AWS Services Overview
A comprehensive reference of AWS services organized by category for interview preparation.
Compute
| Service |
Description |
| EC2 |
Virtual servers in the cloud |
| Lambda |
Serverless compute - run code without provisioning servers |
| ECS |
Docker container orchestration service |
| EKS |
Managed Kubernetes service |
| Fargate |
Serverless compute for containers |
| Elastic Beanstalk |
PaaS for deploying applications |
| Lightsail |
Simple virtual private servers |
| Batch |
Batch computing workloads |
| Outposts |
Run AWS infrastructure on-premises |
| App Runner |
Fully managed container application service |
Storage
| Service |
Description |
| S3 |
Object storage with 99.999999999% durability |
| EBS |
Block storage for EC2 instances |
| EFS |
Managed NFS file system |
| FSx |
Fully managed third-party file systems (Windows, Lustre, NetApp, OpenZFS) |
| S3 Glacier |
Low-cost archive storage |
| Storage Gateway |
Hybrid cloud storage |
| Snow Family |
Physical data transport (Snowcone, Snowball, Snowmobile) |
Database
| Service |
Description |
| RDS |
Managed relational databases (MySQL, PostgreSQL, MariaDB, Oracle, SQL Server) |
| Aurora |
MySQL/PostgreSQL-compatible with 5x performance |
| DynamoDB |
Managed NoSQL key-value and document database |
| DocumentDB |
MongoDB-compatible document database |
| ElastiCache |
In-memory caching (Redis, Memcached) |
| Neptune |
Graph database |
| Redshift |
Data warehouse |
| Keyspaces |
Managed Apache Cassandra |
| QLDB |
Ledger database with immutable transaction log |
| Timestream |
Time-series database |
| MemoryDB |
Redis-compatible durable in-memory database |
Networking & Content Delivery
| Service |
Description |
| VPC |
Isolated virtual network |
| CloudFront |
Global CDN |
| Route 53 |
DNS and domain registration |
| API Gateway |
Create, publish, and manage APIs |
| Direct Connect |
Dedicated network connection to AWS |
| Global Accelerator |
Improve application availability and performance |
| ELB |
Distribute traffic (ALB, NLB, CLB, GWLB) |
| PrivateLink |
Private connectivity to services |
| Transit Gateway |
Connect VPCs and on-premises networks |
| App Mesh |
Application-level networking for microservices |
Security, Identity & Compliance
| Service |
Description |
| IAM |
Identity and access management |
| Cognito |
User identity and authentication |
| Secrets Manager |
Rotate and manage secrets |
| KMS |
Key management service |
| CloudHSM |
Hardware security modules |
| WAF |
Web application firewall |
| Shield |
DDoS protection |
| GuardDuty |
Threat detection |
| Inspector |
Automated security assessment |
| Macie |
Discover and protect sensitive data |
| Security Hub |
Unified security and compliance center |
| Detective |
Investigate security issues |
| IAM Identity Center |
SSO for workforce (formerly AWS SSO) |
| Certificate Manager |
Provision and manage SSL/TLS certificates |
Application Integration
| Service |
Description |
| SQS |
Message queuing service |
| SNS |
Pub/sub messaging and notifications |
| EventBridge |
Serverless event bus |
| Step Functions |
Workflow orchestration |
| MQ |
Managed message broker (ActiveMQ, RabbitMQ) |
| AppSync |
Managed GraphQL APIs |
| AppFlow |
SaaS integration service |
Management & Governance
| Service |
Description |
| CloudWatch |
Monitoring and observability |
| CloudTrail |
API activity logging |
| CloudFormation |
Infrastructure as Code |
| Config |
Resource inventory and configuration history |
| Systems Manager |
Operations management |
| Organizations |
Multi-account management |
| Control Tower |
Multi-account governance |
| Service Catalog |
Create and manage approved IT services |
| Trusted Advisor |
Best practice recommendations |
| Well-Architected Tool |
Review workloads against best practices |
| License Manager |
Manage software licenses |
| Cost Explorer |
Visualize and manage costs |
| Budgets |
Set custom budgets and alerts |
Analytics
| Service |
Description |
| Athena |
Query S3 data with SQL |
| EMR |
Managed Hadoop/Spark |
| Kinesis |
Real-time data streaming |
| Glue |
ETL service and data catalog |
| QuickSight |
Business intelligence |
| Data Pipeline |
Data workflow orchestration |
| Lake Formation |
Build data lakes |
| OpenSearch Service |
Search and analytics (formerly Elasticsearch) |
| MSK |
Managed Apache Kafka |
| Data Exchange |
Third-party data marketplace |
Machine Learning
| Service |
Description |
| SageMaker |
Build, train, and deploy ML models |
| Rekognition |
Image and video analysis |
| Comprehend |
NLP service |
| Lex |
Conversational AI (chatbots) |
| Polly |
Text-to-speech |
| Transcribe |
Speech-to-text |
| Translate |
Language translation |
| Textract |
Extract text from documents |
| Forecast |
Time-series forecasting |
| Personalize |
Recommendation engine |
| Bedrock |
Foundation models as a service |
| CodeWhisperer |
AI code companion |
| Service |
Description |
| CodeCommit |
Git repositories |
| CodeBuild |
Build and test code |
| CodeDeploy |
Automate deployments |
| CodePipeline |
CI/CD pipeline |
| CodeArtifact |
Artifact repository |
| Cloud9 |
Cloud IDE |
| X-Ray |
Distributed tracing |
| CodeStar |
Develop, build, and deploy applications |
Containers
| Service |
Description |
| ECS |
Container orchestration |
| EKS |
Managed Kubernetes |
| ECR |
Container registry |
| Fargate |
Serverless containers |
| App Runner |
Fully managed container apps |
| Copilot |
CLI for containerized apps |
Migration & Transfer
| Service |
Description |
| Migration Hub |
Track migrations |
| DMS |
Database Migration Service |
| SMS |
Server Migration Service |
| DataSync |
Data transfer service |
| Transfer Family |
SFTP, FTPS, FTP to S3 |
| Application Discovery Service |
Discover on-premises applications |
| Application Migration Service |
Lift and shift migrations |
End User Computing
| Service |
Description |
| WorkSpaces |
Virtual desktops |
| AppStream 2.0 |
Application streaming |
| WorkDocs |
Document storage and sharing |
| WorkLink |
Secure mobile access to internal websites |
IoT
| Service |
Description |
| IoT Core |
Connect devices to the cloud |
| IoT Greengrass |
Local compute for IoT |
| IoT Analytics |
Analytics for IoT data |
| IoT Device Management |
Manage IoT fleets |
| IoT Events |
Detect and respond to events |
| IoT SiteWise |
Collect and analyze industrial data |
| Service |
Description |
| Elastic Transcoder |
Media transcoding |
| MediaConvert |
Video processing |
| MediaLive |
Live video processing |
| MediaPackage |
Video origination and packaging |
| MediaStore |
Media storage |
| Interactive Video Service |
Live interactive video |
Key Concepts for Interviews
Well-Architected Framework Pillars
- Operational Excellence - Run and monitor systems
- Security - Protect information and systems
- Reliability - Recover from failures
- Performance Efficiency - Use resources efficiently
- Cost Optimization - Avoid unnecessary costs
- Sustainability - Minimize environmental impact
Global Infrastructure
- Regions - Geographic areas with multiple AZs
- Availability Zones (AZs) - Isolated data centers within a region
- Edge Locations - CDN endpoints for CloudFront
- Local Zones - Extend regions closer to users
- Wavelength Zones - 5G edge computing
Pricing Models
- On-Demand - Pay per use, no commitment
- Reserved Instances - 1-3 year commitment for discount
- Spot Instances - Bid on unused capacity (up to 90% off)
- Savings Plans - Flexible pricing model with commitment
- Dedicated Hosts - Physical servers dedicated to you
Shared Responsibility Model
- AWS Responsibility - Security OF the cloud (infrastructure)
- Customer Responsibility - Security IN the cloud (data, configurations)
Quick Reference: Service Limits (Common)
| Service |
Default Limit |
| EC2 instances per region |
20 (varies by type) |
| S3 buckets per account |
100 |
| Lambda concurrent executions |
1,000 |
| VPCs per region |
5 |
| EBS volumes per region |
5,000 |
| RDS instances per region |
40 |
| IAM users per account |
5,000 |
| CloudFormation stacks per region |
200 |
Note: Many limits can be increased via support request
Further Reading