Amazon Management & Governance

Question 1

AWS Cloudwatch

Answer 1

o Personal trainer for EC2 - Monitors
performance of AWS resources and
applications - collects and tracks
metrics

o Monitors: EC2 Instances (every 5
min), Autoscaling, Elastic Load
Balancers, Route 53 Health checks,
Storage, CloudFront

Question 2

CloudWatch Permissions
&
Additional Functionality

Answer 2

o   Cloudwatch will monitor EC2 
     every 5 mins by default
         •  You can have up to 1 minute 
             intervals by turning on detailed 
             monitoring

o You can also create CloudWatch
alarms to trigger notifications

o Also monitors host level metrics:
CPU, Network, Disk, Status Check

o Send notifications/automatically
makes changes to the resources
being monitored based on rules
established

Question 3

AWS Auto Scaling

Answer 3

o	Enables you to configure 
        automatic scaling in a matter of 
        minutes for the scalable 
        AWS resources tied to your 
        application

o Uses the Auto Scaling and
Application Auto Scaling services
to configure scaling policies for
applicable AWS resources

o Ex: allows you to automatically
provision multiple EC2 instances
behind a load balancer depending
on demand

Question 4

AWS Systems Manager

Answer 4

o Piece of software installed on
each virtual machine - allows you
to manage EC2 Fleet instances
and virtual machines at scale

o Run command is used to install,
patch, and uninstall software

o Integrates with CloudWatch to
provide a dashboard of all
systems (can be used on-prem or
on AWS

Question 5

AWS CloudFormation

Answer 5

o Essentially turns your
infrastructure into code - outline
what you want, CloudFormation
takes care of provisioning and
configuring the resources for you

       -  Does this by creating 
          template/code then deploys it 
          into multiple regions	

o Enables governance, compliance,
operational auditing, and risk
auditing of your AWS account and
saves all data in S3

o	Lets you setup your AWS 
        resources so that you can spend 
        less time managing those 
        resources and more time focusing 
        on the apps running on AWS

o No need to individually create and
configure AWS resources to
determine dependencies - CF
handles all of that

o Free resource but resources
provisioned are not free

Question 6

CloudTrail

Answer 6

o CCTV for AWS MGT Console & API
calls, SDKs & other AWS services -
lets you track & log acct activity,
location of IP, timing of call occurrence

o Enables governance, compliance,
operational & risk auditing while saving
all data in S3

o turn on for paying account to create
bucket policy that allows cross acct
access

Question 7

AWS Config

Answer 7

o  Provides detailed view into current & 
    historical AWS resource 
    configuration & relationships while 
    monitoring the environment and 
    providing warnings to potential 
    configuration breaks

o Can set alerts, for when people
break policy, proactively monitor
changes to your environment

Question 8

AWS Trusted Advisor

Answer 8

o Real-time guidance across AWS
environment on cost optimization,
performance, security, fault
tolerance & resource provisioning

o Meant for Security Optimization for
Infrastructure

o Two Types of Trusted Advisor
1. Core Checks & Recommendations
2. Full Trusted Advisor - for business
& enterprise customers ONLY

Question 9

AWS Personal Health Dashboard

Answer 9

o provides alters & guidance when
AWS is experiencing events that may
impact you

o use dashboard to see if systems are
down

Question 10

AWS Managed Services

Answer 10

o Customers enabling AWS to operate

their AWS instances on their behalf

Question 11

AWS License Manager

Answer 11

o Makes it easy to manage your software
licenses from software vendors such as
MSFT, Oracle, SAP, and IBM across AWS
& on-prem environments