request

Amazon CloudSearch: A request that's sent to an Amazon CloudSearch domain's search

endpoint to retrieve documents from the index that match particular search criteria.

search result

Amazon CloudSearch: A document that matches a search request. Also referred to as a

search hit.

secret access key

A key that's used in conjunction with the access key ID to cryptographically sign
programmatic AWS requests. Signing a request identifies the sender and prevents the
request from being altered. You can generate secret access keys for your AWS account,
individual IAM users, and temporary sessions.

security group

A named set of allowed inbound network connections for an instance. (Security groups in
Amazon VPC also include support for outbound connections.) Each security group
consists of a list of protocols, ports, and IP address ranges. A security group can apply to
multiple instances, and multiple groups can regulate a single instance.
sender

The person or entity sending an email message.

Sender ID

A Microsoft-controlled version of SPF. An email authentication and anti-spoofing

system. For more information about Sender ID, see Sender ID

in Wikipedia.

sending limits

The sending quota and maximum send rate that are associated with every Amazon SES
account.

sending quota

The maximum number of email messages that you can send using Amazon SES in a 24-
hour period.

server-side encryption (SSE)

The encrypting of data at the server level. Amazon S3 supports three modes of server-
side encryption: SSE-S3, where Amazon S3 manages the keys; SSE-C, where the
customer manages the keys; and SSE-KMS, where AWS Key Management Service
(AWS KMS) manages keys.

service control policy

AWS Organizations: A policy-based control that specifies the services and actions that
users and roles can use in the accounts that the service control policy (SCP) affects.

service endpoint

See endpoint.

service health dashboard

A webpage showing up-to-the-minute information about AWS service availability. The

dashboard is located at http://status.aws.amazon.com/

Service Quotas
A service for viewing and managing your quotas easily and at scale as your AWS
workloads grow. Quotas, also referred to as limits, are the maximum number of resources
that you can create in an AWS account.

service role

An IAM role that grants permissions to an AWS service so it can access AWS resources.
The policies that you attach to the service role determine which AWS resources the
service can access and what it can do with those resources.

SES

See Amazon Simple Email Service (Amazon SES).

session

The period when the temporary security credentials provided by AWS Security Token
Service (AWS STS) allow access to your AWS account.

SHA

Secure Hash Algorithm. SHA1 is an earlier version of the algorithm, which AWS has
replaced with SHA256.

shard

Amazon Elasticsearch Service (Amazon ES): A partition of data in an index. You can
split an index into multiple shards, which can include primary shards (original shards)
and replica shards (copies of the primary shards). Replica shards provide failover, which
means that a replica shard is promoted to a primary shard if a cluster node that contains a
primary shard fails. Replica shards also can handle requests.

shared AMI

An Amazon Machine Image (AMI) that a developer builds and makes available for
others to use.

shutdown action

Amazon EMR: A predefined bootstrap action that launches a script that runs a series of
commands in parallel before terminating the job flow.

signature
Refers to a digital signature, which is a mathematical way to confirm the authenticity of a
digital message. AWS uses signatures to authenticate the requests you send to our web
services. For more information, to https://aws.amazon.com/security

SIGNATURE file

AWS Import/Export: A file you copy to the root directory of your storage device. The file
contains a job ID, manifest file, and a signature.

Signature Version 4

Protocol for authenticating inbound API requests to AWS services in all AWS Regions.

Simple Mail Transfer Protocol

See SMTP.

Simple Object Access Protocol

See SOAP.

Simple Storage Service

See Amazon Simple Storage Service (Amazon S3).

SIMS recipe

See item-to-item similarities (SIMS) recipe.

Single Sign-On

See AWS Single Sign-On.

Single-AZ DB instance

A standard (non-Multi-AZ) DB instance that's deployed in one Availability Zone,

without a standby replica in another Availability Zone.

sloppy phrase search

A search for a phrase that specifies how close the terms must be to one another to be
considered a match.
SMTP

Simple Mail Transfer Protocol. The standard that's used to exchange email messages
between internet hosts for the purpose of routing and delivery.

snapshot

Amazon Elastic Block Store (Amazon EBS): A backup of your volumes that's stored in
Amazon S3. You can use these snapshots as the starting point for new Amazon EBS
volumes or to protect your data for long-term durability.

See Amazon Simple Notification Service (Amazon SNS).

SOAP

Simple Object Access Protocol. An XML-based protocol that you can use to exchange
information over a particular protocol (for example, HTTP or SMTP) between
applications.

A software appliance-based VPN connection over the internet.

solution

Amazon Personalize: The recipe, customized parameters, and trained models (solution
versions) that can be used to generate recommendations.

Unsolicited bulk email.

spamtrap

An email address that's set up by an anti-spam entity, not for correspondence, but to
monitor unsolicited email. This is also called a honeypot.

SPF

Sender Policy Framework. A standard for authenticating email.

Spot Instance

A type of EC2 instance that you can bid on to take advantage of unused Amazon EC2
capacity.

Spot price

The price for a Spot Instance at any given time. If your maximum price exceeds the
current price and your restrictions are met, Amazon EC2 launches instances on your
behalf.

SQL injection match condition

AWS WAF: An attribute that specifies the part of web requests (such as a header or a
query string) that AWS WAF inspects for malicious SQL code. Based on the specified
conditions, you can configure AWS WAF to allow or block web requests to an AWS
resource, such as an Amazon CloudFront distribution.

SQS

See Amazon Simple Queue Service (Amazon SQS).

SSE

See server-side encryption (SSE).

SSL

Secure Sockets Layer

See AWS Single Sign-On.

stack

AWS CloudFormation: A collection of AWS resources that you create and delete as a
single unit.

AWS OpsWorks: A set of instances that you manage collectively, typically because they
have a common purpose such as serving PHP applications. A stack serves as a container
and handles tasks that apply to the group of instances as a whole, such as managing
applications and cookbooks.
station

AWS CodePipeline: A portion of a pipeline workflow where one or more actions are
performed.

station

A place at an AWS facility where your AWS Import/Export data is transferred on to, or
off of, your storage device.

statistic

One of five functions of the values submitted for a given sampling period. These
functions are Maximum, Minimum, Sum, Average, and SampleCount.

stem

The common root or substring shared by a set of related words.

stemming

The process of mapping related words to a common stem. This enables matching on
variants of a word. For example, a search for "horse" could return matches for horses,
horseback, and horsing, as well as horse. Amazon CloudSearch supports both dictionary
based and algorithmic stemming.

step

Amazon EMR: A single function applied to the data in a job flow. The sum of all steps
comprises a job flow.

step type

Amazon EMR: The type of work done in a step. There are a limited number of step types,
such as moving data from Amazon S3 to Amazon EC2 or from Amazon EC2 to Amazon
S3.

sticky session

A feature of the Elastic Load Balancing load balancer that binds a user's session to a
specific application instance so that all requests coming from the user during the session
are sent to the same application instance. By contrast, a load balancer defaults to route
each request independently to the application instance with the smallest load.

stopping
The process of filtering stop words from an index or search request.

stopword

A word that isn't indexed and is automatically filtered out of search requests because it's
either insignificant or so common that including it would result in too many matches to
be useful. Stopwords are language specific.

streaming

Amazon EMR: A utility that comes with Hadoop that you can use to develop MapReduce
executables in languages other than Java.

Amazon CloudFront: The ability to use a media file in real time—as it's transmitted in a
steady stream from a server.

streaming distribution

A special kind of distribution that serves streamed media files using a Real Time
Messaging Protocol (RTMP) connection.

Streams

See Amazon Kinesis Data Streams.

string-to-sign

Before you calculate an HMAC signature, you first assemble the required components in
a canonical order. The preencrypted string is the string-to-sign.

string match condition

AWS WAF: An attribute that specifies the strings that AWS WAF searches for in a web
request, such as a value in a header or a query string. Based on the specified strings, you
can configure AWS WAF to allow or block web requests to an AWS resource, such as a
CloudFront distribution.

strongly consistent read

A read process that returns a response with the most up-to-date data, reflecting the
updates from all prior write operations that were successful—regardless of the Region.

See AWS Security Token Service (AWS STS).

subnet

A segment of the IP address range of a VPC that an EC2 instance can be attached to. You
can create subnets to group instances according to security and operational needs.

Subscription button

An HTML-coded button that provides an easy way to charge customers a recurring fee.

suggester

Amazon CloudSearch: Specifies an index field for getting autocomplete suggestions and
options that can enable fuzzy matches and control how suggestions are sorted.

suggestions

Documents that contain a match for the partial search string in the field designated by the
suggester. Amazon CloudSearch suggestions include the document IDs and field values
for each matching document. To be a match, the string must match the contents of the
field starting from the beginning of the field.

supported AMI

An Amazon Machine Image (AMI) similar to a paid AMI, except that the owner charges
for additional software or a service that customers use with their own AMIs.

SWF

See Amazon Simple Workflow Service (Amazon SWF).

symmetric encryption

Encryption that uses a private key only.

Numbers and symbols | A | B | C | D | E | F | G | H | I | J | K | L | M | N | O | P | Q | R | S | T | U | V

| W | X, Y, Z

table

A collection of data. Similar to other database systems, DynamoDB stores data in tables.

tag

Metadata that you can define and assign to AWS resources, such as an EC2 instance. Not
all AWS resources can be tagged.

tagging

Tagging resources: Applying a tag to an AWS resource.

Amazon SES: Also called labeling. A way to format return path email addresses so that
you can specify a different return path for each recipient of a message. You can use
tagging to support VERP. For example, if Andrew manages a mailing list, he can use the
return paths [email protected] and [email protected] so
that he can determine which email bounced.

target attribute

Amazon Machine Learning (Amazon ML ): The attribute in the input data that contains
the “correct” answers. Amazon ML uses the target attribute to learn how to make
predictions on new data. For example, if you were building a model for predicting the
sale price of a house, the target attribute would be “target sale price in USD.”

target revision
AWS CodeDeploy: The most recent version of the application revision that has been
uploaded to the repository and will be deployed to the instances in a deployment group.
In other words, the application revision currently targeted for deployment. This is also the
revision that will be pulled for automatic deployments.

task

An instantiation of a task definition that's running on a container instance.

task definition

The blueprint for your task. Specifies the name of the task, revisions, container
definitions, and volume information.

task node

An EC2 instance that runs Hadoop map and reduce tasks, but doesn't store data. Task
nodes are managed by the master node, which assigns Hadoop tasks to nodes and
monitors their status. While a job flow is running you can increase and decrease the
number of task nodes. Because they don't store data and can be added and removed from
a job flow, you can use task nodes to manage the EC2 instance capacity your job flow
uses, increasing capacity to handle peak loads and decreasing it later.

Task nodes only run a TaskTracker Hadoop daemon.

tebibyte (TiB)

A contraction of tera binary byte, a tebibyte is 2^40 or 1,099,511,627,776 bytes. A

terabyte (TB) is 10^12 or 1,000,000,000,000 bytes. 1,024 TiB is a pebibyte (PiB).

template format version

The version of an AWS CloudFormation template design that determines the available
features. If you omit the AWSTemplateFormatVersion section from your template, AWS
CloudFormation assumes the most recent format version.

template validation

The process of confirming the use of JSON code in an AWS CloudFormation template.
You can validate any AWS CloudFormation template using the cfn-validate-
template command.

temporary security credentials

Authentication information that's provided by AWS STS when you call an STS API
action. Includes an access key ID, a secret access key, a session token, and an expiration
time.

throttling

The automatic restricting or slowing down of a process based on one or more limits.
Examples: Amazon Kinesis Data Streams throttles operations if an application (or group
of applications operating on the same stream) attempts to get data from a shard at a rate
faster than the shard limit. Amazon API Gateway uses throttling to limit the steady-state
request rates for a single account. Amazon SES uses throttling to reject attempts to send
email that exceeds the sending limits.

time-series data

Data provided as part of a metric. The time value is assumed to be when the value
occurred. A metric is the fundamental concept for Amazon CloudWatch and represents a
time-ordered set of data points. You publish metric data points into CloudWatch and later
retrieve statistics about those data points as a time-series ordered dataset.

timestamp

A date/time string in ISO 8601 format.

TLS

See Transport Layer Security (TLS).

tokenization

The process of splitting a stream of text into separate tokens on detectable boundaries
such as white space and hyphens.

topic

A communication channel to send messages and subscribe to notifications. It provides an

access point for publishers and subscribers to communicate with each other.

Traffic Mirroring

An Amazon VPC feature that you can use to copy network traffic from an elastic network
interface of Amazon EC2 instances, and then send it to out-of-band security and
monitoring appliances for content inspection, threat monitoring, and troubleshooting.

Transport Layer Security (TLS)

A cryptographic protocol that provides security for communication over the internet. Its
predecessor is Secure Sockets Layer (SSL).

trust policy

An IAM policy that's an inherent part of an IAM role. The trust policy specifies which
principals are allowed to use the role.

trusted key groups

Amazon CloudFront key groups whose public keys CloudFront can use to verify the
signatures of CloudFront signed URLs and signed cookies.

trusted signers

See trusted key groups.

tuning

Selecting the number and type of AMIs to run a Hadoop job flow most efficiently.

tunnel

A route for transmission of private network traffic that uses the internet to connect nodes
in the private network. The tunnel uses encryption and secure protocols such as PPTP to
prevent the traffic from being intercepted as it passes through public routing nodes.

Numbers and symbols | A | B | C | D | E | F | G | H | I | J | K | L | M | N | O | P | Q | R | S | T | U | V

| W | X, Y, Z
unbounded

The number of potential occurrences isn't limited by a set number. This value is often
used when defining a data type that's a list (for example, maxOccurs="unbounded"), in
WSDL.

unit

Standard measurement for the values submitted to Amazon CloudWatch as metric data.
Units include seconds, percent, bytes, bits, count, bytes/second, bits/second,
count/second, and none.

unlink from VPC

The process of unlinking (or detaching) an EC2-Classic instance from a ClassicLink-

enabled VPC.

Numbers and symbols | A | B | C | D | E | F | G | H | I | J | K | L | M | N | O | P | Q | R | S | T | U | V

| W | X, Y, Z

validation

See template validation.

value

Instances of attributes for an item, such as cells in a spreadsheet. An attribute might have
multiple values.

Tagging resources: A specific tag label that acts as a descriptor within a tag category
(key). For example, you might have EC2 instance with the tag key of Owner and the tag
value of Jan. You can tag an AWS resource with up to 10 key–value pairs. Not all AWS
resources can be tagged.

Variable Envelope Return Path

See VERP.

verification

The process of confirming that you own an email address or a domain so that you can
send email from or to it.

VERP

Variable Envelope Return Path. A way that email-sending applications can match
bounced email with the undeliverable address that caused the bounce by using a different
return path for each recipient. VERP is typically used for mailing lists. With VERP, the
recipient's email address is embedded in the address of the return path, which is where
bounced email is returned. This makes it possible to automate the processing of bounced
email without having to open the bounce messages, which might vary in content.

versioning

Every object in Amazon S3 has a key and a version ID. Objects with the same key, but
different version IDs can be stored in the same bucket. Versioning is enabled at the
bucket layer using PUT Bucket versioning.

VGW

See virtual private gateway (VGW).

virtualization

Allows multiple guest virtual machines (VM) to run on a host operating system. Guest
VMs can run on one or more levels above the host hardware, depending on the type of
virtualization.

virtual private cloud

See VPC.

virtual private gateway (VGW)

The Amazon side of a VPN connection that maintains connectivity. The internal
interfaces of the virtual private gateway connect to your VPC through the VPN
attachment. The external interfaces connect to the VPN connection, which leads to the
customer gateway.

visibility timeout

The period of time that a message is invisible to the rest of your application after an
application component gets it from the queue. During the visibility timeout, the
component that received the message usually processes it, and then deletes it from the
queue. This prevents multiple components from processing the same message.

VM Import/Export

A service for importing virtual machine (VM) images from your existing virtualization
environment to Amazon EC2 and then exporting them back.

Virtual private cloud. An elastic network populated by infrastructure, platform, and

application services that share common security and interconnection.

VPC endpoint

A feature that you can use to create a private connection between your VPC and another
AWS service without requiring access over the internet, through a NAT instance, a VPN
connection, or AWS Direct Connect.

VPG

See virtual private gateway (VGW).

VPN CloudHub

See AWS VPN CloudHub.

VPN connection

Amazon Web Services (AWS): The IPsec connection between a VPC and some other
network, such as a corporate data center, home network, or colocation facility.

Numbers and symbols | A | B | C | D | E | F | G | H | I | J | K | L | M | N | O | P | Q | R | S | T | U | V

| W | X, Y, Z

WAM

See Amazon WorkSpaces Application Manager (Amazon WAM).

web access control list (web ACL)

AWS WAF: A set of rules that defines the conditions that AWS WAF searches for in
web requests to an AWS resource, such as a Amazon CloudFront distribution. A web
access control list (web ACL) specifies whether to allow, block, or count the requests.

Web Services Description Language

See WSDL.

WSDL

Web Services Description Language. A language used to describe the actions that a web
service can perform, along with the syntax of action requests and responses.

A contraction of yotta binary byte, a yobibyte is 2^80 or

1,208,925,819,614,629,174,706,176 bytes. A yottabyte (YB) is 10^24 or
1,000,000,000,000,000,000,000,000 bytes.
zebibyte (ZiB)

A contraction of zetta binary byte, a zebibyte is 2^70 or 1,180,591,620,717,411,303,424

bytes. A zettabyte (ZB) is 10^21 or 1,000,000,000,000,000,000,000 bytes. 1,024 ZiB is a
yobibyte (YiB).

zone awareness

Amazon Elasticsearch Service (Amazon ES): A configuration that distributes nodes in a

cluster across two Availability Zones in the same Region. Zone awareness helps to
prevent data loss and minimizes downtime in the event of node and data center failure. If
you enable zone awareness, you must have an even number of data instances in the
instance count, and you also must use the Amazon Elasticsearch Service Configuration
API to replicate your data for your Elasticsearch cluster.

Coconut VA Resume Template
50% (2)
Coconut VA Resume Template
2 pages
The Essential Husserl by Dann Welton
93% (14)
The Essential Husserl by Dann Welton
444 pages
M6 - Compute
100% (1)
M6 - Compute
89 pages
Rock of Ages Maunder Solfa
No ratings yet
Rock of Ages Maunder Solfa
1 page
Case Study Amazon Ec2
No ratings yet
Case Study Amazon Ec2
4 pages
Intro To AWS Security
0% (1)
Intro To AWS Security
12 pages
Fundamental Cloud Concepts - Guided Notes - Completed
No ratings yet
Fundamental Cloud Concepts - Guided Notes - Completed
24 pages
AWS Glossary PDF
No ratings yet
AWS Glossary PDF
29 pages
Slides Setting Up Secure, Well-Governed Machine Learning Environments On AWS
No ratings yet
Slides Setting Up Secure, Well-Governed Machine Learning Environments On AWS
39 pages
Core AWS Services
No ratings yet
Core AWS Services
36 pages
Aws Glossary
No ratings yet
Aws Glossary
184 pages
AWS in ACTION Part -1: Real-world Solutions for Cloud Professionals
From Everand
AWS in ACTION Part -1: Real-world Solutions for Cloud Professionals
Poonam Devi
No ratings yet
AWS SysOps Administrator Associate: From basic to advanced
From Everand
AWS SysOps Administrator Associate: From basic to advanced
Alex Carvalho
No ratings yet
AWS Certified Solutions Architect – Professional Exam Guide (SAP-C02): Gain the practical skills, knowledge, and confidence to ace the AWS (SAP-C02) exam on your first attempt
From Everand
AWS Certified Solutions Architect – Professional Exam Guide (SAP-C02): Gain the practical skills, knowledge, and confidence to ace the AWS (SAP-C02) exam on your first attempt
Patrick Sard
No ratings yet
AWS Fully Loaded: Mastering Amazon Web Services for Complete Cloud Solutions
From Everand
AWS Fully Loaded: Mastering Amazon Web Services for Complete Cloud Solutions
Kameron Hussain
No ratings yet
3.amazon EBS PDF
No ratings yet
3.amazon EBS PDF
17 pages
FortiOS 7.0 AWS Administration Guide
No ratings yet
FortiOS 7.0 AWS Administration Guide
185 pages
EC2 Forensics & Incident Response
No ratings yet
EC2 Forensics & Incident Response
6 pages
AWS S3 Quizet
No ratings yet
AWS S3 Quizet
51 pages
Durability & Availability: Durability Can Be Described As The Probability That You Will Eventually Be
No ratings yet
Durability & Availability: Durability Can Be Described As The Probability That You Will Eventually Be
12 pages
Key ID & Secret Access Keys When First Created. These Are Used To Access AWS Via
No ratings yet
Key ID & Secret Access Keys When First Created. These Are Used To Access AWS Via
20 pages
04) EC2 Instance
No ratings yet
04) EC2 Instance
81 pages
Organizations Userguide
No ratings yet
Organizations Userguide
329 pages
Ultimate Microsoft Intune for Administrators: Master Enterprise Endpoint Security and Manage Devices, Apps, and Cloud Security with Expert Microsoft Intune Strategies (English Edition)
From Everand
Ultimate Microsoft Intune for Administrators: Master Enterprise Endpoint Security and Manage Devices, Apps, and Cloud Security with Expert Microsoft Intune Strategies (English Edition)
Paul Winstanley
No ratings yet
Ec2 Ug PDF
No ratings yet
Ec2 Ug PDF
722 pages
Amazon Cloudfront Overview: Tal Saraf General Manager Amazon Cloudfront and Route 53
No ratings yet
Amazon Cloudfront Overview: Tal Saraf General Manager Amazon Cloudfront and Route 53
40 pages
Aws Concepts Power Point Slides 1474487901
No ratings yet
Aws Concepts Power Point Slides 1474487901
130 pages
Daily Tasks in Oracle RDS
No ratings yet
Daily Tasks in Oracle RDS
17 pages
AWS Quick Start - AWS Purpose-Built Database Strategy - Final
No ratings yet
AWS Quick Start - AWS Purpose-Built Database Strategy - Final
32 pages
General S3 FAQs
No ratings yet
General S3 FAQs
45 pages
AWS SME Questions
No ratings yet
AWS SME Questions
8 pages
AWS All Questions
No ratings yet
AWS All Questions
65 pages
Aws SMS
No ratings yet
Aws SMS
34 pages
5 AWS Database Services 19-08-2024
No ratings yet
5 AWS Database Services 19-08-2024
21 pages
Aws Iam
No ratings yet
Aws Iam
18 pages
Website On AWS
No ratings yet
Website On AWS
20 pages
Program: B.Tech - Specialization Course Code: CSCN2020 Course Name: Ethical Hacking
No ratings yet
Program: B.Tech - Specialization Course Code: CSCN2020 Course Name: Ethical Hacking
50 pages
Architecture For Assignment 2 PDF
No ratings yet
Architecture For Assignment 2 PDF
4 pages
Dynamodb DG
No ratings yet
Dynamodb DG
1,383 pages
Aws 2
No ratings yet
Aws 2
28 pages
AWS Overview Presentation
No ratings yet
AWS Overview Presentation
20 pages
5877 2021344925 CSE-F Group-1 AkashGandhar
No ratings yet
5877 2021344925 CSE-F Group-1 AkashGandhar
17 pages
Cloud AWS: Yuwono Marta Dinata - OS
No ratings yet
Cloud AWS: Yuwono Marta Dinata - OS
55 pages
7.simple Storage Service (S3) PDF
No ratings yet
7.simple Storage Service (S3) PDF
27 pages
Module 8 - Database Services
No ratings yet
Module 8 - Database Services
33 pages
2 AWS Services
No ratings yet
2 AWS Services
21 pages
Zabbix
No ratings yet
Zabbix
45 pages
General: Permissions Federated Users
No ratings yet
General: Permissions Federated Users
24 pages
AcademyCloudFoundations Module 04
No ratings yet
AcademyCloudFoundations Module 04
65 pages
AWS Module 3 Notes
No ratings yet
AWS Module 3 Notes
5 pages
Migrating Your Databases To AWS Blair Layton Final
No ratings yet
Migrating Your Databases To AWS Blair Layton Final
41 pages
Become An OCI Foundations Associate (2024)
No ratings yet
Become An OCI Foundations Associate (2024)
53 pages
What Is Amazon EC2
No ratings yet
What Is Amazon EC2
6 pages
GCP-Cloud Bucket
No ratings yet
GCP-Cloud Bucket
10 pages
ODI Final Documentation
No ratings yet
ODI Final Documentation
77 pages
AWS CP - Sruya Kiran Sir Notes
No ratings yet
AWS CP - Sruya Kiran Sir Notes
8 pages
AWS Certified Solutions Architect - Associate
No ratings yet
AWS Certified Solutions Architect - Associate
173 pages
Virtual Private Cloud (Amazon VPC) : Naresh I Technologies Amazon Web Services Avinash Reddy T
No ratings yet
Virtual Private Cloud (Amazon VPC) : Naresh I Technologies Amazon Web Services Avinash Reddy T
33 pages
Cloud Computing
No ratings yet
Cloud Computing
30 pages
Benefits of Cloudendure
No ratings yet
Benefits of Cloudendure
7 pages
AWS Solution Architect Associate Agenda PDF
No ratings yet
AWS Solution Architect Associate Agenda PDF
6 pages
AWS SAA C02 Study Guide
No ratings yet
AWS SAA C02 Study Guide
50 pages
Class26 Aws Iam
No ratings yet
Class26 Aws Iam
6 pages
By William Somerset: Mr. Know-All
No ratings yet
By William Somerset: Mr. Know-All
20 pages
Cardinal and Ordinal Numbers
100% (1)
Cardinal and Ordinal Numbers
5 pages
Praveen Kumar - Talend Developer - Delhi
No ratings yet
Praveen Kumar - Talend Developer - Delhi
4 pages
WiKAHON-Specifications R12
No ratings yet
WiKAHON-Specifications R12
3 pages
On Giving Advice
No ratings yet
On Giving Advice
3 pages
CDAC
No ratings yet
CDAC
2 pages
Pilgrims Theme Full Score
No ratings yet
Pilgrims Theme Full Score
9 pages
Assessment 2: Name: Course: Subject: Date: A.Y. 2021-2022
100% (1)
Assessment 2: Name: Course: Subject: Date: A.Y. 2021-2022
4 pages
Test MGJ Final 2 86%
No ratings yet
Test MGJ Final 2 86%
21 pages
Change QUOTES From Direct To Reported Speech
No ratings yet
Change QUOTES From Direct To Reported Speech
3 pages
Allama Iqbal Open University: Level
No ratings yet
Allama Iqbal Open University: Level
33 pages
Number Sense - Essential Points
No ratings yet
Number Sense - Essential Points
11 pages
LESSON 7 - Prepositions, Conjunctions, & Interjections
No ratings yet
LESSON 7 - Prepositions, Conjunctions, & Interjections
21 pages
Zoroastrian Ethic
100% (5)
Zoroastrian Ethic
224 pages
Acrobat - Adobe Reader Command Line Reference - Stack Overflow
No ratings yet
Acrobat - Adobe Reader Command Line Reference - Stack Overflow
2 pages
Assignment 1
No ratings yet
Assignment 1
2 pages
The Indo Europeans
100% (1)
The Indo Europeans
33 pages
How To Teach Reading
No ratings yet
How To Teach Reading
22 pages
Research Document Group 2
No ratings yet
Research Document Group 2
20 pages
Engage: Concept For This Lesson: Compose/Decompose Numbers 11-20 Grade Span: K
No ratings yet
Engage: Concept For This Lesson: Compose/Decompose Numbers 11-20 Grade Span: K
5 pages
Programmable Logic Design Grzegorz Budzy Ń L Ecture 10: Fpga Clocking Schemes
No ratings yet
Programmable Logic Design Grzegorz Budzy Ń L Ecture 10: Fpga Clocking Schemes
70 pages
Self Evaluation
No ratings yet
Self Evaluation
2 pages
Eti 22618 Ut1 Question Bank 290120
No ratings yet
Eti 22618 Ut1 Question Bank 290120
39 pages
BSC6900 UMTS - Parameter Reference
No ratings yet
BSC6900 UMTS - Parameter Reference
1,261 pages
Conjunctions Notes
No ratings yet
Conjunctions Notes
3 pages
Folclorul - FACTOR EDUCATIV FUNDAMENTAL in Invatamantul Artistic Romanesc
No ratings yet
Folclorul - FACTOR EDUCATIV FUNDAMENTAL in Invatamantul Artistic Romanesc
6 pages
Bevans, Stephen. B
100% (1)
Bevans, Stephen. B
284 pages

AWS Glossary

Uploaded by

AWS Glossary

Uploaded by

AWS glossary

Numbers and symbols | A | B | C | D | E | F | G | H | I | J | K | L | M | N | O | P | Q | R | S | T | U | V

Numbers and symbols

Numbers and symbols | A | B | C | D | E | F | G | H | I | J | K | L | M | N | O | P | Q | R | S | T | U | V

See additional authenticated data.

See also https://aws.amazon.com/about-aws/whats-new/2019/12/introducing-aws-

access control list (ACL)

The combination of an access key ID (for example, AKIAIOSFODNN7EXAMPLE) and a

access key rotation

access policy language

• The owner email address and password

See access control list (ACL).

See AWS Certificate Manager Private Certificate Authority (ACM PCA).

See AWS Certificate Manager Private Certificate Authority (ACM PCA).

active trusted key groups

active trusted signers

See active trusted key groups.

additional authenticated data

Amazon API Gateway

See also https://aws.amazon.com/api-gateway

Amazon AppStream 2.0

See also https://aws.amazon.com/appstream/

See also https://aws.amazon.com/athena/

See also https://aws.amazon.com/rds/aurora/

A secure, real-time, unified communications service that transforms meetings by making

See also https://aws.amazon.com/chime/

Amazon Cloud Directory (Cloud Directory)

See also https://aws.amazon.com/cloud-directory/

See also https://aws.amazon.com/cloudfront

See also https://aws.amazon.com/cloudwatch

Amazon CloudWatch Events

See also https://aws.amazon.com/cloudwatch

Amazon CloudWatch Logs

See also https://aws.amazon.com/cloudwatch

See also https://aws.amazon.com/cognito/

See also https://aws.amazon.com/comprehend/

Amazon Comprehend Medical

See also https://aws.amazon.com/connect/

A no-cost, multiplatform, production-ready distribution of the Open Java Development

See also https://aws.amazon.com/corretto/

See also https://aws.amazon.com/detective/

Amazon DocumentDB (with MongoDB compatibility)

See also https://aws.amazon.com/documentdb/

Amazon DynamoDB Encryption Client

Amazon DynamoDB Storage Backend for Titan

See also https://aws.amazon.com/dynamodb/

Amazon DynamoDB Streams

An AWS service that captures a time-ordered sequence of item-level modifications in any

See also https://aws.amazon.com/dynamodb/

Amazon EBS-backed AMI

See also Amazon Elastic Compute Cloud (Amazon EC2).

See also https://aws.amazon.com/ec2

A web service designed to launch or terminate instances automatically based on user-

See also https://aws.amazon.com/ec2/autoscaling

Amazon Elastic Block Store (Amazon EBS)

See also https://aws.amazon.com/ebs

Amazon Elastic Compute Cloud (Amazon EC2)

See also https://aws.amazon.com/ec2

Amazon Elastic Container Registry (Amazon ECR)

See also https://aws.amazon.com/ecr

Amazon Elastic Container Service (Amazon ECS)

See also https://aws.amazon.com/ecs

See also https://aws.amazon.com/efs/

Amazon Elastic Kubernetes Service (Amazon EKS)

See also https://aws.amazon.com/eks/

Amazon Elastic Transcoder

See also https://aws.amazon.com/elastictranscoder/

See also https://aws.amazon.com/elasticache/

Amazon Elasticsearch Service (Amazon ES)

See also https://aws.amazon.com/elasticmapreduce

See also https://aws.amazon.com/eventbridge/

See also https://aws.amazon.com/forecast/

A managed service for deploying, operating, and scaling session-based multiplayer

See also https://aws.amazon.com/gamelift/

See also https://aws.amazon.com/guardduty/

See also https://aws.amazon.com/inspector