Private network->VPC- Amazon Virtual Private Cloud (VPC) is a service that lets you launch

AWS resources in a logically isolated virtual network that you define.

Server/VM->EC2- Amazon Elastic Compute Cloud (Amazon EC2) provides scalable computing
capacity in the Amazon Web Services (AWS) Cloud.
Disk->EBS- Amazon Elastic Block Store (Amazon EBS) provides block level storage volumes for
use with EC2 instances.
Relational Database->RDS- Amazon Relational Database Service (RDS) is a managed SQL
database service provided by Amazon Web Services (AWS).
NoSql database->DynamoDB- Amazon DynamoDB is a fully managed, serverless, key-value
NoSQL database designed to run high-performance applications at any scale.
Data Cache->ElastiCache- Amazon ElastiCache is a fully managed in-memory data store and
cache service by Amazon Web Services.
Load Balancer->ELB- Elastic Load Balancing automatically distributes your incoming traffic
across multiple targets, such as EC2 instances, containers, and IP addresses, in one or more
Availability Zones.
DNS-> Route53- Amazon Route53 is a highly available and scalable cloud domain name system
(DNS) service.
External Storage->S3- Amazon S3 or Amazon Simple Storage Service is a service offered by
Amazon Web Services that provides object storage through a web service interface.
Content Filter-> Rekognition- Amazon Rekognition offers pre-trained and customizable
computer vision (CV) capabilities to extract information and insights from your images and
videos.
Video Convert->Lambda- It is a computing service that runs code in response to events and
automatically manages the computing resources required by that code.
Click stream analysis->Kinesis- Amazon Kinesis is an Amazon Web Service designed to process
large-scale data streams from a multitude of services in real-time.
Hadoop/Spark->EMR- Amazon EMR (previously called Amazon Elastic MapReduce) is a
managed cluster platform that simplifies running big data frameworks, such as Apache Hadoop
and Apache Spark, on AWS to process and analyze vast amounts of data.
ETL->Glue- AWS Glue is a fully managed ETL (extract, transform, and load) AWS service.
Business Intelligence->Quicksight- Amazon QuickSight is a cloud-native, serverless, business
intelligence with native ML integrations and usage-based pricing, allowing insights for all users.
Athena- Amazon Athena is an interactive query service that makes it easy to analyze data
directly in Amazon S3 using standard SQL.
Data Warehouse->Redshift- Amazon Redshift is a data warehouse product which forms part of
the larger cloud-computing platform Amazon Web Services.
Content Delivery network (Cache)->CloudFront- Amazon CloudFront is a web service that
speeds up distribution of your static and dynamic web content, such as .html, .css, .js, image
files etc.
Edge locations- Edge locations are AWS data centers designed to deliver services with the
lowest latency possible.
SMS notification->SNS- Amazon Simple Notification Service is a notification service provided as
part of Amazon Web Services.
Email->SES- Amazon Simple Email Service (SES) is a cost-effective email service built on the
reliable and scalable infrastructure that Amazon.com developed to serve its own customer
base.
Message queue->SQS- Amazon SQS (Simple queue service) is a message queue service used by
distributed applications to exchange messages through a polling model, and can be used to
decouple sending and receiving components.
Monitoring Dashboard->CloudWatch- Amazon CloudWatch monitors your Amazon Web
Services (AWS) resources and the applications you run on AWS in real time.
IAM- AWS Identity and Access Management (IAM) is a web service that helps you securely
control access to AWS resources.
IAM Groups- consists of multiple users.
IAM roles- Set of permissions.
IAM policies- JSON document that lists the permissions.
KMS- AWS Key Management Service (AWS KMS) lets you create, manage, and control
cryptographic keys across your applications and more than 100 AWS services.
ACM- AWS Certificate Manager (ACM) is a service that lets you easily provision, manage, and
deploy public and private Secure Sockets Layer/Transport Layer Security (SSL/TLS) certificates
for use with AWS services and your internal connected resources.
WAF- AWS WAF is a web application firewall that helps protect apps and APIs against bots and
exploits that consume resources, skew metrics, or cause downtime.
Inspector- Amazon Inspector is an automated vulnerability management service that
continually scans AWS workloads for software vulnerabilities.
CloudTrail- AWS cloudtrail is a web service that records AWS API calls for your account and
delivers log files to you.
Region- Each AWS Region is a separate geographic area.
Availability Zones- Availability Zones are distinct locations within an AWS Region that are
engineered to be isolated from failures in other Availability Zones.
Each Region is a separate geographic area. Availability Zones are multiple, isolated locations
within each Region.
Subnet- A subnet is a range of IP addresses in your VPC. You can attach AWS resources, such as
EC2 instances and RDS DB instances, to subnets. You can create subnets to group instances
together according to your security and operational needs.
Security Group- An AWS security group acts as a virtual firewall for your EC2 instances to
control incoming and outgoing traffic. Both inbound and outbound rules control the flow of
traffic to and traffic from your instance, respectively.
How to connect EC2 instance to SSH: At first create an EC2 instance with a new RSA key pair
created so that it can be used to connect by SSH. A .pem file is what we have after this step.
Then open PuttyGen to generate a .ppk file from the .pem file. Then open Putty and in the ssh
auth section give the .ppk file. then give the ip address of the EC2 instance and choose
connection type ssh. Click open. a cmd will pop up where the username is to be given to
connect to the instance.

How to connect EC2 instance to RDP: We must have an RDP client on our PC. Enable inbound
RDP traffic from my IP address to my instance. Then on EC2 console, choose the connect to
instance and then rdp client. By uploading the .pem file in get passward, collect the decrypted
password. Then choose download remote desktop file and open the rdp file. choose connect
and give the decrypted password then just choose yes to connect to the instance.

VPC: On VPC dashboard choose launch vpc wizard. select vpc configuration on VPC with a single
public subnet choose select. give necessary addresses. then on subnets select the subnet with
the same name as the vpc and make a note of the availaibility zone. then create subnet with
the previously created vpc and availability zone with anything except the noted one.

AWS provides two features that you can use to increase security in your VPC: security groups
and network ACLs. Security groups control inbound and outbound traffic for your instances, and
network ACLs control inbound and outbound traffic for your subnets.
Static website hosting: Create a bucket, enable static website hosting, untick block public
access settings, add a bucket policy that makes your bucket contents publicly available,
configure an index document, error document and other documents then upload them. Then
choose the bucket website endpoint to open the website.