AWS Service Catalog¶
This section contains detailed notes for AWS services relevant to the AWS Certified Security Specialty (SCS-C03) exam.
Identity and Access Management¶
- Amazon IAM
- AWS IAM Identity Center
- Amazon Cognito
- AWS Directory Service
- AWS Organizations
- AWS Resource Access Manager
- AWS Security Token Service
- Amazon Verified Permissions
- AWS Verified Access
Detection and Monitoring¶
- Amazon GuardDuty
- Amazon Detective
- AWS Security Hub
- Amazon Security Lake
- Amazon Macie
- Amazon CloudWatch
- AWS CloudTrail
- AWS CloudTrail Lake
- Amazon OpenSearch Service
- Amazon Managed Grafana
- Amazon VPC Flow Logs
Data Protection¶
- AWS Key Management Service
- AWS CloudHSM
- AWS Secrets Manager
- AWS Backup
- AWS DataSync
- AWS Certificate Manager
- AWS Private Certificate Authority
- Amazon Simple Storage Service (S3)
- Amazon Elastic File System (EFS)
- Amazon FSx for Lustre
Network Security¶
- AWS WAF
- AWS Shield
- AWS Shield Advanced
- AWS Network Firewall
- AWS Firewall Manager
- Route 53 Resolver DNS Firewall
- Security Groups
- Network Access Control Lists
- VPC Endpoints
- AWS Transit Gateway
- AWS Direct Connect
- AWS Site-to-Site VPN
- AWS Client VPN
- Amazon Virtual Private Cloud (VPC)
- Amazon Route 53
- Amazon CloudFront
Governance, Audit and Compliance¶
- AWS Config
- AWS Audit Manager
- AWS Artifact
- AWS Control Tower
- AWS Trusted Advisor
- AWS Well-Architected Tool
- AWS Service Catalog
- AWS User Notifications
Compute and Workload Security¶
- Amazon EC2
- Amazon EKS
- AWS Lambda
- Amazon EMR
- EC2 Image Builder
- EC2 Instance Connect
- AWS Systems Manager
- Amazon Data Lifecycle Manager
Application Security¶
- Amazon API Gateway
- Amazon SNS
- Amazon Step Functions
- AWS CloudFormation
- AWS SDKs
- AWS Command Line Interface
- AWS Management Console
- Amazon CodeGuru Security
Resilience and Recovery¶
- Amazon Application Recovery Controller
- AWS Resilience Hub
- Automated Forensics Orchestrator for Amazon EC2
- AWS Fault Injection Service