Services
Simfra implements 106 AWS services with a total of 5,808 operations.
You can query the live service list from your Simfra instance at GET /_simfra/services.
Compute
| Service | Ops | Protocol | Description |
|---|---|---|---|
| ec2 | 384 | ec2query | VPC networking, Docker-backed instances with state machines, security groups, ENI lifecycle, EBS volumes, AMIs, key pairs, and elastic IPs |
| lambda | 85 | rest-json | Docker-backed function execution with layers, aliases, versions, event source mappings, URLs, concurrency, and code signing |
| ecs | 64 | json | Docker-backed container orchestration with clusters, services, task definitions, task execution, and service discovery integration |
| eks | 64 | rest-json | Kubernetes cluster lifecycle with managed node groups, Fargate profiles, and add-ons backed by real K8s clusters in Docker |
| eks-auth | 1 | rest-json | EKS Pod Identity token exchange for Kubernetes service account authentication |
| batch | 39 | rest-json | Compute environments, job queues, job definitions, and job submission with Docker-backed execution via ECS |
| autoscaling | 66 | query | Auto Scaling groups with launch configurations, scaling policies, lifecycle hooks, and instance management |
| application-autoscaling | 14 | json | Target registration, scaling policies, and scheduled actions for ECS, DynamoDB, and other scalable resources |
| braket | 17 | rest-json | Quantum circuit execution via containerized simulator (SV1 state vector, DM1 density matrix), task lifecycle management with S3 result output |
| apprunner | 37 | json | App Runner services with auto-scaling, VPC connectors, observability configs, custom domains, pause/resume lifecycle, and cross-service IAM/ECR/VPC/KMS validation |
Storage
| Service | Ops | Protocol | Description |
|---|---|---|---|
| s3 | 94 | rest-xml | Object storage with versioning, lifecycle rules, bucket policies, CORS, SSE-KMS encryption, multipart uploads, event notifications, presigned URLs, and S3 Express One Zone directory buckets |
| s3control | 24 | rest-xml | Account-level S3 settings with access points, public access blocks, storage lens, and multi-region access points |
| s3tables | 61 | rest-json | S3 Tables with table buckets, namespaces, Iceberg tables, backing S3 storage, Iceberg REST Catalog API, encryption, policies, and tagging |
| s3vectors | 19 | rest-json | S3 Vectors with vector buckets, indexes, brute-force KNN similarity search (cosine/euclidean), metadata filtering, bucket policies, and KMS encryption |
| elasticfilesystem | 31 | rest-json | Elastic file system with mount targets, access points, and file system policies backed by Docker NFS containers |
| fsx | 10 | rest-json | File system lifecycle with Windows, Lustre, ONTAP, and OpenZFS types, tagging, and backup operations |
| datasync | 53 | json | Data transfer service with Docker-backed agent containers for S3, NFS, and EFS transfers with full task execution state machine |
| backup | 108 | rest-json | Backup vaults, plans, selections, and recovery points with cross-service resource protection |
Database
| Service | Ops | Protocol | Description |
|---|---|---|---|
| rds | 161 | query | Database instance and cluster lifecycle with Multi-AZ standby replication, Aurora cluster read replicas, global database failover/switchover, parameter groups, subnet groups, snapshots, proxies, and event subscriptions backed by Docker containers |
| rds-data | 6 | rest-json | SQL execution against RDS Aurora Serverless and DSQL with transaction support and parameter binding |
| dynamodb | 61 | json | Table lifecycle with full item CRUD, queries, scans, GSI/LSI, TTL, streams, transactions, encryption, and export/import |
| elasticache | 74 | query | Redis/Valkey clusters with replication groups, parameter groups, subnet groups, users, and snapshots backed by Docker containers |
| redshift | 141 | query | Provisioned cluster lifecycle with parameter groups, subnet groups, snapshots, and cluster management |
| redshift-serverless | 65 | json | Serverless namespace and workgroup management with snapshot and recovery operations |
| docdb | 55 | query | DocumentDB cluster lifecycle with instances, parameter groups, subnet groups, snapshots, and event subscriptions |
| docdb-elastic | 19 | rest-json | DocumentDB Elastic cluster management with sharded clusters and snapshot operations |
| dsql | 12 | rest-json | Aurora DSQL cluster lifecycle with multi-region linked clusters and connection endpoint management backed by PostgreSQL containers |
| dms | 118 | json | Database migration with replication instances, endpoints, and tasks supporting full-load and CDC between MySQL, PostgreSQL, and S3 |
Networking
| Service | Ops | Protocol | Description |
|---|---|---|---|
| route53 | 56 | rest-xml | DNS zone management with record sets, health checks, DNSSEC, traffic policies, and ALIAS resolution backed by Docker DNS containers |
| route53domains | 34 | json | Domain registration lifecycle with contact management, DNS configuration, transfer operations, and WHOIS privacy |
| route53resolver | 68 | json | DNS resolver endpoints and rules with VPC associations for hybrid DNS resolution |
| elasticloadbalancing | 43 | query | Application and Network Load Balancers with target groups, listeners, rules, and health checks backed by Docker containers |
| cloudfront | 107 | rest-xml | CDN distributions with origins, cache behaviors, and edge configurations backed by Docker containers |
| apigateway | 196 | rest-json | HTTP and WebSocket API lifecycle with routes, integrations, stages, authorizers, and VPC links backed by Docker containers |
| execute-api | 3 | rest-json | WebSocket connection management for API Gateway real-time APIs |
| servicediscovery | 30 | json | Cloud Map service discovery with namespaces, services, and instance registration integrated with Route53 |
| directconnect | 63 | json | Full Direct Connect simulation: connections, LAGs, private/public/transit virtual interfaces, BGP peers, DX gateways with TGW/VGW associations, cross-account proposals, MACsec, tagging, and background state machines |
| arc-zonal-shift | 15 | rest-json | Availability zone traffic shifting for ELB resources with practice runs and autoshift management |
| arc-region-switch | 21 | json, smithy-rpc-v2-cbor | Multi-region failover plans with step-by-step execution, approval workflows, and Route53 health check integration |
Security & Identity
| Service | Ops | Protocol | Description |
|---|---|---|---|
| iam | 162 | query | Users, groups, roles, policies, access keys, MFA, OIDC/SAML providers, service-linked roles, permission boundaries, and full policy evaluation |
| sts | 6 | query | Token service with AssumeRole, federation, session tokens, caller identity, and credential validation |
| kms | 53 | json | Key management with symmetric/asymmetric keys, encryption/decryption, key rotation, grants, aliases, and key policies |
| cognito-idp | 117 | json | User pools with full auth flows, user management, MFA, triggers, groups, resource servers, and hosted UI backed by Docker |
| cognito-identity | 23 | json | Federated identity pools with identity creation, credential vending via STS, and identity-provider mappings |
| secretsmanager | 23 | json | Secret lifecycle with versioning, rotation configuration, resource policies, and cross-service secret resolution |
| acm | 16 | json | Certificate lifecycle with DNS/email validation, auto-renewal, tagging, and private CA integration |
| acm-pca | 23 | json | Private certificate authority with CA lifecycle, certificate issuance, revocation, CRL generation, and audit reporting |
| rolesanywhere | 31 | rest-json | IAM Roles Anywhere with trust anchors, profiles, CRLs, and X.509 certificate-based credential vending via STS |
| sso | 4 | rest-json | IAM Identity Center portal with role credentials, session management, and federated access |
| sso-admin | 79 | json | IAM Identity Center administration with permission sets, account assignments, and instance management |
| sso-oidc | 4 | rest-json | OIDC device authorization flow for IAM Identity Center CLI authentication |
| identitystore | 19 | json | User and group management for IAM Identity Center with membership operations |
| verifiedpermissions | 30 | json | Cedar policy-based authorization with policy stores, schemas, policies, templates, and authorization decisions |
| access-analyzer | 37 | rest-json | Policy validation, external access findings, and resource scanning across IAM, S3, SQS, KMS, and Lambda policies |
| guardduty | 87 | rest-json | Threat detection with detector management, findings, S3 malware protection (ClamAV scanning), member accounts, IP sets, and threat intel sets |
| securityhub | 104 | rest-json | Security findings aggregation with standards, controls, member accounts, and finding import/update |
| wafv2 | 55 | json | Web ACL management with rules, IP sets, regex pattern sets, and resource associations for CloudFront and ALB |
| ds | 80 | json | Managed directory service with Microsoft AD and AD Connector backed by Docker containers with Samba |
| ram | 35 | rest-json | Resource sharing across accounts with resource shares, principals, permissions, and association management |
| network-firewall | 79 | json | VPC traffic inspection with firewall policies, stateful and stateless rule groups, TLS inspection, and subnet endpoint management |
Messaging & Integration
| Service | Ops | Protocol | Description |
|---|---|---|---|
| sqs | 23 | query, json | Message queuing with FIFO, dead-letter queues, visibility timeouts, batch operations, message move tasks, and KMS encryption |
| sns | 42 | query | Topic management with subscriptions, message publishing, filtering, FIFO support, KMS encryption, and cross-service delivery |
| events | 57 | json | Event bus management with rules, targets, connections, API destinations, archives, and cross-service event routing |
| pipes | 8 | rest-json | EventBridge Pipes with source-target connections, filtering, enrichment, and DLQ configuration |
| kinesis | 39 | json | Data stream lifecycle with shard management, record put/get, stream modes, and consumer registration |
| firehose | 12 | json | Delivery streams with S3, OpenSearch, and HTTP destinations including buffering, compression, and format conversion |
| states | 37 | json | State machine execution with Standard and Express workflows, activity tasks, and cross-service task integration |
| scheduler | 12 | rest-json | EventBridge Scheduler with one-time and recurring schedules, flexible time windows, and cross-service target invocation |
| mq | 24 | rest-json | Amazon MQ broker lifecycle with configurations and user management backed by Docker containers |
| kafka | 59 | rest-json | MSK cluster lifecycle with configurations, broker management, and cluster operations |
| appsync | 74 | rest-json | GraphQL API lifecycle with schema management, resolvers, data sources, API keys, and real-time subscriptions via WebSocket |
| appflow | 24 | rest-json | Data flow orchestration with S3 source/destination connectors, flow execution, and schema discovery |
| ses | 110 | rest-json | Email sending with identities, configuration sets, contact lists, templates, and email delivery backed by Docker SMTP |
Management & Monitoring
| Service | Ops | Protocol | Description |
|---|---|---|---|
| monitoring | 39 | smithy-rpc-v2-cbor, query | CloudWatch metrics, alarms, dashboards, composite alarms, metric math, and anomaly detection with CBOR+Query dual protocol |
| logs | 103 | json | Log group and stream management with log ingestion, metric filters, subscription filters, and query operations |
| cloudtrail | 60 | json | API audit logging with trail management, event selectors, and event history lookup across all services |
| config | 97 | json | Configuration recording, compliance rules, conformance packs, and resource configuration history tracking |
| cloudformation | 90 | query | Stack lifecycle with template validation, resource tracking, change sets, and drift detection |
| ssm | 146 | json | Parameter store, document management, command execution, session management, associations, maintenance windows, patch baselines, service settings, activations, and resource data sync |
| organizations | 63 | json | Multi-account management with organizational units, service control policies, and account lifecycle |
| account | 15 | rest-json | Account-level settings including alternate contacts and region management |
| xray | 38 | rest-json | Distributed tracing with trace segments, sampling rules, groups, and encryption configuration |
| appconfig | 47 | rest-json | Application configuration with environments, deployment strategies, configuration profiles, and hosted configuration versions |
| servicequotas | 26 | json | Service quota querying, quota increase requests (auto-approved), and quota templates |
| vpc-quotas | 0 | - | VPC quota definitions for Service Quotas integration (internal provider, no API operations) |
| ce | 47 | json | Anomaly monitors and subscriptions, cost categories with rules, cost allocation tags, and cost/usage query stubs |
| resource-groups | 15 | rest-json | Resource group management with configuration, tagging, and resource membership |
Developer Tools
| Service | Ops | Protocol | Description |
|---|---|---|---|
| codecommit | 24 | json | Git repository management backed by Docker containers with branches, commits, files, and pull requests |
| codebuild | 50 | json | Build project management with source providers, build execution, report groups, and webhook configurations |
| codedeploy | 47 | json | Application deployment with deployment groups, configurations, and revision management across EC2 and ECS targets |
| codepipeline | 44 | json | CI/CD pipeline management with stages, actions, and pipeline execution tracking |
| ecr | 58 | json | Container image registry with repositories, lifecycle policies, image scanning, replication, and pull-through cache rules |
| ecr-public | 23 | json | Public container image registry with repositories and image management |
| cloud9 | 13 | json | Cloud-based IDE with Docker-backed code-server environments, membership management, and automatic hibernation |
AI & Machine Learning
| Service | Ops | Protocol | Description |
|---|---|---|---|
| bedrock | 40 | rest-json | Foundation model management with custom models, guardrails, model invocation logging, and provisioned throughput |
| bedrock-runtime | 7 | rest-json | Model inference with streaming responses, Converse API, and multi-modal input support backed by Ollama |
| bedrock-agent | 72 | rest-json | Agent creation with knowledge bases, action groups, data sources, and agent versioning/aliasing |
| bedrock-agent-runtime | 26 | rest-json | Agent invocation and knowledge base retrieval with session management |
| bedrock-data-automation | 27 | rest-json | Data automation blueprints and project management for document processing pipelines |
| bedrock-data-automation-runtime | 6 | json | Asynchronous data automation invocation with status tracking |
| sagemaker | 26 | json | ML model training via Docker containers, real-time inference endpoint hosting, batch transform, and processing jobs with S3 data I/O |
| sagemaker-runtime | 2 | rest-json | Real-time inference endpoint invocation with request proxying to Docker-hosted model containers |
Analytics
| Service | Ops | Protocol | Description |
|---|---|---|---|
| athena | 70 | json | SQL query execution against S3 data with workgroups, named queries, prepared statements, and query result pagination |
| glue | 265 | json | Data catalog with databases, tables, crawlers, jobs, triggers, connections, and schema registry management |
| kinesisanalytics | 33 | json | Managed Apache Flink applications with runtime configuration, snapshots, and application versioning |
| es | 82 | rest-json | OpenSearch domains with cluster configuration, access policies, VPC endpoints, and package management |