This is a blog series to record AWS Solution Architect Associate (SAA C02) Exam Preparation Notes to help anyone preparing for the exam. This is the fourth part of the series. In this part, we will discuss some of the various AWS tools like Amazon CloudWatch, Eventbridge, CloudTrail, AWS Config, etc.
Please see the various parts of the blogging series below.
Part 1: EC2 Basics (AWS SAA Notes)
Part 2: Instance Storage, Computing Services, and Databases (AWS SAA Notes)
Part 3: S3, Cloudfront, and Data Migration Services (AWS SAA Notes)
AWS CloudWatch: This tool helps the user to monitor cloud-based resources and track metrics that can be used in health checks. It collects, evaluates, and analyzes your AWS data (real-time logs, metrics, and event data) using powerful visualization tools.
Users can improve operational performance and response times by creating alarms that trigger an automated response to unwanted events. It can seamlessly integrate with more than 70 AWS services for simplified monitoring and scalability. It also helps troubleshoot operational issues with actionable insights from logs and metrics across CloudWatch dashboards.
Eventbridge: It’s a serverless event bus that makes it easy to build event-driven applications at scale across AWS, existing systems, or SaaS applications. It enables the user to ingest, filter, transform, and deliver events from connected applications – without writing custom code or managing and provisioning servers.
It helps easily create loose-coupling, event-based architectures to help you deploy new features faster. It sets up routing rules to determine where to send your data to create application architectures that interact in real time with your data sources with the event publisher and consumer completely separate.
It connects AWS services, software as a service (SaaS) applications, and custom applications such as event producers to launch a variety of workflows. Scaled automatically based on the number of events ingested, and the user pays only for events posted by their AWS or SaaS applications.
AWS Configuration: It helps the user evaluate, review, and evaluate their AWS resource configurations. This tool also reviews and evaluates the compliance of resource configurations with enterprise policies at regular intervals. Configuration changes are associated with specific account events to facilitate troubleshooting at later stages.
AWS CloudTrail:It uses service records to demonstrate compliance with regulations such as SOC, PCI, and HIPAA and protects organizations from sanctions. This tool records user activity and events and can be integrated with Amazon EventBridge to set up automated workflow rules to improve security. It provides a centrally controlled, one-stop platform for capturing API usage across regions and accounts.
Amazon GuardDuty : This is a cloud-based intelligent threat detection service. It constantly monitors all of your AWS resources including accounts, instances, databases, and storage for potential threats. It uses bug detection and machine learning techniques to identify threats. It provides detailed results to the user and enables them to look in the right direction and provide appropriate actions.
inspector It is a cloud-based service that provides automated and continuous management of vulnerabilities at scale. It ensures that AWS workloads are constantly scanned and software vulnerabilities are identified promptly. It provides a highly accurate risk score that helps the user prioritize corrective actions and reduce processing time.
you have: It is a fully managed data security service that uses machine learning and pattern matching to discover and protect your sensitive data on AWS. It provides alerts about unencrypted containers, publicly accessible repositories and unique data types. It enables us to easily detect and understand sensitive s3 data.
safety center Automate AWS security checks and centralize security alerts. A security mode management service in the cloud that performs security best practice checks, collects alerts, and enables automated repair.
It can detect deviations from security best practices with a single click.
Automatically aggregate security results into a unified data format from AWS and partner services, and can accelerate average time to resolution through automated response and processing actions.
Systems Administrator: It is a central operations center to quickly gain operational insights and shorten the time to discover and resolve operational issues. It enhances visibility and control of all resources in the cloud, on-premises, and at the edge. It helps you maintain instance compliance against patching, configuration, and custom policies. This tool automates the ongoing configuration and management of applications and resources. Overall, it is a comprehensive secure management solution for hybrid cloud environments.
SES It is a scalable email service for sending email from applications as well as communicating with customers at the lowest, transparent industry rates. It can deliver high volume email campaigns with the service sending hundreds of billions of emails annually. Emails arrive in customers’ inboxes as a trusted sender with secure email authentication. Ensures that users and organizations remain compliant from day one with HIPAA eligible and FedRAMP-, GDPR- and ISO certified options. This tool allows you to reach clients with confidence without using the local Simple Mail Transfer Protocol (SMTP) system.
shield: This is a managed Distributed Denial of Service (DDoS) protection service that protects, increases availability, and responsiveness of running applications. Automatically detects and mitigates complex Network Distributed Denial of Service (DDoS) events. Customizes application protection against DDoS risks through integrations with the Shield Response Team (SRT) or AWS WAF protocol.
AWS WAF: He. She eIt enables us to create security rules that control bot traffic and block common attack patterns, such as SQL injection or cross-site scripting. Thus, it protects web applications from common exploits and prevents consumption of excessive resources such as saving developer time. This facilitates monitoring, blocking or limiting the rate of common and widespread bots. It also helps to enhance the visibility of web traffic.
AWS Backups: It is a cost-effective, fully managed, policy-based service that simplifies data protection at scale. It enables us to centrally manage and automate data protection. It can simplify backup and recovery with a fully managed policy-based service. Creates immutable backups to protect against accidental and malicious incidents. It can help monitor and demonstrate data protection compliance with auditor-ready reports.