aws Flashcards
AWS Support API
Business & Enterprise
Which of the following can you use to resolve the connection between your on-premises VPN and your AWS virtual private cloud?
VPG, Route 53
Backup
Manage backup across services
Which of the following is typically used to secure your VPC subnets?
Network ACL
Serverless compute for containers
Fargate
For audit data, used infrequently, doesn’t need fast access.
S3 Glacier
What is the best way to keep track of all activities made in your AWS account?
Create a multi-region trail in AWS CloudTrail
Managed Blockchain
DB service. Create and manage scalable blockchain networks
Which service lets you create rules to filter web traffic based on conditions that include IP addresses, HTTP headers, or custom URIs?
AWS WAF
2 CPUs, 4GB Memory, 8TB storage
Snowcone
Business Support Plan
Developer + full Trusted Advisor, 4-hour SLA for impaired, 1-hour SLA for down. Use-case guidance, limited support for 3rd-party software
CodeArtifact
artifact management for development
App Mesh
monitor and control microservices
SageMaker
Machine learning
Which of the following services will be able to reroute traffic to your secondary EC2 instances in another region during disaster recovery?
Amazon Route 53
Basic + 24-hour SLA, 12-hour SLA if systems impaired, diagnostic tools
Developer Support Plan
NoSQL database, serverless
DynamoDB
ElastiCache
cache over DBs
certain permissions, used for a temporary amount of time
Role
Deliver business value, constantly improving
Operational Excellence
details of resources in your account, relationships, configs
Config
S3 Infrequent Access One Zone
Only stored in one availabilty zone
Which of the following should you set up in order to connect your AWS VPC network to your local network via an IPsec tunnel?
A VPN gateway in your VPC connected to the Customer Gateway in your on-premises network
Web-based interface for accessing and managing AWS services. Includes wizards and automated workflows. Has a mobile app. Good for initial set-up, but manual, so human error can be a problem.
Management Console
Storage-optimized (80TB) or compute-optimized (42TB)
Snowball
Lift & shift - don’t change anything, just move to AWS
Rehost
Managed Relational Database Service for MySQL, PostgreSQL, Oracle, SQL Server, and MariaDB
RDS
Cloud9
Write, Run, and Debug Code on a Cloud IDE
Network Firewall
stateful, managed, network firewall
Redshift
Data Warehousing
Which of the following services are part of the AWS serverless platform that does not require provisioning, maintaining, and administering servers for backend components?
Lambda@Edge, Amazon API Gateway
Contact Center
Connect
Change management, right people right roles, training
People Perspective
Analyze and debug your applications
X-Ray
Aurora
serverless MySQL DB, Relational database, six copies, three availability zones. Continuous backup to S3.
every API request is tracked, records all the details, for RCA
CloudTrail
CodeBuild
Build and Test Code
X-Ray
Analyze and debug your applications
Marketplace
Curated catalog of 3rd-party software
Commit to consistent usage for 1- or 3- year term. Up to your commitment at discounted prices, beyond that at on-demand pricing. Can be used for serverless as well. Measured in dollars per hour.
savings plan
Data Warehousing
Redshift
Which among the options below can you use to launch a new Amazon RDS database cluster to your VPC?
AWS Management Console, AWS CloudFormation
Data Pipeline
automate movement and transformation of data
Platform Perspective
Patterns, principles for architecture, migration
Simple Storage Service - scalable, access to multiple instances, but can be accessed by other cloud services, large volumes of static content, and complex queries, flat storage, analytics, archiving
S3
DynamoDB
NoSQL database, serverless
connects an on-premises software appliance with cloud-based storage
Storage Gateway
Enterprise Support Plan
Business + 15-minute SLA, dedicated Technical Account Manager
Migration Hub
Find best migration tool and monitor migrations
- AWS Management Console 2. AWS Command Line Interface 3. Software Development Kits 4. AWS Elastic Beanstalk 5. AWS CloudFormation
tools/services to provision resources
Build, Deploy, and Manage APIs
API Gateway
A customer is building a cloud architecture in AWS which should scale horizontally or vertically in order to automatically adjust capacity and maintain steady, predictable performance at the lowest possible cost. Which of the following statements are true regarding horizontal and vertical scaling?
Adding more EC2 instances to your resource pool is an example of Horizontal Scaling, Upgrading to a higher EC2 instance type is an example of Vertical Scaling
Basic set-up with basic tools to get started on AWS
Lightsail
Which of the following is a threat detection service that continuously monitors for malicious activity and unauthorized behavior to protect your AWS accounts and workloads?
Amazon GuardDuty
Define business operations to meet business goals
Operations Perspective
Snow Family
Migration services when you have slow/no connection - physical devices to transform and/or compute, can transfer your data then send to Amazon for uploading
CloudHSM
Hardware-based Key Storage for Regulatory Compliance
Which of the following are the things that Amazon CloudWatch Logs can accomplish
Monitor application logs from Amazon EC2 Instances, Adjust the retention policy for each log group
In which of the following occasions should you use the Amazon SQS in your application system? (Select TWO.)
If you need to decouple certain parts of your system for better fault tolerance
If you require a durable storage for your application events or messages
Use IT & computing resources efficiently
Performance Efficiency
Among the following services, which is the most suitable one to use to store the results of I/O-intensive SQL database queries to improve application performance?
Amazon ElastiCache
Which service in AWS protects your resources from common DDoS attacks in a proactive manner?
AWS Shield
Database Migration Service - can migrate relational or non-relational, can convert type, consolidate
DMS
Firewall Manager
Central Management of Firewall Rules
Build and Test Code
CodeBuild
securely share your resources across AWS accounts and within your organization or organizational units (OUs) in AWS Organizations
Resource Access Manager (RAM)
Which of the following are regarded as regional services in AWS
EFS, Batch
Inspector
security vulnerability assessment - vulnerabilities or deviations from best practices - security findings prioritized by level of severity
Model cloud infrastructure using code
Cloud Development Kit (CDK)
In front of your VPC to allow public traffic in
Internet Gateway (IGW)
Business Analytics
QuickSight
Free-tier
some stuff always free (usually with usage limits), 12-months free, and free-trials
Lift, tinker, & shift - make a few optimizations when you rehost
Replatform
Dedicated fiber connection from your data center to AWS - for lower latency on VPC.
Direct Connect
You are permitted to conduct security assessments and penetration testing without prior approval against which AWS resources?
Amazon RDS, Amazon Aurora
Storage that comes with an EC2 instance - attached to the instance, when the instance is stopped, the storage goes away. Fine for temporary files.
Instance Store Volume
Elastic File Service - can be mounted to multiple instances, scalable, like a hard drive in a file structure
EFS
Inspects services, recommendations for best practices: cost, performance, security, fault tolerance, service limits
Trusted Advisor
Data Exchange
third-party data
Find best migration tool and monitor migrations
Migration Hub
Shield
DDoS Protection
Cheaper and slower than Glacier
S3 Glacier Deep Archive
Automate Code Deployment
CodeDeploy
Migrate On-Premises Servers to AWS
Server Migration Service
Accelerated Computing instance
hardware accelerators, graphics processing, data pattern matching
Repurchase
Go with a new vendor
SDK provides customers with the ability to migrate timing-critical uncompressed video workflows to the cloud
The Cloud Digital Interface (CDI)
RDS
Managed Relational Database Service for MySQL, PostgreSQL, Oracle, SQL Server, and MariaDB
Glue
Serverless - data engineers, data scientists
Cost insights
Application Cost Profiler
Release Software using Continuous Delivery
CodePipeline
What is the minimum support plan that will provide you access to all Trusted Advisor Checks?
Business
Steady-state workloads or predictable usage. 1- or 3- year term.
Reserved instance pricing
6 Benefits of Cloud computing
- Trade upfront expense for variable expense 2. Stop spending $ to run data centers 3. Stop guessing capacity 4. Economies of scale 5. Increase speed and agility 6. Go global in minutes
Transit Gateway
Easily scale VPC and account connections
Operations Perspective
Define business operations to meet business goals
Create and Manage Resources with Templates. Provision instances and build environments with code, no manual actions.
CloudFormation
QuickSight
Business Analytics
DDoS Protection
Shield
Automated lift-and-shift migration, simplifies and expedites migration to AWS.
Application Migration Service
Audit Manager
audit your services & security against industry standards, regulations
Snowcone
2 CPUs, 4GB Memory, 8TB storage
Which of the following best describes what CloudWatch can be used for
A repository for metrics and logs
Security Perspective
Meet security objectives
Management Console
Web-based interface for accessing and managing AWS services. Includes wizards and automated workflows. Has a mobile app. Good for initial set-up, but manual, so human error can be a problem.
- Rehost 2. Replatform 3. Retire 4. Retain 5. Repurchase 6. Refactor
Migration Strategies 6 Rs
Neptune
Fully Managed Graph DB service
Global Accelerator
Improve application availability and performance
Direct Connect
Dedicated fiber connection from your data center to AWS - for lower latency on VPC.
Server Migration Service
Migrate On-Premises Servers to AWS
CloudFront
CDN to edge locations
Subnet
One chunk of IP addresses. Like things are grouped. Subnets can be public or private.
Fast performance for processing large datasets in memory
Memory Optimized instance
Application Cost Profiler
Cost insights
What is the best type of instance purchasing option to choose if you will run an EC2 instance for 3 months to perform a job that is uninterruptible?
On-Demand
Instance Store Volume
Storage that comes with an EC2 instance - attached to the instance, when the instance is stopped, the storage goes away. Fine for temporary files.
web application firewall - block or allow requests based on conditions that you specify
WAF
Serverless Application Repository
Discover, Deploy, and Publish Serverless Applications
Elastic Container Service - Manage Docker containers
ECS
Fargate
Serverless compute for containers
Resource Access Manager (RAM)
securely share your resources across AWS accounts and within your organization or organizational units (OUs) in AWS Organizations
Lambda
serverless computing
45-ft shipping container delivered by semi, 100 petabytes
Snowmobile
monitor and control microservices
App Mesh
Security group
Security on an instance - every instance has one. By default, nothing allowed in until you add rules. Stateful. Whitelist.
ensure IT aligns with business
Business Perspective
Fault Injection Simulator
Fully managed fault injection service
OpsWorks
Automate Operations with Chef and Puppet
DB service. Create and manage scalable blockchain networks
Managed Blockchain
Which of the following statements is true for AWS CloudTrail?
When you create a trail in the AWS Management Console, the trail applies to all AWS Regions by default
Build conversational interfaces with voice and text
Lex
Business + 15-minute SLA, dedicated Technical Account Manager
Enterprise Support Plan
Which of the following is the most cost-effective service to use if you want to coordinate multiple AWS services into serverless workflows?
A VPN gateway in your VPC connected to the Customer Gateway in your on-premises network
hardware accelerators, graphics processing, data pattern matching
Accelerated Computing instance
audit your services & security against industry standards, regulations
Audit Manager
Securely Access Services Hosted on AWS
PrivateLink
savings plan
Commit to consistent usage for 1- or 3- year term. Up to your commitment at discounted prices, beyond that at on-demand pricing. Can be used for serverless as well. Measured in dollars per hour.
DataSync
Simple, fast, online data transfer
VPC
Isolated Cloud Resources
Control Tower
manage governance rules across accounts
recommend optimal Compute resources
Compute Optimizer
Discover, Deploy, and Publish Serverless Applications
Serverless Application Repository
Identity and Access Management (IAM)
control user access to AWS services, JSON, don’t use root user
A new AWS customer needs to deploy up to 100 t3a.large EC2 instances on their recently launched VPC, which is way beyond the default service limit. What should they do before launching their instances?
Create a case in the AWS Support Center page and request a service limit increase.
S3 Infrequent Access (S3 IA)
Accessed less frequently, but needs rapid access when it is used. Stored in at least 3 availability zones. Lower storage price, higher retrieval price
Security on an instance - every instance has one. By default, nothing allowed in until you add rules. Stateful. Whitelist.
Security group
for data with unknown access patterns - analyzes and moves to the class matching use
S3 Intelligent-tiering
What service acts as a firewall for your EC2 instances?
Security Group
four factors to consider in selecting a Region
- Compliance with data governance (company or government) 2. Proximity to customers 3. Availability of features 4. Pricing
cache over DBs
ElastiCache
Which of the following allows you to create and deploy infrastructure-as-code templates in AWS?
CloudFormation
What is the lowest support plan that allows an unlimited number of technical support cases to be opened?
Developer
Launch Wizard
third party applications
A company needs to troubleshoot an issue on their serverless application which is composed of an API Gateway, Lambda function, and a DynamoDB database. Which service should they use to trace user requests as they travel through their entire application?
AWS X-Ray
Well-Architected Framework 5 pillars
- Operational Excellence 2. Security 3. Reliability 4. Performance Efficiency 5. Cost Optimization
Cloud Development Kit (CDK)
Model cloud infrastructure using code
Unified security and compliance center
Security Hub
Meet security objectives
Security Perspective
Business Perspective
ensure IT aligns with business
stateful, managed, network firewall
Network Firewall
Organizations
consolidate multiple AWS accounts into an organization
Host and Manage Active Directory
Directory Service
Find your most expensive lines of code
CodeGuru
automate movement and transformation of data
Data Pipeline
Rehost
Lift & shift - don’t change anything, just move to AWS
Agility is one of the benefits of using cloud computing that provides customer with what advantage?
Focus your valuable IT resources on developing applications that differentiate your business rather than managing infrastructure and data centers.
Know this structure of AWS Security
Which of the following are defined as global services in AWS?
AWS Identity and Access Management, Amazon CloudFront
If you have multiple instances in one subnet with different security rules
Instance-level Security
What is the primary reason why you should be using an elastic load balancer?
ELBs provide elasticity by directing traffic to a minimum number of instances required to handle the traffic load
ACL
Access control list - controls traffic in and out of a subnet. Stateless, By default, Blacklist.
- Compliance with data governance (company or government) 2. Proximity to customers 3. Availability of features 4. Pricing
four factors to consider in selecting a Region
Config
details of resources in your account, relationships, configs
The Cloud Development Kit (CDK)
software development framework for defining your cloud infrastructure in code and provisioning it through AWS CloudFormation.
Security Hub
Unified security and compliance center
Trusted Advisor
Inspects services, recommendations for best practices: cost, performance, security, fault tolerance, service limits
Write, Run, and Debug Code on a Cloud IDE
Cloud9
Virtual Private Gateway (VPG)
In front of your VPC to allow private traffic in - like a VPN
Which of the following policies grant the necessary permissions required to access your Amazon S3 resources?
Bucket policies, User policies
deploy application configurations
AppConfig
create directories for a variety of use cases, such as organizational charts, course catalogs, and device registries
Cloud Directory
get compliance and security docs for audits
Artifact
Retain
Stuff that will be deprecated isn’t worth the cost to move
Cost Explorer
analyze your costs, slice-n-dice historical costs
Machine learning
SageMaker
Outpost
Your own mini-Region in your own building. Owned and operated by Amazon.
ECS
Elastic Container Service - Manage Docker containers
Serverless
you don’t have to manage servers
Elastic Block Store -block storage - attached to an instance, when you need high-performance storage attached on a single instance
EBS
serverless MySQL DB, Relational database, six copies, three availability zones. Continuous backup to S3.
Aurora
point of contact for everything, helps you use services in best way
Technical Account Manager
to organize, monitor, and automate management tasks on your AWS resources.
Systems Manager
PrivateLink
Securely Access Services Hosted on AWS
Which service does AWS use to notify you when AWS is experiencing events that may impact you?
AWS Personal Health Dashboard
Improve application availability and performance
Global Accelerator
open-source framework to build serverless applications - template and a command line interface
The Serverless Application Model (SAM)
Some stuff just isn’t needed
Retire
Elastic Beanstalk
You upload code and configs, AWS provisions, load balances, scales, monitors
Which of the following AWS well-architected pillars discusses the use of the right computing resources to meet demand levels even as the demand changes and technologies evolve?
Performance Efficiency
CodeStar
Develop and Deploy Applications
control user access to AWS services, JSON, don’t use root user
Identity and Access Management (IAM)
Serverless - data engineers, data scientists
Glue
Sharing a host with other instances
virtual machines
DMS
Database Migration Service - can migrate relational or non-relational, can convert type, consolidate
Pricing concepts
pay for what you use, pay less when you reserve, pay less with volume discounts
In Amazon EC2, which pricing construct adjusts its price based on supply and demand of EC2 instances?
Spot Instance
CloudWatch
Monitor resources and applications, track metrics, set alarms, dashboard of all metrics
Refactor
Recode on new platform, new architecture, new features (AKA re-architecting)
How can you easily and securely copy your infrastructure to another AWS Region?
Create a CloudFormation template and deploy it in the new region
Application Discovery Service
plan application migration projects by automatically identifying applications running in on-premises data centers, their associated dependencies
Cognito
user accounts for web and mobile apps
Which of the following cloud best practices reinforces the use of the Service-Oriented Architecture (SOA) design principle?
Decouple your components.
tools/services to provision resources
- AWS Management Console 2. AWS Command Line Interface 3. Software Development Kits 4. AWS Elastic Beanstalk 5. AWS CloudFormation
There is a requirement to launch a new database in AWS where the customer assumes the responsibility and management of the guest operating system, including updates and security patches. Which of the following services should the customer use?
Amazon EC2
Transfer Family
Fully managed SFTP, FTPS, and FTP service
In front of your VPC to allow private traffic in - like a VPN
Virtual Private Gateway (VPG)
Basic Support Plan
everyone gets, no cost, long SLAs, limited Trusted Advisor, free documentation
pay for what you use, pay less when you reserve, pay less with volume discounts
Pricing concepts
Instance-level Security
If you have multiple instances in one subnet with different security rules
plan application migration projects by automatically identifying applications running in on-premises data centers, their associated dependencies
Application Discovery Service
Athena
Query Data in S3 using SQL
Easily scale VPC and account connections
Transit Gateway
API Gateway
Build, Deploy, and Manage APIs
Users from different parts of the globe are complaining about the slow performance of the newly launched photo-sharing website in loading their high-resolution images. Which combination of AWS services should you use to serve the files with lowest possible latency?
Amazon S3, Amazon CloudFront
One chunk of IP addresses. Like things are grouped. Subnets can be public or private.
Subnet
to review your workloads against current Amazon Web Services architectural best practices. The AWS Well-Architected Tool measures the workload and provides recommendations on how to improve your architecture.
Well-Architected Tool
Snowmobile
45-ft shipping container delivered by semi, 100 petabytes
Curated catalog of 3rd-party software
Marketplace
WAF
Filter Malicious Web Traffic
The Serverless Application Model (SAM)
open-source framework to build serverless applications - template and a command line interface
EBS
Elastic Block Store -block storage - attached to an instance, when you need high-performance storage attached on a single instance
Which of the following should you use if you need to provide temporary AWS credentials for users who have been authenticated via their social media logins as well as for guest users who do not require any authentication?
Amazon Cognito Identity Pool
Device Farm
Test Android, iOS, and web apps on real devices in the cloud
Governance Perspective
Minimize risk, manage & measure for business outcomes
CodePipeline
Release Software using Continuous Delivery
S3
Simple Storage Service - scalable, access to multiple instances, but can be accessed by other cloud services, large volumes of static content, and complex queries, flat storage, analytics, archiving
Create cost estimates different use cases
Pricing Calculator
People Perspective
Change management, right people right roles, training
Well-Architected Tool
to review your workloads against current Amazon Web Services architectural best practices. The AWS Well-Architected Tool measures the workload and provides recommendations on how to improve your architecture.
DocumentDB
MongoDB-compatible databases
Automate Operations with Chef and Puppet
OpsWorks
WAF
web application firewall - block or allow requests based on conditions that you specify
Disaster Recovery
CloudEndure
you don’t have to manage servers
Serverless
Which of the following is an advantage of using managed services like RDS, ElastiCache, and CloudSearch in AWS?
Simplifies all of your OS patching and backup activities to help keep your resources current and secure
Minimize risk, manage & measure for business outcomes
Governance Perspective
Developer + full Trusted Advisor, 4-hour SLA for impaired, 1-hour SLA for down. Use-case guidance, limited support for 3rd-party software
Business Support Plan
Accessed less frequently, but needs rapid access when it is used. Stored in at least 3 availability zones. Lower storage price, higher retrieval price
S3 Infrequent Access (S3 IA)
hich of the following services allows you to store Docker images and orchestrate Docker containers in a simple and cost-effective manner? (Select TWO.)
Amazon ECR, Amazon ECS
Which of the following is a data transport solution that accelerates moving terabytes to petabytes of data into and out of AWS using appliances with on-board storage and compute capabilities?
AWS Snowball Edge
S3 Glacier Deep Archive
Cheaper and slower than Glacier
Cloud Adoption Framework 6 Perspectives
- Business 2. People 3. Governance 4. Platform 5. Security 6. Operations
What is the best way to keep track of all activities made in your AWS account?
Create a multi-region trail in AWS CloudTrail
CloudFormation
Create and Manage Resources with Templates. Provision instances and build environments with code, no manual actions.
You upload code and configs, AWS provisions, load balances, scales, monitors
Elastic Beanstalk
Why have Regions?
Geographically isolated, greatest possible fault tolerance
serverless computing
Lambda
Role
certain permissions, used for a temporary amount of time
Compute Optimized instance
compute-bound applications that need high-performance processors
Virtual Private Network (VPN)
establishes a secure and private tunnel from your network or device to the AWS Cloud
manage governance rules across accounts
Control Tower
Your own mini-Region in your own building. Owned and operated by Amazon.
Outpost
In the AWS Shared Responsibility Model, whose responsibility is it to patch the host operating system of an Amazon EC2 instance?
AWS
GuardDuty
Managed Threat Detection Service
Managed Threat Detection Service
GuardDuty
Developer Support Plan
Basic + 24-hour SLA, 12-hour SLA if systems impaired, diagnostic tools
- General Purpose 2. Compute Optimized 3. Memory Optimized 4. Accelerated Computing 5. Storage Optimized
instance types
CloudSearch
Managed Search Service
Balance of compute, memory, and networking
General Purpose instance
Recovery planning, handle change to meet business & customer demand
Reliability
Central Management of Firewall Rules
Firewall Manager
Lex
Build conversational interfaces with voice and text
Artifact
get compliance and security docs for audits
Which type of Elastic Load Balancer supports path-based routing, host-based routing, and bi-directional communication channels using WebSockets?
Application Load Balancer
S3 Glacier
For audit data, used infrequently, doesn’t need fast access.
virtual machines
Sharing a host with other instances
Reliability
Recovery planning, handle change to meet business & customer demand
Which of the following is true about the enhanced technical support response times of the Enterprise support plan in AWS?
Provides a 15-minute response time support if your business-critical system goes down, Provides a 1-hour response time support if your production system goes down
Lightsail
Basic set-up with basic tools to get started on AWS
third party applications
Launch Wizard
Shared responsibility model
AWS controls security OF the cloud, customer controls security IN the cloud.
consolidate multiple AWS accounts into an organization
Organizations
Systems Manager
to organize, monitor, and automate management tasks on your AWS resources.
CodeDeploy
Automate Code Deployment
Amazon Virtual Private Cloud - your own private network in AWS. You place EC2 instances and ELBs within your VPC. IP range is defined.
VPC
Relational Database Service (RDS)
Run relational databases in the cloud - automates hardware provisioning, database setup, patching, and backups.
Which of the following services allow you to mask downtime of your application by rerouting your traffic to healthy instances? (Select TWO.)
AWS ELB
Amazon Route 53
Internet Gateway (IGW)
In front of your VPC to allow public traffic in
Fully Managed Graph DB service
Neptune
Go with a new vendor
Repurchase
Geographically isolated, greatest possible fault tolerance
Why have Regions?
software development framework for defining your cloud infrastructure in code and provisioning it through AWS CloudFormation.
The Cloud Development Kit (CDK)
establishes a secure and private tunnel from your network or device to the AWS Cloud
Virtual Private Network (VPN)
mobile and web applications
Amplify
Run relational databases in the cloud - automates hardware provisioning, database setup, patching, and backups.
Relational Database Service (RDS)
Storage Optimized instance?
High sequential read and write access to large datasets on local storage.
CodeCommit
Store Code in Git repos
High sequential read and write access to large datasets on local storage.
Storage Optimized instance?
Key Management Service
Managed Creation and Control of Encryption Keys
Develop and Deploy Applications
CodeStar
protect your sensitive data
Macie
EFS
Elastic File Service - can be mounted to multiple instances, scalable, like a hard drive in a file structure
Replatform
Lift, tinker, & shift - make a few optimizations when you rehost
Memory Optimized instance
Fast performance for processing large datasets in memory
Migration services when you have slow/no connection - physical devices to transform and/or compute, can transfer your data then send to Amazon for uploading
Snow Family
MongoDB-compatible databases
DocumentDB
Isolated Cloud Resources
VPC
Which of the following AWS Cost Management tools enable you to forecast future costs and usage of your AWS resources based on your past consumption?
Cost Explorer
FinSpace
Analytics for the financial services industry
AWS controls security OF the cloud, customer controls security IN the cloud.
Shared responsibility model
user accounts for web and mobile apps
Cognito
Migration Strategies 6 Rs
- Rehost 2. Replatform 3. Retire 4. Retain 5. Repurchase 6. Refactor
Managed Services (AMS)
operate AWS more efficiently and securely. Leveraging AWS services and a growing library of automations, configurations, and run books,
Stuff that will be deprecated isn’t worth the cost to move
Retain
Only stored in one availabilty zone
S3 Infrequent Access One Zone
Which of the following security group rules are valid?
Security groups accept IP address, IP address range, and security group ID as either source or destination of inbound or outbound rules.
third-party data
Data Exchange
The Cloud Digital Interface (CDI)
SDK provides customers with the ability to migrate timing-critical uncompressed video workflows to the cloud
Application Migration Service
Automated lift-and-shift migration, simplifies and expedites migration to AWS.
AppSync
GraphQL service
Fully managed fault injection service
Fault Injection Simulator
compute-bound applications that need high-performance processors
Compute Optimized instance
Pricing Calculator
Create cost estimates different use cases
Monitor resources and applications, track metrics, set alarms, dashboard of all metrics
CloudWatch
S3 Intelligent-tiering
for data with unknown access patterns - analyzes and moves to the class matching use
Which AWS service is commonly used for streaming data in real-time?
Amazon Kinesis
Technical Account Manager
point of contact for everything, helps you use services in best way
Fully managed SFTP, FTPS, and FTP service
Transfer Family
Application resource registry for microservices, lets you name and discover your cloud resources
Cloud Map
everyone gets, no cost, long SLAs, limited Trusted Advisor, free documentation
Basic Support Plan
Which of the following security group rules are valid? (Select TWO.)
Inbound HTTP rule with security group ID as source, Inbound RDP rule with an address range as source
CloudTrail
every API request is tracked, records all the details, for RCA
Retire
Some stuff just isn’t needed
Detective
Investigate potential security issues
Reserved instance pricing
Steady-state workloads or predictable usage. 1- or 3- year term.
AppFlow
connect your software as a service (SaaS) applications to AWS services, and securely transfer data. Use Amazon AppFlow flows to manage and automate your data transfers without needing to write code.
Virtual Private Cloud (VPC)
Your chunk of AWS
- Operational Excellence 2. Security 3. Reliability 4. Performance Efficiency 5. Cost Optimization
Well-Architected Framework 5 pillars
Connect
Contact Center
General Purpose instance
Balance of compute, memory, and networking
Recode on new platform, new architecture, new features (AKA re-architecting)
Refactor
Where can you track the costs you’ve incurred so far in your AWS account with a graphical visualization?
AWS Cost Explorer
instance types
- General Purpose 2. Compute Optimized 3. Memory Optimized 4. Accelerated Computing 5. Storage Optimized
Compute Optimizer
recommend optimal Compute resources
Operational Excellence
Deliver business value, constantly improving
Investigate potential security issues
Detective
Directory Service
Host and Manage Active Directory
Storage Gateway
connects an on-premises software appliance with cloud-based storage
Macie
protect your sensitive data
Analytics for the financial services industry
FinSpace
some stuff always free (usually with usage limits), 12-months free, and free-trials
Free-tier
AWS security responsibility
Physical data centers, hypervisor, software, compute, storage, database, networking, hardware, regions, zones, edge locations
Amplify
mobile and web applications
Test Android, iOS, and web apps on real devices in the cloud
Device Farm
Service and Communications Protection or Zone Security
Customer responsibility
Simple, fast, online data transfer
DataSync
CloudEndure
Disaster Recovery
AppConfig
deploy application configurations
Operating systems, data, platform, IAM, firewalls, client-side encryption, server-side encryption
Customer security responsibility
Patterns, principles for architecture, migration
Platform Perspective
Cloud Directory
create directories for a variety of use cases, such as organizational charts, course catalogs, and device registries
Which type of EC2 instance is the most suitable and cost-effective if the customer will be running mission-critical workloads continuously for a whole year?
Reserved
Which of the following statements is true for AWS CloudTrail?
When you create a trail in the AWS Management Console, the trail applies to all AWS Regions by default
What should you provide to your developers to allow them to access your AWS services through the AWS CLI?
Access keys
What service should you use in order to add user sign-up, sign-in, and access control to your mobile app with a feature that supports sign-in with social identity providers such as Facebook, Google, and Amazon, and enterprise identity providers via SAML 2.0?
Amazon Cognito
Your chunk of AWS
Virtual Private Cloud (VPC)
security vulnerability assessment - vulnerabilities or deviations from best practices - security findings prioritized by level of severity
Inspector
Query Data in S3 using SQL
Athena
Customer security responsibility
Operating systems, data, platform, IAM, firewalls, client-side encryption, server-side encryption
CloudTrailInsights
Detect unusual API activity
Managed Creation and Control of Encryption Keys
Key Management Service
Create and Use Standardized Products
Service Catalog
analyze your costs, slice-n-dice historical costs
Cost Explorer
operate AWS more efficiently and securely. Leveraging AWS services and a growing library of automations, configurations, and run books,
Managed Services (AMS)
Which of the following is true regarding the AWS Cost and Usage report?
Allows you to load your cost and usage information into Amazon Athena, Amazon Redshift, and AWS QuickSight
Provides you with granular data about your AWS costs and usage
Performance Efficiency
Use IT & computing resources efficiently
VPC
Amazon Virtual Private Cloud - your own private network in AWS. You place EC2 instances and ELBs within your VPC. IP range is defined.
Service Catalog
Create and Use Standardized Products
4 Benefits of EC2
- Provision in minutes 2. stop using when done3. only pay for time you use 4. only pay for capacity you need
CodeGuru
Find your most expensive lines of code
Filter Malicious Web Traffic
WAF
Cloud Map
Application resource registry for microservices, lets you name and discover your cloud resources
Which of the following services are part of the AWS serverless platform that does not require provisioning, maintaining, and administering servers for backend components? (Select TWO.)
Amazon API Gateway
Lambda@Edge
Snowball
Storage-optimized (80TB) or compute-optimized (42TB)
Store Code in Git repos
CodeCommit
