Skip to main content

AWS - Glossary

Amazon Web Services (AWS) Deployment terms explained - IAM, EC2, Elastic Beanstalk and much more.


access key

The combination of an access key ID (for example, AKIAIOSFODNN7EXAMPLE) and a secret access key (for example, wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY). You use access keys to sign API requests that you make to AWS.

access key ID

A unique identifier that's associated with a secret access key; the access key ID and secret access key are used together to sign programmatic AWS requests cryptographically.

access policy language

A language for writing documents (specifically, policies) that specify who can access a particular AWS resource and under what conditions.


A formal relationship with AWS that's associated with all of the following:
- The owner email address and password
- The control of resources created under its umbrella
- Payment for the AWS activity related to those resources

The AWS account has permission to do anything and everything with all the AWS account resources. This is in contrast to a user, which is an entity contained within the account.

account activity

A webpage showing your month-to-date AWS usage and costs. The account activity page is located at

AWS Account Management

AWS Account Management is a tool that you can use to update the contact information for each of your AWS accounts.



See Billing and Cost Management.

Billing and Cost Management

AWS Billing and Cost Management is the AWS Cloud computing model where you pay for services on demand and use as much or as little as you need. While resources are active under your account, you pay for the cost of allocating those resources. You also pay for any incidental usage associated with those resources, such as data transfer or allocated storage.



The amount of available compute size at a given time. Each Auto Scaling group is defined with a minimum and maximum compute size. A scaling activity increases or decreases the capacity within the defined minimum and maximum values.


IAM: Any restriction or detail about a permission. The condition is D in the statement "A has permission to do B to C where D applies."


Also called access credentials or security credentials. In authentication and authorization, a system uses credentials to identify who is making a call and whether to allow the requested access. In AWS, these credentials are typically the access key ID and the secret access key.



See service health dashboard.


Amazon EC2

Amazon Elastic Compute Cloud is a web service for launching and managing Linux/UNIX and Windows Server instances in Amazon data centers.



A web-based repository that uses Git for version control.


AWS Health

AWS Health is a service that provides ongoing visibility into AWS customers' accounts and the availability of their AWS services and resources.



AWS Identity and Access Management is a web service that Amazon Web Services (AWS) customers can use to manage users and user permissions within AWS.

IAM role

See role.

IAM user

See user.

Identity and Access Management

See IAM.



A credential that identifies an AWS account or user to AWS (such as the AWS secret access key).

Amazon S3, Amazon EMR: The unique identifier for an object in a bucket. Every object in a bucket has exactly one key. Because a bucket and key together uniquely identify each object, you can think of Amazon S3 as a basic data map between the bucket + key, and the object itself. You can uniquely address every object in Amazon S3 through the combination of the web service endpoint, bucket name, and key, as in this example:, where doc is the name of the bucket, and 2006-03-01/AmazonS3.wsdl is the key.

Import/Export: The name of an object in Amazon S3. It's a sequence of Unicode characters whose UTF-8 encoding can't exceed 1024 bytes. If a key (for example, logPrefix + import-log-JOBID) is longer than 1024 bytes, Elastic Beanstalk returns an InvalidManifestField error.

IAM: In a policy, a specific characteristic that's the basis for restricting access (such as the current time or the IP address of the requester).

Tagging resources: A general tag label that acts like a category for more specific tag values. For example, you might have EC2 instance with the tag key of Owner and the tag value of Jan. You can tag an AWS resource with up to 10 key–value pairs. Not all AWS resources can be tagged.


managed policy

A standalone IAM policy that you can attach to multiple users, groups, and roless in your IAM account. 
Managed policies can either be AWS managed policies (which are created and managed by AWS) or customer managed policies (which you create and manage in your AWS account).

AWS managed policy

An IAM managed policy that's created and managed by AWS.

AWS Management Console

AWS Management Console is a graphical interface to manage compute, storage, and other cloud resources.



IAM: A document defining permissions that apply to a user, group, or role; the permissions in turn determine what users can do in AWS. 
A policy typically allows access to specific actions, and can optionally grant that the actions are allowed for specific resources, such as EC2 instances or Amazon S3 buckets. Policies can also explicitly deny access.

Amazon EC2 Auto Scaling: An object that stores the information that's needed to launch or terminate instances for an Auto Scaling group.
Running the policy causes instances to be launched or terminated. You can configure an alarm to invoke an Auto Scaling policy.



A named set of AWS resources that's in the same geographical area. 
A Region comprises at least three Availability Zones.


Organizations: A parent container for the accounts in your organization. 
If you apply a service control policy to the root, it applies to every organizational unit and account in the organization.

root credentials

Authentication information associated with the AWS account owner.


secret access key

A key that's used with the access key ID to cryptographically sign programmatic AWS requests. 
Signing a request identifies the sender and prevents the request from being altered.
You can generate secret access keys for your AWS account, individual IAM usersand temporary sessions.



Metadata that you can define and assign to AWS resources, such as an EC2 instance. 
Not all AWS resources can be tagged.



A person or application under an account that makes API calls to AWS products. 
Each user has a unique name within the AWS account, and a set of security credentials that aren't shared with other users. These credentials are separate from the security credentials for the AWS account.
Each user is associated with one and only one AWS account.

✅ Resources

  • 👉 Deploy Projects using your preferred provider: AWS, DigitalOcean, Azure, and GCP (soon)
  • 👉 Get Deployment Support from the team behind this service
  • 👉 Join the Community and chat with the team behind DeployPRO