Glossary

Lists used by routers or firewalls which dictate whether packets are permitted or denied access based on criteria such as source IP address or port number destination port number etc.; also referred to as packet filter lists .

A version of an AWS Lambda layer that contains additional code and data used to extend the functionality of a Lambda function.

An Amazon Machine Image is a pre-configured environment used to create and run an EC2 instance.

The process of packaging applications into isolated containers so they can be easily deployed across different environments without affecting their performance or consistency.

An AWS service that automatically adds or removes EC2 instances from a group based on user-defined policies.

A persistent block storage solution for use with EC2 instances.

Classless Inter-Domain Routing; a notation used to define a range of IP addresses, e.g., 192.168.1/24 represents 256 IPv4 addresses between 192.168.1/0 and 192.168.1/255, inclusive).

Triggers an automated response when a specified condition is met, such as when application resources exceed predetermined thresholds or when a new version of an application is released.

An open source tool used by Kubernetes clusters running on AWS that automatically scales up or down node groups based on application resource requirements.

A web service that provides secure, resizable compute capacity in the cloud.

Domain Name System (DNS) records are used to determine which server holds the data for a domain name.

Prepay for one year or three years of EC2 instance usage, providing cost savings over On-Demand pricing models.

On-demand EC2 instances that allow customers to name their own price and bid on spare compute capacity.

An auto scaling group (ASG) is a collection of AWS EC2 instances that can be automatically scaled up or down based on user defined criteria.

A collection of Amazon EC2 instances, managed by the Amazon EKS service, that run the Kubernetes worker nodes to enable applications to be deployed.

A static public IPv4 address associated with an AWS account, which can be dynamically allocated to a running instance or ENI.

A service that distributes incoming application traffic across multiple targets, such as Amazon EC2 instances.

An error occurred during launch, start, stop, terminate or reachability check operations on the EC2 Instance respectively

An algorithm which sends an HTTP request to a given URL and waits for a response from that URL.

A process used to evaluate the health of the registered target or target group.

The number of consecutive successful health checks before declaring a target healthy.

The process of verifying whether hostname can be resolved correctly or not by querying DNS servers associated with that hostname.

Roles defined by the user with specific permissions allowing access between different services within AWS.

Permissions that specify what type of traffic is allowed to enter an AWS EC2 instance.

A method of managing and provisioning infrastructure using machine-readable configuration files instead of manual processes.

The time between each health check request in seconds.

A virtual network dedicated to the user’s AWS account, allowing for complete control over the virtual networking environment.

A cryptographic key pair generated by AWS which is used to securely connect to an EC2 instance.

Pods are small units of compute resources in Kubernetes, consisting typically of one or more containers deployed together on one host.

A node group is a cluster of EC2 instances running the same version of the Kubernetes software and configured with the same instance type, subnets, and other configuration parameters.

In AWS EKS, ConfigMaps are key-value data stores used by applications running inside pods to store configuration information such as credentials or database connection strings.

A deployment controller watches for changes in pod definitions and ensures those changes are applied to all nodes in the cluster, so that all nodes have identical definitions for each pod running in them.

Amazon Elastic Container Service for Kubernetes (Amazon EKS) is an AWS managed service that allows users to run Kubernetes clusters.

In AWS EKS, service accounts provide authentication credentials used by applications running inside pods to access other AWS services such as S3 buckets or DynamoDB tables.

A JSON-formatted template used to create multiple identical EC2 instances with consistent configurations and settings.

Namespaces allow you to logically separate resources within a single cluster into multiple virtual clusters called namespaces which can then be

A stateless firewall for filtering both inbound and outbound network traffic at the subnet level.

An optional layer of security for controlling access to networks based on pre-defined rules.

The cluster autoscaler is a component that automatically adjusts the size of your node groups according to their current needs and availability requirements.

Permissions that specify what type of traffic is allowed to leave an AWS EC2 instance.

A tool used to test network latency between two points on a network, usually from a client’s computer to another machine on the same network.

An Amazon Machine Image is a pre-configured environment used to create and run an EC2 instance.

Standard language which computers use when exchanging data; commonly used protocols in relation to AWS security groups include TCP, UDP, ICMP and SSH etc..

A service provided by AWS for monitoring the status of web applications and services.

The process of verifying whether an SSL certificate is valid or not, as well as if it needs to be renewed or replaced.

A virtual firewall that controls inbound and outbound traffic for AWS EC2 instances.

An Amazon EC2 instance type that allows users to bid for spare computing capacity at discounted prices compared to On-Demand Instances.

A web page that displays information about the health of an application or service.

Sets of rules that determine which types of traffic are allowed in and out of a subnet.

A segmented part of an IP network having its own address range, routing rules, and subnet mask; used by routers to route packets within a larger network such as the Internet or a private cloud environment like AWS.

An algorithm which establishes connections between two computers with TCP protocol in order to exchange data packets and measure connection latency times.

A collection of targets, such as Amazon EC2 instances, that are associated with a load balancer and receive traffic from the load balancer.

The length of time, in seconds, during which no response means an unhealthy state for a target or target group.

Automatically distribute incoming traffic between multiple EC2 instances across multiple Availability Zones for increased fault tolerance and performance optimization.

The number of consecutive failed health checks before declaring a target unhealthy.

An AWS service used for managing user access permissions for services such as S3 buckets, EC2 instances, etc.

A type of AWS gateway that enables communication between instances in a VPC and the public internet.

Used to enable instances in private subnets to connect securely and privately with external networks such as the internet.

Stores routing information of a VPC, enabling traffic flow into and out of subnets within a virtual private cloud (VPC).

A logical subdivision of an IP network, consisting of hosts connected to the same physical segment.

A set of firewall rules that control inbound and outbound traffic to resources within the VPC.

A virtual network interface that allows an Amazon EC2 instance to communicate with other networks within the same region, including VPCs.