All Flashcards
S3 - How is a key defined?
A key acts as a file name.
It can include (back) slashes, dots or dashes.
S3 - What is the durability / accessibility of S3 Standard?
- 999999999% durability and
99. 99% availabiliy
S3 - How is data consistency handled?
For PUT of new items AWS provides read-after write concistency.
For DELETE and PUT on existing objects eventual concistency (Because the files are stored across multiple data centers)
S3 - Describe S3 Standard - Infrequent Access?
Same duability as Standard.
Storage costs are lower, but there is a retrieval fee.
Also the size min. is 128KB and the duration is set to a min. of 30 days
S3 - What is a typical object lifecycle?
- Initially store in S3 Standard
- After 30 days transition to S3 IA
- After 90 days transition to Glacier
- After 3 years delete the file
S3 - What is SSE-S3?
“Check-Box style” ecryption
AWS handles key management and key protection
S3 - What is SSE-KMS?
Fully integrated solution, Amazon handles the users key management und protection, but the user manages the keys
S3 - What is SSE-C?
User maintains own encryption keys, but Amazon handles the library implementation
S3 - What is Client-Side encryption?
Data is ecrypted on the client side before the data is sent to S3
S3 - What is MFA Delete Protection?
For a delete request the authorization with a MFA device is needed alongside the normal user/password route
S3 - What are Pre-Signed URLs?
Private items be made “public” for a certain time duration
S3 - What is cross-region replication?
For latency and performance reasons objects can be located in S3 buckets across different regions.
Required:
- IAM policy to enable S3 to sent the files to another region
- Versioning must be turned on
EC2 - What defines an instance type?
- Count of virtual CPUs
- Memory
- Storage in type and size
- Network performance
EC2 - What is enhanced networking?
Reduces impact of the virtualization on the networking capabilities.
Results in lower latency, more packets and less jitter
EC2 - What defines an AMI?
- The operating system
- The state of patches
- The installed applications or other system software
EC2 - What are the typs of AMIs?
- Published by AWS
- Maketplace AMIs
- AMIs from existing instances or backups
- From AWS VM Import/Export
EC2 - How can you access an instance from the web?
- Assign a public or elastic IP or use the DNS for the instance
- Make sure that the route table, security group and NACL allow access
EC2 - Does an EC2 instance need a security group?
Yes, at least one security group must be attached to the instance
EC2 - What kind of source/destinatons are allowed in a Security Group?
CIDR IP blocks or other security groups
EC2 - Can you export a VM and import it to AWS?
Yes, using AWS VM Import/Export.
Instances from AMIs cannot be exported (and used in another data center)
EC2 - How can an instance be resized?
Stop the instance.
Change the type using the “Change Instance Type” setting
EC2 - Can you change the Security Group on a running instance?
Yes, also rules in a security group can be changed and take effect immediately
EC2 - What is Termination Protection?
No instance can be terminated before this setting is manually deselected.
Does not prevent Spot Instances to be terminated.
EC2 - How can an EC2 reserved instance be modified?
- Switch the AZ in the same region
- Change the instance type in the same instance family