# 考试范围内的 AWS 服务
<a name="scs-02-in-scope-services"></a>

**注意：** 安全性将影响所有 AWS 服务。许多服务并未列入此列表，因为该服务整体属于范围外，而服务的安全方面则在考核范围内。例如，本考试的考生不需要了解为 S3 存储桶配置复制的步骤。但是，考生可能会被问及有关配置 S3 存储桶策略的问题。

下表列出了考试范围内的 AWS 服务和功能。此列表并非详尽无遗，并且可能随时会更改。AWS 各项产品和服务按其主要功能进行分类：

**Topics**
+ [分析](#scs-02-in-scope-analytics)
+ [应用程序集成](#scs-02-in-scope-application-integration)
+ [计算](#scs-02-in-scope-compute)
+ [开发工具](#scs-02-in-scope-developer-tools)
+ [物联网](#scs-02-in-scope-internet-of-things)
+ [机器学习](#scs-02-in-scope-machine-learning)
+ [管理和监管](#scs-02-in-scope-management-governance)
+ [联网和内容分发](#scs-02-in-scope-networking-content-delivery)
+ [安全性、身份与合规性](#scs-02-in-scope-security-identity-compliance)
+ [存储和数据管理](#scs-02-in-scope-storage-data-management)

## 分析
<a name="scs-02-in-scope-analytics"></a>
+ Amazon Athena
+ Amazon OpenSearch Service

## 应用程序集成
<a name="scs-02-in-scope-application-integration"></a>
+ Amazon SNS
+ AWS Step Functions

## 计算
<a name="scs-02-in-scope-compute"></a>
+ Amazon API Gateway
+ Amazon EC2（包括 EC2 Image Builder、EC2 Instance Connect）
+ Amazon EKS
+ Amazon EMR
+ AWS Lambda
+ Amazon Data Lifecycle Manager

## 开发工具
<a name="scs-02-in-scope-developer-tools"></a>
+ AWS 故障注入服务

## 物联网
<a name="scs-02-in-scope-internet-of-things"></a>
+ AWS IoT Core

## 机器学习
<a name="scs-02-in-scope-machine-learning"></a>
+ Amazon Bedrock
+ Amazon CodeGuru 安全防御工具
+ Amazon Q 企业版
+ Amazon Q Developer
+ Amazon SageMaker AI

## 管理和监管
<a name="scs-02-in-scope-management-governance"></a>
+ AWS CloudFormation
+ AWS CloudTrail
+ AWS CloudTrail Lake
+ Amazon CloudWatch
+ AWS Config
+ AWS Control Tower
+ Amazon Managed Grafana
+ AWS Organizations
+ AWS 韧性监测中心
+ AWS Resource Access Manager (AWS RAM)
+ AWS Service Catalog
+ AWS Systems Manager
+ AWS Trusted Advisor
+ AWS 用户通知服务
+ AWS Well-Architected Tool

## 联网和内容分发
<a name="scs-02-in-scope-networking-content-delivery"></a>
+ Amazon 应用程序恢复控制器
+ Amazon VPC
  + Network Access Analyzer
  + 网络 ACL
  + 安全组
  + VPC 端点
  + AWS Site-to-Site VPN
  + 流日志
  + VPC 端点
  + AWS Verified Access
+ AWS Client VPN
+ Amazon CloudFront
+ Amazon Verified Permissions
+ Amazon Route 53（包括 Route 53 Resolver DNS 防火墙）
+ AWS Direct Connect
+ 弹性负载均衡 (ELB)
+ Network Access Analyzer
+ AWS Transit Gateway

## 安全性、身份与合规性
<a name="scs-02-in-scope-security-identity-compliance"></a>
+ AWS Artifact
+ AWS Audit Manager
+ AWS Certificate Manager (ACM)
+ AWS CloudHSM
+ Amazon Cognito
+ Amazon Detective
+ AWS Directory Service
+ AWS Firewall Manager
+ 适用于 Amazon EC2 的自动化取证编排工具
+ Amazon GuardDuty
+ IAM
+ AWS IAM Identity Center
+ Amazon Inspector
+ AWS KMS
+ Amazon Macie
+ AWS Network Firewall
+ AWS Private Certificate Authority
+ AWS Secrets Manager
+ AWS Security Hub
+ Amazon Security Lake
+ AWS Shield
+ AWS Shield Advanced
+ AWS STS
+ AWS WAF

## 存储和数据管理
<a name="scs-02-in-scope-storage-data-management"></a>
+ Amazon S3
+ AWS Backup
+ AWS DataSync
+ Amazon EFS（包括 EFS 生命周期策略）
+ 适用于 Lustre 的 Amazon FSx