This is a digital copy of my physical notes taken while studying for AWS Certifications.
This is the following exam to SAA-003.


IAM Access Analyzer

Security Token Service

Without externalID spoofing

With externalID

Identity Federation

Custom Identity Broker

Web Identity Federation - Without Cognito

Web Identity Federation - With Cognito

AWS Managed Microsoft Active Directory

Organisation Units

Service Control Policies (SCPs)

Organisation tag policies

Organisation AI opt-out policies

Organisation backup policies

AWS IAM Identity Center

AWS Control Tower


Placement Groups

Host Affinity

Host affinity is configured at the instance level. It establishes a launch relationship between an instance and a Dedicated Host.
When affinity is set to Host, an instance launched onto a specific host always restarts on the same host if stopped. This applies to both targeted and untargeted launches.
When affinity is set to Default, and you stop and restart the instance, it can be restarted on any available host. However, it tries to launch back onto the last Dedicated Host on which it ran (on a best-effort basis).


AWS Resource Access Manager


Cloud HSM

SSL Offloading

EC2 Instance Connect

Instance Recovery

High Performance Computing (HPC)

ECS Networking

EKS Data Volumes

ECS Anywhere

EKS Anywhere

NLB Zonal DNS Names

NLB Flow hash routing


Route53 Health-checks

Hybrid DNS & Resolver Rules

AWS Global Accelerator

AWS Outposts

AWS Wavelength (5G)

AWS Local Zones

EBS Snapshots

Data Lifecycle Manager

EBS Encryption

EFS Access Points

S3 Replication Time Control (RTC)

FSX for Lustre Lazy Data Loading

AWS DataSync

RDS for Oracle

High Volume Queue Processing


Kinesis Streams

KCL Consumer

Kinesis Firehose

Kinesis Analytics

Comparing data streaming services

Comparison Charts

Kinesis Data Streams SQS SQS FIFO SNS DynamoDB S3
Data Immutable Immutable Immutable Immutable Mutable Mutable
Retention 1-365 days, export to S3 using KDF 1-14 days 1-14 days No retention Infinite or can implement TTL Infinite, can setup lifecycle
Ordering Per shard No ordering Per group-id No ordering No ordering No ordering
Scalability Provision shards Soft limit 300 msg/s Or 3000 if batch Soft limit WCU & RCU / On-demand Infinite / 3500 PUT 5500 GET per prefix
Readers EC2, Lambda, KDF, KDA, KCL (checkpoint) EC2, Lambda EC2, Lambda HTTP, Lambda, Email, SOS… DynamoDB Streams SDK, S3 Events
Latency KDS (200 ms) KDF (1 min) Low (10-100ms) Low (10-100ms) Low (10-100 ms) Low (10-100ms) Low (10-100ms)

AWS Batch

Amazon Elastic Map Reduce (EMR)



Cloudwatch Synthetic Canary

Elastic Beanstalk

Service Catalog

AWS Compute Optimiser

AWS Snow Family

AWS Schema Conversion Tool (SCT)

Snowball + DMS

Disaster Recovery

Elastic Disaster Recovery


VPC Peering

Transit Gateway

VPC Endpoints

VPC Endpoint Policies

Site to Site VPN

Client VPN

Direct Connect Virtual Interfaces

Direct Connect Encryption

Kinesis Video Streams

Amazon Workspaces

AWS Application Discovery Service

Agentless discovery can be performed by deploying the Application Discovery Service Agentless Collector (Agentless Collector) (OVA file) through your VMware vCenter. After Agentless Collector is configured, it identifies virtual machines (VMs) and hosts associated with vCenter. Agentless Collector collects the following static configuration data: Server hostnames, IP addresses, MAC addresses, disk resource allocations, database engine versions, and database schemas. Additionally, it collects the utilization data for each VM and database providing the average and peak utilization for metrics such as CPU, RAM, and Disk I/O.

Agent-based discovery can be performed by deploying the AWS Application Discovery Agent on each of your VMs and physical servers. The agent installer is available for Windows and Linux operating systems. It collects static configuration data, detailed time-series system-performance information, inbound and outbound network connections, and processes that are running.


© 2024 Pfych 🏳️‍⚧️