In this lecture we're going to do the 10,000 Foot Overview, part three. So a few sections in this particular lecture really do come up in both the solutions architect, developer and sysops associate exams. But most of these services do not come up in any of them so I'll just try and make it as quick as possible focusing on the exam topics, and the ones that don't we'll just skip through, I'll just explain very quickly what they are and we'll move on to the next slides. So let's start with security and identity. This service, Identity Access Management, or IAM, we're going to do in the very next section of the course. That's where we're gonna start getting our hands dirty and using the AWS Console, and this particular service comes up in every single certification exam you're ever going to do. It comes up in all eight because this is the fundamental component of AWS. This is how you basically sign in or authenticate to AWS. This is how you set up new users, this is how you assign users permissions, this is how you group users. You might have your users in the administrator group, or developer group, or read-only group. This is the fundamental sort of identity and access management service to use AWS. So you're gonna be an IAM guru in the very next section. Move on to Inspector. So Inspector is a pretty cool service. Basically it's an agent that you install on your virtual machines and it basically inspects those virtual machines and it does security reporting as to what's going on. Believe it or not, it doesn't even feature just yet in the security specialty exam. It doesn't really come up in any of the associate exams either. Certificate Manager is really cool. This gives you free SSL certificates for your domain names so we will be using that later on in the course. Directory Service is basically a way of using Active Directory, which you use with Microsoft, with AWS. It's a way of connecting up Active Directory to AWS. This one really only comes up in the Solutions Architect Associate course so we will have a lecture of it in that course. It's gonna be a theoretical lecture rather than a practical lecture but you just need to understand the different types of Directory Service available. Moving on to WAF or Web Application Firewall. So basically this allows you to give application-level protection to your website. Traditionally firewalls will give you network protection, WAFs give you application-level protection. So they stop things like SQL injections or cross-site scripting, or basically anyone doing anything dodgy at the application layer. And again don't worry if you don't understand these terminologies, we're gonna have a whole section on WAF. We're gonna use it with our elastic load balancers in the EC2 section of the course and we'll look at how it works. The only thing you just need to remember is it's a security product. Now it doesn't really come up, to be honest, it doesn't come up even in the security specialty exams just yet, at least not that I can remember. It doesn't come up in any of the associate ones either but that being said, it's fundamentally an important technology so we are going to cover it off in a lab later on in the EC2 section of the course. Then finally we have a thing called Artifacts. This is basically where you get your documentation in the AWS Console. And this is probably just something easier to show you than to describe it. So if we go down to Security and Compliance, and we go down to Compliance Reports, it's AWS Artifact and this is basically where you can get things like your ISO 27001 Certification. Or you could go and get your ISO 9001 Certification or your PCI DSS Attestation of Compliance, et cetera. So this is where you get all your compliance documents. So it's pretty simple. Again, it doesn't really come up too much apart from in the security specialty cert. And it comes up all the time in that particular cert but it won't come up in any of the associate certificates. Okay, so let's move on and we're going to move onto management tools. Now management tools do come up in all three associate certs. Cloud Watch mostly comes up in the SysOps Administrator Associate course. Basically Cloud Watch is used to monitor performance of your, basically your AWS environment, in particular things like EC2. You can monitor disk utilization, RAM utilization, CPU utilization, et cetera. We will have labs on Cloud Watch in the Certified Solutions Architect Associate course and SysOps Administrator Associate course. Cloud Formation. So Cloud Formation is its own animal. Cloud Formation is what actually drove me to AWS to begin with. So if you're working with AWS chances are you're probably gonna use Cloud Formation in some way, shape or form. Cloud Formation is a way of turning your infrastructure into code so instead of having physical firewalls, network switches, load balancers, physical servers, et cetera. Cloud Formation is basically a document that describes your AWS environment. And you have these things called Cloud Formation Templates. Basically you can provision entire production environments in Cloud Formation Templates and just deploy them at will. You can even deploy them by the command line. You can run one single command in the command line and you can provision out a 50-server environment that uses multiple availability zones and has auto-scaling built-in and failover and everything. It's an amazing technology. So Cloud Formation turns your infrastructure into code, and what we're gonna do in this particular course is we're gonna go out and create a fault tolerant WordPress site. It's gonna take quite a few labs to get through it all and then we're gonna look at how we can just use Cloud Formation to do it all in like the space of 30 seconds. So Cloud Formation is a fantastic technology. We do have a Cloud Formation course which is the Beginner's Guide to Cloud Formation, and we're about to release at the beginning of January 2017 the Deep Dive to Cloud Formation. Cloud Formation is the one thing you need to know inside-out if you plan on working as a solutions architect in the real world for AWS. Now that being said, Cloud Formation doesn't come up in the exams all that too much. I mean, you basically just have to understand what it is at a high level. It comes up in this security exam, specialty exam, and in the professional solutions architect professional exam, you need to understand how to both deploy Cloud Formation Templates and roll them back. But at the associate level you don't really need to know much apart from what it is and what it does. That being said, and I'm gonna break my own rule here about only teaching you what you need to know to pass the exam, you do need to know Cloud Formation. So we're gonna have a lab on Cloud Formation later on in the course. Cloud Trail is a way of auditing your AWS resources. So if somebody goes in and creates a new user in the Identity and Access Management, Cloud Trail will record them doing that. So Cloud Trial is used for auditing changes to your AWS environment. Again, you just need to understand what it is at high level. We'll probably have a lab on it. It comes up a lot in the security specialty exam. OpsWorks is basically a way of automating deployments using Shift. Basically this really only comes up in the sysops administrator associate exam, and we will have a lab on it in there. Config Manager is a way, basically it automatically monitors your environment and gives you warnings when your environment might break specific configurations that you set. It's basically a way of auditing your environment. But unlike Cloud Trial, which basically just does audits, Config, you can set alerts so if somebody goes in and creates a new security group that's breaking company policy, Config will detect that and it will basically send you an alert saying this person's doing something that contravenes company policy. So it's a great way of being able to proactively monitor changes to your environment. Again, it doesn't really come up in any of the associate exams. It does come up in the security specialty exam though. Next up we have AWS Service Catalog, and this is a service that's designed for larger enterprises, and basically enterprises might have specific images that they might want to use for EC2. Or they might have specific AWS services that are authorized within their organization, so things like EC2, S3 or RDS. But then they might have other services that they don't want to authorize, things like workspaces for example. So Service Catalog basically allows you as an enterprise to build out what it is that you authorize within your organization and what services are not authorized, and that's Service Catalog. Don't worry too much about it because it is not an exam topic in any of the associate or professional exams. Moving on to Trusted Advisor. Trusted Advisor was actually designed by the AWS solutions architecture team, and basically when they would go into customers environments, they would make a series of recommendations. Trusted Advisor is their way of automating this and basically it'll give you tips on how to do co-stop automatization, how to do performance optimization any security fixes you should make, and how to build a more fault tolerant environment. So basically it's an automated way of scanning your environment and giving you different tips. Again, it really only comes up in the solutions architect associate exam and you just really need to know what it is. So we might just do a quick lab on it in the course. Moving on to application services. So let's start with Step Functions. Step Functions is a brand-new service just announced at reInvent 2016. Basically it's a way of visualizing what's going on inside your application or basically what different microservices it's using. Because it's so new it does not yet come up in any of the exams. Simple Work Flow service definitely comes up. It's a cornerstone of both the, well, actually all three associate exams, to be honest. And Simple Work Flow service is actually what they use in the Amazon fulfillment center, and it's a way of coordinating both automated tasks and human-led tasks. So let's say you place an order for a, I don't know, calculator. Somebody inside the warehouse has to actually go and locate that calculator. They have to then basically pick it up, take it over to the posting and packing area, where somebody else will apply posting and packing to it, and then it needs to be sent out to you. And Simple Work Flow basically facilitates that, and we will cover that off in the Application Services section of the course. Okay, so moving on to API Gateway. Basically think of API Gateway as a door. It allows you to create, publish, maintain, and monitor and also secure APIs at scale. So basically it's a door for your apps to access backend data. So it might be a two-access business logic or functionality from backend services like things like lambda. We actually use it on A Cloud Guru. You're using it right now if you're using our website. Basically we run AngularJS in our client devices. They then make calls to API Gateway, and then API Gateway then triggers lambda functions which basically respond to your requests. So when you're trying to view a discussion forum for example, that goes through API Gateway and the lambda function is responding to your request. Don't worry if that all sounds complicated because it's not gonna come up in any of the exams. You just need to know what it is at a high level, or probably I'll just do a quick little lecture on just serverless and how our actual platform works to put it all into perspective for you. But you really don't need to know much of it in detail apart from what it is in any of the associate exams. So just think about it as a doorway to accessing backend services with AWS. Moving on to AppStream. AppStream is pretty cool. It's a way of basically streaming desktop applications to your users. Again, you don't need to worry about it for any of the exams. And Elastic Transcoder. Again, we use this quite a bit for A Cloud Guru. Every single video that I record we run through Elastic Transcoder, and it basically just changes the video format to suit all different devices. So if you're watching this on an iPad it will be different to you if you're watching it on an iPad Air 2, and will be different in terms of screen resolution if you're watching it on a laptop. So Elastic Transcoder basically, you upload a video and it's going to transcode that video into all these different formats. Again, it doesn't come up in any of the exams. Okay, so let's move on to developer tools. Now surprisingly this does not come up in the developer associate exam at all. You would expect that to change in 2017 so I am going to have labs on the four different products in here. So CodeCommit is basically GitHub. It's a way of, it's a place to store your code securely in the cloud. You can either make it open or close. So you can basically just store your code up in the cloud. CodeBuild is a way of compiling your code. It's brand-new. It was released at reInvent 2016. And CodeBuild is actually interesting 'cause you pay by the minute for CodeBuild. But it's just a way of compiling your code in different environments. CodeDeploy is exactly what it sounds like on the tin. It's a way of deploying you code to your EC2 instances. It does it in a very automated and regulated fashion. And then CodePipeline is a way of keeping track of all your different basically versions of codes. You might have different code in test and product. You might have different code in actual production. You might have different code in UAT, et cetera. These are all fantastic developer tools. You would think that this would be in the developer associate exam. You think it would be the cornerstones of the developer associate exam. But it does not yet feature. I would expect that to change though and for that reason I'm going to have a lab on every single product in this particular section of the course. And it's optional as to whether or not you do that. Okay, so almost all of the next few services don't come up in any of the associate level exams and then messaging does come up a fair bit. So I'm just going to go through it really-really quickly and just give you a high-level overview. Remember you should always understand what these services are at a high level anyway. So moving on to mobile services let's start with Mobile Hub. Basically this lets you add, configure, and design features for your mobile apps. This includes things like user authentication, data storage, backend logic, push notifications, content delivery, and analytics. The way to think of Mobile Hub is you've got the AWS Console which we're gonna be logging into all the time. Mobile Hub is its own console for mobile apps so basically if you're a mobile app developer you'll be logging into Mobile Hub all the time and it has its own console inside there, and the console basically consists of all these different elements. So it consists of things like Cognito. Cognito makes it easy for you to have users sign up and sign into your apps using things like social identity providers. So Cognito, we actually do this in the iOS with AWS course. We use Cognito in that. And we allow people to sign in using basically their Gmail credentials, and all of that information, so their first name, their surname, their email address, is all stored in Cognito. Again, this doesn't come up in any of the associate exams. Really this is a real world application stuff so if you want to use Cognito, check out our iOS with AWS course, and that will actually teach you how to build out an Instagram style clone. And that uses AWS backend services. So you take a photo, it will store that photo in S3, it'll write the metadata to DynamoDB, it will trigger lambda functions to generate thumbnails of that photo, and will store all basically people's user data in Cognito, and they basically sign in using their Gmail accounts. Again, it's a great course but it has nothing to do with certifications. Moving on to Device Farm. Basically this enables you to improve the quality of your Android, iOS and Fire OS apps by quickly and securely testing them on hundreds of real smartphones. So it's literally, they've got a farm of all these different devices and you can test your apps on physical devices in the AWS data center. Moving on to Mobile Analytics. This is a service that lets you basically simply and cost-effectively collect and analyze app usage data so it's a way of analyzing your mobile data. And then Pinpoint is a brand-new service. It's been announced at reInvent 2016 and this basically enables you to understand and engage with your application users. Think of Pinpoint as Google Analytics for your mobile applications. So you use Pinpoint to gather data on what your users are doing with the apps that you've built, where they are in world, how they do different purchases, et cetera. It allows you to understand user behavior and then you can define who to engage, determine what notifications to send, and then decide when to deliver these notifications, and then you can track the results of these campaigns. So basically think of it as a way of combining Google Analytics with doing targeted marketing campaigns. And again, 'cause it's a brand-new service, it doesn't come up in any of the exams. Moving on to Business Productivity. So WorkDocs is a way of securely basically storing your important work documents in the cloud. It's more or less using S3 but it has a whole bunch of different security tied into it. Not in any of the exams. WorkMail. Think of it as Exchange for AWS. So it's a way of sending and receiving email. Again, not in any of the exams. Moving on to Internet of Things, or IoT. IoT is its own immense service. It was announced at reInvent2015 and it's basically a way of having thousands or millions or billions of devices out there and then keeping track of them. You use IoT gateway. IoT will probably be its own certification, that's my own bet, potentially in 2017, perhaps in 2018. Again, it's quite new, it was announced at reInvent 2015, doesn't feature in any of the exams at present. Moving on to desktop and app streaming. So we've got WorkSpaces. For those of you who know what VDI is, basically WorkSpaces is just VDI. Think of WorkSpaces as a way of having your desktop in the cloud. So if you're using a Windows PC, you might have a thin client, so it might just be a tablet or something that has no local operating system installed on it, the actual operating system itself would run in the AWS cloud, so you'd run your Windows environments out there. It doesn't really feature in the exam too much apart from knowing what it is. And then we have AppStream 2.0. This is again very similar to AppStream 1. AppStream 1 has been retired now but it still sits in the AWS Console. It's just a way of streaming desktop applications to your users. Moving on to Artificial Intelligence and I could talk about this all day. This is one of the biggest announcements at reInvent, it's a whole bunch of different new services under AI. If you're a fan of Elon Musk, you probably follow AI a lot. Elon Musk, for those that don't know, is the founder of Tesla. He's also the founder of SpaceX. He's basically Iron Man, the character Iron Man was based, more or less, off Elon Musk, if you believe the rumors. And Elon Musk is always warning us against the dangers of artificial intelligence. He says it's like, basically it's even more dangerous than nuclear weapons, it's nuclear weapons to the Nth degree. Artificial intelligence is here. It's growing faster every day. It is pretty scary stuff. I really started getting into AI when Elon Musk tweeted about this book. It's called Superintelligence by Nick Bostrom. I recommend you read it. It's fantastic. Go ahead and have a look at this on Amazon.com. We're out of time now. Guys you've been really-really patient. One more lecture and then we finish this section of the course. So go have a break, make yourself a coffee and when you've got the time, please join me in the next lecture. Thank you.