Skip to main content
Skip to main content
Still in beta — questions, comments or suggestions? aramb@aramb.dev
Cloud Fundamentals

Service Comparison Drills, Closely Related AWS Services

Comparison drills for closely related AWS services including EC2 vs Lightsail, RDS vs DynamoDB, Redshift vs EMR, WAF vs Shield, KMS vs Secrets Manager, and more.

20 min
Introductory

Learning outcomes

By the end of this lesson, the learner can:

  1. Distinguish between closely related AWS services without guessing.
  2. Choose the strongest first-fit service for a simple scenario.
  3. Explain why one AWS service fits better than another.
  4. Build faster service-selection instincts for scenario-based questions.

How these drills work

This lesson is about a common real-world skill:

You are not choosing between a good service and a bad service. You are choosing between two services that both sound plausible.

That is where learners often get stuck.

A simple memory rule for this lesson:

  • EC2 vs Lightsail = control vs simplicity
  • EC2 vs ECS = server vs containers
  • RDS vs DynamoDB = relational vs NoSQL
  • Redshift vs EMR = SQL warehouse vs big data processing
  • EBS vs EFS = one server disk vs shared file system
  • WAF vs Shield = request filtering vs DDoS protection
  • KMS vs Secrets Manager = keys vs secrets
  • CloudTrail vs Config = actions/events vs configuration history

Those role boundaries are reflected directly in AWS's service docs. EC2 is a virtual server, ECS services run and maintain tasks, Lightsail is the simplified bundled platform, RDS is the managed relational service, DynamoDB is a serverless NoSQL database, Redshift is a data warehouse, EMR is a big-data platform, S3 storage classes match access patterns, and CloudFormation manages infrastructure as code. (AWS Documentation)

1) EC2 vs Lightsail

EC2

AWS says an EC2 instance is a virtual server in the AWS Cloud. You choose things like AMI, instance type, network placement, and security group settings. (AWS Documentation)

Lightsail

AWS describes Lightsail as the easier way to get started with AWS for websites and web applications, with bundled resources such as instances, databases, storage, load balancers, CDN, DNS, and snapshots. (AWS Documentation)

Simplest difference

  • EC2 = more flexible, more granular, more control
  • Lightsail = simpler bundled starting point

Best rule

If the scenario says "simple website," "quick launch," "predictable bundled pricing," or "easy starting point", think Lightsail first.

If the scenario says "full control," "custom architecture," or "fine-grained AWS building blocks", think EC2 first. (AWS Documentation)

2) EC2 vs ECS

EC2

EC2 is the virtual-server model. You manage the server layer more directly. AWS's EC2 docs literally define an instance as a virtual server. (AWS Documentation)

ECS

AWS says an ECS service runs and maintains a specified number of task instances in an ECS cluster, replaces failed tasks, and can run behind a load balancer with service auto scaling. (AWS Documentation)

Simplest difference

  • EC2 = run servers
  • ECS = run containerized workloads as tasks/services

Best rule

If the question is about containers, tasks, services, or keeping a desired number of containers running, think ECS.

If the question is about a server, OS-level control, or connecting directly to an instance, think EC2. (AWS Documentation)

3) RDS vs DynamoDB

RDS

AWS says Amazon RDS is the managed relational database service and its basic building block is the DB instance. (AWS Documentation)

DynamoDB

AWS says DynamoDB is a serverless, fully managed, distributed NoSQL database that delivers single-digit millisecond performance at any scale. (AWS Documentation)

Simplest difference

  • RDS = managed relational database
  • DynamoDB = managed NoSQL key-value/document database

Best rule

If the scenario says SQL, relational structure, classic relational app database, or MySQL/PostgreSQL-style thinking, think RDS.

If the scenario says NoSQL, unpredictable scale, key-based lookups, or serverless operational database, think DynamoDB. (AWS Documentation)

4) Redshift vs EMR

Redshift

AWS says Amazon Redshift is a fully managed, petabyte-scale data warehouse service in the cloud. (AWS Documentation)

EMR

AWS says Amazon EMR is a managed cluster platform for running big-data frameworks such as Apache Hadoop and Apache Spark to process and analyze vast amounts of data. (AWS Documentation)

Simplest difference

  • Redshift = SQL analytics warehouse
  • EMR = big-data processing frameworks

Best rule

If the scenario says dashboards, BI reporting, SQL analytics, or warehouse queries, think Redshift.

If the scenario says Spark, Hadoop, processing jobs, ETL pipelines, or large-scale transformations, think EMR. (AWS Documentation)

5) EBS vs EFS

EBS

EBS is block storage for EC2, used like a disk attached to a server. This role is reflected in the EC2 and storage docs.

EFS

EFS is the shared file-storage service for multiple compute resources, especially Linux/NFS-style shared access.

Simplest difference

  • EBS = disk for one server
  • EFS = shared file system across multiple compute resources

Best rule

If the scenario says root disk, one EC2 instance, or persistent attached storage, think EBS.

If the scenario says shared files, multiple compute resources, or one common file system, think EFS.

6) S3 Standard vs S3 Intelligent-Tiering vs Glacier classes

AWS says S3 storage classes are designed for different access patterns and cost goals. (AWS Documentation)

Simplest difference

  • S3 Standard = frequently accessed data
  • S3 Intelligent-Tiering = unknown or changing access patterns
  • Glacier classes = archive-style data with different retrieval tradeoffs

Best rule

  • Active files, current app assets, frequent access → S3 Standard
  • Unpredictable access patterns, don't want to guess usage tier → S3 Intelligent-Tiering
  • Archive, rarely accessed, long-term retention → Glacier class (AWS Documentation)

7) CloudTrail vs Config

CloudTrail

CloudTrail records actions and API activity in AWS.

Config

AWS Config tracks resource configuration and how it changed over time.

Simplest difference

  • CloudTrail = who did what
  • Config = what the resource looked like and how it changed

Best rule

If the scenario says "who changed this?", "what API call happened?", or "which user or role performed the action?", think CloudTrail.

If the scenario says "how did this resource's configuration change?", "what was the security group configuration before?", or "show me configuration history", think Config.

8) KMS vs Secrets Manager

KMS

AWS KMS manages encryption keys.

Secrets Manager

AWS Secrets Manager stores and rotates secrets such as passwords, tokens, and API keys.

Simplest difference

  • KMS = keys
  • Secrets Manager = secrets

Best rule

If the scenario says encryption key, key management, or cryptographic key control, think KMS.

If it says database password, API key, secret token, or rotate credentials, think Secrets Manager.

9) WAF vs Shield

WAF

AWS WAF helps filter and control web requests using rules.

Shield

AWS Shield is for DDoS protection.

Simplest difference

  • WAF = request filtering
  • Shield = DDoS defense

Best rule

If the scenario says block malicious web requests, allow/deny request patterns, or protect a web app from common web exploits, think WAF.

If the scenario says DDoS, volumetric attack, or network flood protection, think Shield.

10) CloudFormation vs manual console setup

AWS says CloudFormation lets you model and provision AWS infrastructure and manage related resources as a stack. (AWS Documentation)

Simplest difference

  • Manual setup = click-built environment
  • CloudFormation = repeatable infrastructure as code

Best rule

If the scenario says repeatable environments, YAML or JSON template, preview before deploying changes, or recreate the same infrastructure consistently, think CloudFormation. (AWS Documentation)

Quick comparison table

ComparisonShortcut
EC2 vs LightsailControl vs simplicity
EC2 vs ECSServer vs containers
RDS vs DynamoDBRelational vs NoSQL
Redshift vs EMRSQL warehouse vs processing frameworks
EBS vs EFSOne server disk vs shared file system
S3 Standard vs Intelligent-Tiering vs GlacierActive vs unknown pattern vs archive
CloudTrail vs ConfigActions/events vs configuration history
KMS vs Secrets ManagerKeys vs secrets
WAF vs ShieldRequest filtering vs DDoS protection
CloudFormation vs manual setupRepeatable IaC vs clicking in console

Micro-activity 1

Choose the stronger first-fit service:

  1. You want the easiest bundled platform for a small web app.
  2. A team wants a long-lived containerized service with load balancing.
  3. A team wants a managed PostgreSQL-style relational database.
  4. A team wants serverless NoSQL for unpredictable traffic.
  5. A team wants Spark jobs.
  6. A team wants warehouse-style SQL analytics.
  7. A team wants a database password store with rotation.
  8. A team wants encryption-key management.
  9. A team wants request filtering for a web application.
  10. A team wants DDoS protection.

Micro-activity 2

Answer in one or two sentences each:

  1. Why is EC2 not the same as ECS?
  2. Why is Redshift not the same as EMR?
  3. Why is RDS not the same as DynamoDB?
  4. Why is CloudFormation not the same as "I can just build it in the console"?

Use the service definitions above in your explanation. (AWS Documentation)

Summary

Service selection gets much easier once you stop trying to memorize everything as one giant list. The real skill is learning the boundary between similar services. AWS's docs make those boundaries clear: EC2 is a virtual server, ECS services run and maintain tasks, Lightsail is the simpler bundled platform, RDS is managed relational, DynamoDB is serverless NoSQL, Redshift is a warehouse, EMR runs big-data frameworks, S3 classes match access patterns, and CloudFormation manages infrastructure as code. (AWS Documentation)

The simplest memory rule is:

  • pick the service based on the problem shape, not the service name similarity

Quiz 5.13

Knowledge Check
1 / 5

A team wants the easiest bundled AWS starting point for a small website. Which is the strongest fit?

Reflection questions

Think about it

What is the biggest difference between Redshift and EMR?

Think about it

What is the biggest difference between KMS and Secrets Manager?

Think about it

What is the biggest difference between EC2 and ECS?

Think about it

A workload needs shared Linux-style file access across multiple compute resources. Which storage service is the strongest fit?

Think about it

What is the simplest memory rule for service comparison drills?

Answer key

A1: B. Lightsail. AWS positions Lightsail as the easier bundled platform for websites and web applications. (AWS Documentation)

A2: B. ECS. AWS says ECS services run and maintain a specified number of tasks in a cluster. (AWS Documentation)

A3: B. RDS vs DynamoDB. RDS is managed relational, while DynamoDB is serverless NoSQL. (AWS Documentation)

A4: Redshift is for SQL warehouse analytics, while EMR is for big-data processing frameworks such as Spark and Hadoop. (AWS Documentation)

A5: C. WAF vs Shield. WAF filters requests, while Shield focuses on DDoS protection.

A6: KMS manages encryption keys, while Secrets Manager stores and rotates secret values such as passwords and tokens.

A7: A. CloudFormation. AWS says CloudFormation manages related resources as a stack from templates. (AWS Documentation)

A8: EC2 is the virtual-server model, while ECS is the container-orchestration model for tasks and services. (AWS Documentation)

A9: EFS, because it is the shared file-system service across multiple compute resources.

A10: Pick the service based on the problem shape, not the name similarity.

Next lesson

Lesson 5.14: Architecture Reasoning Drills