AWS Professional Knowledge Base

Infrastructure Services   AWS CloudFormation    AWS CloudFormation provides several built-in functions that help you manage your stacks. Use intrinsic functions in your templates to assign values to properties that are not available until runtime. Currently, you can use intrinsic functions in resource properties, outputs, metadata attributes, and update policy attributes. You can also use intrinsic functions to conditionally create stack resources. Examples - Fn::Base64, GetAtt, GetAZ, Select, Join, Sub, Transform, Ref The  Fn::GetAtt  intrinsic function returns the value of an attribute from a resource in the template.  The intrinsic function  Fn::Transform  specifies a macro to perform custom processing on part of a stack template. Macros enable you to perform custom processing on templates, from simple actions like find-and-replace operations to extensive transformations of entire templates.  The intrinsic function  Ref  returns the value of the specified  parameter  or  resource .

 Config Manager Use AWS Config to evaluate the configuration settings of your AWS resources. You do this by creating AWS Config rules, which represent your ideal configuration settings. AWS Config provides customizable, predefined rules called managed rules. While AWS Config continuously tracks the configuration changes that occur among your resources, it checks whether these changes violate any of the conditions in your rules. If a resource violates a rule, AWS Config flags the resource and the rule as  noncompliant . When you add a rule to your account, you can specify when you want AWS Config to run the rule; this is called a  trigger .  AWS Config runs evaluations for the rule when certain types of resources are created, changed, or deleted. AWS Config runs evaluations for the rule at a frequency that you choose . AWS Config allows you to remediate noncompliant resources that are evaluated by AWS Config Rules. AWS Config applies remediation using  AWS Systems Manager Automation doc

AWS IoT Core  is a managed cloud service that enables connected devices to securely interact with cloud applications and other devices.  AWS IoT provides device software that can help you integrate your IoT devices into AWS IoT-based solutions.  AWS IoT Core supports these protocols: MQTT MQTT WSS - Secure Web Sockets HTTPS Long range WAN - LoRaWAN AWS IoT Greengrass  extends AWS IoT to edge devices so they can act locally on the data they generate and use the cloud for management, analytics, and durable storage.  FreeRTOS  is an open source, real-time operating system for microcontrollers that lets you include small, low-power edge devices in your IoT solution. FreeRTOS includes a kernel and a growing set of software libraries that support many applications. FreeRTOS systems can securely connect your small, low-power devices to  AWS IoT  and support more powerful edge devices running  AWS IoT Greengrass .    AWS IoT Things Graph provides a visual drag-and-drop interface for connecting

  AWS Glue is a serverless, fully managed ETL (extract, transform, and load) service that makes it simple and cost-effective to categorize your data, clean it, enrich it, and move it reliably between various data stores and data streams.   AWS Glue consists of a central metadata repository known as the AWS Glue Data Catalog. AWS Glue is designed to work with semi-structured data. You can use AWS Glue to organize, cleanse, validate, and format data for storage in a data warehouse or data lake.  Glue  discovers and catalogs metadata about your data stores into a central catalog.  Populates the AWS Glue Data Catalog with table definitions from scheduled crawler programs. AWS Glue can catalog your Amazon Simple Storage Service (Amazon S3) data, making it available for querying with Amazon Athena and Amazon Redshift Spectrum. You can run your ETL jobs as soon as new data becomes available in Amazon S3 by invoking your AWS Glue ETL jobs from an AWS Lambda function. Glue supports data sources

A  namespace  is a container for CloudWatch metrics. Metrics in different namespaces are isolated from each other, so that metrics from different applications are not mistakenly aggregated into the same statistics. There is no default namespace. You must specify a namespace for each data point you publish to CloudWatch. You can specify a namespace name when you create a metric.  Metrics  are the fundamental concept in CloudWatch. A metric represents a time-ordered set of data points that are published to CloudWatch.  Metrics exist only in the Region in which they are created. Metrics cannot be deleted, but they automatically expire after 15 months if no new data is published to them.  A  dimension  is a name/value pair that is part of the identity of a metric. You can assign up to 10 dimensions to a metric. CloudWatch treats each unique combination of dimensions as a separate metric, even if the metrics have the same metric name.  Each metric is one of the following: Standard resolutio

 Networking Elastic Network Interfaces - ENI  An Elastic Network Interface (ENI) is a virtual network interface that the user can attach to an instance in a VPC. The user can attach up to two ENIs with a single instance. However, AWS cannot assign a public IP when there are two ENIs attached to a single instance. It is recommended to assign an elastic IP in this scenario.  Logical units and represent Network interface card in AWS One ENI can be attached to one instance only. However they can be detached and the attached to another instance. ENI is connected with one primary or default private IP address. Primary cannot be detached. It can be connected to more than 1 secondary private IP addresses. For each Private IP address we can 1 elastic IP. We can associate 1 Public IP address Source Destination enabled flag ENI can be attached when the instance is running, stopped or launched. Instance can be attached to 2 ENI - 1 public IP in Subnet 1 to allow internet traffic to instance and an