AWS Flashcards
Summarize the benefits of AWS
- Scalability: Allows users to scale resources up or down based on demand
- Cost Efficiency: Uses a pay as you go model which eliminates the need for costly upfront hardware investments
- Global Reach: Operates in multiple regions worldwide, providing low latency access and high availability
- Security: Including data encryption, access control, and compliance with industry standards.
- Reliability: Designed for high availability with multiple data centers and redundancy built into its services.
What is on-demand delivery?
Service where products or goods are delivered to customers quickly, within hours or minutes, based on real time requests.
What are cloud deployments?
Provisioning and configuring AWS resources (compute, storage, networking, ect) to run applications and services.
What are 4 types of Cloud Deployments?
- Public Cloud: AWS manages shared resources for multiple customers
- Private Cloud: Dedicated AWS resources for a single organization
- Hybrid Cloud: Combines on-premises and AWS resources
- Multi-Cloud: Uses multiple cloud provider (e.g…AWS + Azure)
Summarize the pay as you go pricing model
Customers pay only for the resources they use, with no upfront costs or long-term commitments.
What is a client-server model?
A network architecture where a client (requester) sends requests for services or resources to a server (provider), which processes and responds.
The client typically interacts with the user, while the server manages and delivers data or services.
What is cloud computing?
The delivery of computing services over the internet, allowing users to access and use resources on demand without managing physical infrastructure.
What are the three cloud computing deployment models?
- Cloud-Based: Runs all parts of the application in the cloud. Migrates existing and designs new applications to the cloud.
- On-Premises: Private cloud deployment where resources are deployed using virtualization and resource management tools.
- Hybrid: Cloud based resources are connected to on premises infrastructure.
What is cloud computing?
On-demand delivery of IT resources and applications through the internet with pay as you go pricing
What is another name for on-premises deployment?
Private cloud deployment
How does the scale of cloud computing help you to save costs?
The aggregated cloud usage from a large number of customers results in lower pay as you go prices.
What are the benefits of EC2 at a basic level?
Scalability, Cost effective, flexibility, high availability, and customizable.
What are different types of AWS EC2 instance types?
- General Purpose: Balanced for diverse workloads
- Compute Optimized: high performance compute needs
- Memory Optimized: For memory-intensive tasks
- Storage Optimized: For high disk throughput
- Accelerated Computing: GPU/FPGA-based tasks
What are the benefits of EC2 Auto Scaling?
- Improved Availability: Automatically replaces unhealthy instances to maintain application health
- Cost efficiency: Scales instances up or down based on demand, reducing unnecessary costs
- Flexibility: Adapts to varying workload patterns
Reliability: Ensures consistent performance by maintaining the right instance count.
Which EC2 instance type is suitable for data warehousing applications?
Storage Optimized
Which Amazon EC2 instance type balances compute, memory, and networking resources?
General purpose
Which EC2 instance type is ideal for high performance databases?
Memory optimized
Which EC2 instance type offers high performance processors?
Compute optimized
What are the 5 EC2 pricing categories?
- On-Demand: Pay for instances by the second or hour, with no upfront commitment
- Reserved: Commit to 1 or 3 years for significant discounts; options include standard, convertible, and scheduled.
- Spot: Bid for unused capacity at reduced rates
- Dedicated Hosts: Pay for a physical server for regulatory or licensing requirements
- Savings Plans: Commit to consistent usage for 1 or 3 years, offering flexibility and cost savings
Which amazon EC2 pricing option provides a discount when you specify a number of EC2 instances to run a specific OS, instance family and size, and tenancy in one Region?
Standard Reserved Instances
Which Amazon EC2 pricing option provides a discount when you make an hourly spend commitment to an instance family and Region for a 1year or 3 year term?
EC2 Instance Savings Plans
What is the microservices approach?
Application components are loosely couple. If a single component fails, the other components continue to work because they are communicating with each other. The loose coupling prevents the entire application from failing.
What is Amazon Simple Notification Service?
A publish/subscribe service where a publisher publishes a message to subscribers.
What is Amazon Simple Queue Service?
Service where you can send, store, and receive messages between software components, without losing messages or requiring other services to be available.
Which AWS service is the best choice for publishing messages to subscribers?
Amazon Simple Notification Service (SNS)
What does the term “Serverless” mean?
Your code runs on servers, but you do not need to provision or manage these servers. You can focus on innovating new products instead of maintaining servers.
What is AWS Lambda?
A service that lets you run code without needing to provision or manage servers.
How does AWS Lamda Work?
- You upload your code to Lambda
- You set your code to trigger from an event source, such as AWS services, mobile applications, or HTTP endpoints
- Lambda runs your code only when triggered
- You pay for the compute time that you use.
What are containers?
A standard way to package your application’s code and dependencies into a single object.
What is Amazon Elastic Container Service (ECS)?
A highly scalable, high performance container management system that enables you to run and scale containerized applications on AWS.
What is Amazon Elastic Kubernetes Service (EKS)?
A fully managed service that you can use to run Kubernetes on AWS. Enables you to deploy and manage containerized applications at scale.
You want to use an Amazon EC2 instance for a batch processing workload. What would be the best Amazon EC2 instance type to use?
Compute Optimized
You have a workload that will run for a total of 6 months and can withstand interruptions. What would be the most cost efficient EC2 purchasing option?
Spot Instance
Ensuring that no single Amazon EC2 instance has to carry the full workload on its own is an example of what?
Elastic Load Balancing
What is an Availability Zone?
A single data center or group of data centers within a Region.
What are Edge Locations?
Sites that Amazon Cloudfront uses to store cached copies of your content closer to your customers for faster delivery
What is AWS Elastic Beanstalk?
You provide code and configuration settings, and the Elastic Beanstalk deploys the resources necessary to perform tasks such as adjust capacity, load balancing, automatic scaling, and application health monitoring.
What is AWS CloudFormation?
Where your infrastructure is treated as code. You can build an environment by writing lines of code instead of using AWS Management console to individually provision resources.
What is the role of Amazon Virtual Private Cloud (VPC)?
A VPC allows you to create a logically isolated section of the AWS Cloud where you can launch AWS resources in a virtual network that you define
What are subnets in a VPC?
Subnets are ranges of IP addressed in a VPC, divided into public subnets and private subnets
How does a public subnet different from a private subnet in a VPC?
a public subnet allows internet facing resources to communicate with the internet, while a private subnet is used for backend services without internet access
What is a subnet in Amazon VPC?
A subnet is a section of a VPC that contains resources such as Amazon EC2 instances.
What is an internet gateway in Amazon VPC?
A connection between a VPC and the internet, allowing public traffic to access VPC resources.
What happens if there is no internet gateway in a VPC?
No public traffic can access the resources within the VPC.
What is a virtual private gateway?
A component that enables a secure connection between a VPC and a private network, such as an on-premises date center, using a virtual private network.
How does a virtual private gateway work?
It encrypts internet traffic, adding a protection as it travels from the private network to the VPC, allowing only approved network traffic.
What is AWS Direct Connect?
A service that establishes a dedicated private connection between your data center and a VPC.
What are network ACLs?
A virtual firewall that controls the inbound and outbound traffic at the subnet level. They perform STATELESS packet filtering.
What are sercurity groups?
A virtual firewall that controls inbound and outbound traffic for an Amazon EC2 instance. They perform STATEFUL packet filtering.
Briefly explain the steps of the Domain Name System (DNS)
- Enter the domain name into the browser, this request is sent to a customer DNS resolver.
- The customer DNS resolver asks the company DNs server for the IP address that corresponds to the company’s website.
- The company DNS server responds by providing the IP address for the company’s website, 192.0.2.0
What is Amazon Route 53?
A DNS web service that gives developers and businesses a reliable way to route end users to internet applications hosted in AWS.
What feature allows you to register new domain names and manage their DNS records?
Amazon Route 53
Which component can be used to establish a private dedicated connection between your company’s data center and AWS?
AWS Direct Connect
They are stateful and allow all inbound traffic by default.
Security Groups
Which component is used to connect a VPC to the internet?
Internet gateway
What do Block Level Storage Volumes behave like?
Physical hard drives
What does an Instance Store do?
Provides temporary block level storage for an Amazon EC2 instance
What happens to an Instance Store when an instance is terminated?
You lose any date in the instance store
What is Amazon Elastic Block Store (EBS)?
A service that provides block level storage volumes that you can use with Amazon EC2 instances. If you stop or terminate an EC2 instance, all the data on the attached EBS volume remains available.
What is an EBS snapshot?
An incremental backup. The first backup taken of a volume copies all the data. For subsequent backups, only the blocks of data that have changed since the most recent snapshot are saved.
What are two characterizes of the Amazon EBS service?
Best for data that requires retention
Separate drives from the host computer of an EC2 instance
In object storage, what does each object consist of?
Data
Metadata
A Key
What is Amazon Simple Storage Service (S3)?
A service that provides object level storage
How does Amazon S3 store its data?
As objects in buckets
What is the maximum file size for an object in Amazon S3?
5 TB
You want to store data that is infrequently accessed but must be immediately available when needed. Which Amazon S3 storage class should you use?
S3 Standard-IA
What is the ideal use case for file storage?
When a large number of services and resources need to access the same data at the same time
What is Amazon Elastic File System (EFS)?
A scalable file system used with AWS Cloud Services and on premises resources. It scales automatically as you add or remove files
How many Availability Zones does an Amazon EBS Volume store data in?
One.
To attach an Amazon EC2 instance to an EBS volume, where must they reside?
In the same Availability Zone.
Amazon EFS stores its data in how many Availability zones?
Multiple. It is a regional service.
How is data stored in a relational database?
Data is stored in a way that relates it to other peices of data
Amazon RDS is available on what six database engines?
- Amazon Aurora
- PostgreSQL:
- MySQL
- MariaDB
- Oracle Database
- Microsoft SQL Server
What databases is Amazon Aurora compatible with?
MySQL (5 times faster) and PostgreSQL (3 times faster)
How does Amazon Aurora help to reduce database costs?
It reduces unnecessary input/output (I/O) operations, while ensuring your database resources remain reliable and available.
What kind of schemas do non relational databases have?
Simple schemas
What are some key points about DynamoDB?
- Non-relational NoSQL database
- Purpose Built
- Millisecond response time
- Fully managed
- Highly Scalable
Why are nonrelational databases sometimes referred to as “NoSQL databases”?
They use structures other than rows and columns to organize data. (e.g. key value pairs)
What is Amazon DynamoDB?
It is a key-value database service.
It delivers a single digit millisecond performance at any scale.
It is serverless and has automatic scaling
What are differences between Amazon RDS and Amazon DynamoDB
Amazon RDS has automatic high availability and customer ownership of data, schema, and network.
Amazon DynamoDB has Key-value, massive throughput capabilities, PB size potential, and granular API access
Name two scenarios where you should use Amazon RDS?
Using SQL to organize data
Storing data in an Amazon Aurora Database
What does AWS Database Migration Service (DMS) enable you to do?
Enables you to migrate relational databases, nonrelational database, and other types of data stores.
You move data between a source database and a target database of same or different types.
What is Amazon DocumentDB?
A document database service that supports MongoDB workloads
What is Amazon Neptune?
A graph database service. works with highly connected datasets, such as recommendation engines, fraud detection, and knowledge graphs.
What is Amazon Quantum Ledger Database (QLDB)?
A ledger database service that reviews a complete history of all the changes that have been made to your application data.
What is Amazon Managed Blockchain?
A service that you can use to create and manage blockchain networks with open-source frameworks. Blockchains are a distributed ledger system that lets multiple parties run transactions and share data without a central authority.
What is Amazon ElastiCache?
A service that adds caching layers on top of your database to help improve the read times of common requests. It supports two types of data stores: Redis and Memcached.
What is Amazon DynamoDB Accelerator?
An in-memory cache for DynamoDB. It helps improve response times from single digit milliseconds to microseconds.
Which Amazon S3 Storage classes are optimized for archival data? (2)
Amazon S3 Glacier Flexible Retrieval
Amazon S3 Glacier Deep Archive
Objects can be retrieved within a few minutes to a few hours.
Which AWS service is best for storing data in an object storage service?
Amazon Simple Storage Service (S3)
This statement best describes which Amazon Service? “A serverless key-value database service”
Amazon DynamoDB
Which service is used to query and analyze data across a data warehouse?
Amazon Redshift
It collects data from many sources to help you understand relationships and trends across your data.
Explain the AWS shared responsibility model in simple terms.
AWS controls security of the cloud. You control security in the cloud.
When creating an IAM user how many permissions do they have by default?
0
What is the Least Privilege Principle?
A user is granted access only to what they need. Be default they do not have access to anything.
What is an IAM policy?
The way you grant or deny users permission utilizing JSON. It describes what API calls a user can or cannot make.
What are the options for the “Effect” key for IAM policy?
Allow or deny
What does the “Action” key do for IAM policies?
You can list any AWS API call.
What does the “Resource” key do in IAM policies?
You can list which AWS resource the specific API call is for
What are IAM Groups?
An easy way to provide access for multiple users.
Explain AWS IAM roles.
Associated permissions that allow or deny access. They are assumed for temporary amounts of time.
What is the root user?
The user that has complete access to all AWS services and resources in the account
In AWS Organizations, where can you centrally control permissions for the accounts in your organization?
Service Control Policies (SCPs)
What two identities and resources can be applied to Service control Policies in AWS Organizations?
An Individual Member Account
An Organizational Unit (OU)
What is AWS Artifact?
A service that provides on-demand access to AWS security and compliance reports and select online agreements.
What tasks can you complete in AWS Artifact?
Access AWS compliance reports on-demand
Review, accept, and manage agreements with AWS
What is Distributed Denial of Service (DDoS)
A deliberate attempt from multiple sources to make a website or application unavailable to users.
What is AWS Sheild?
A service that protects applications against DDoS attacks.
What are the three parts of Amazon Inspector?
Network configuration reachability piece
Amazon agent
Security assessment service
What does AWS Key Management Service (KMS) enable?
Enables you to perform encryption operations through the use of cryptographic keys: a random string of digits used for encrypting/decrypting data
What is AWS WAF?
A web application firewall that lets you monitor network requests that come into your web applications. It uses web access control list (ACL) to block or allow traffic.
What is a document that grants or denies permissions to AWS services and resources?
IAM policy
An employee requires temporary access to create several Amazon S3 buckets. What service would be the best choice for this task?
IAM Role
Granting only the permissions that are needed to perform specific tasks best describes what?
The Principle of Least Privilege
Which service helps protect your applications against distributed denial of service (DDoS) attacks?
AWS Shield
Which task can AWS Key Management Service (KMS) perform?
Create cryptographic keys
What is Amazon CloudWatch?
A web service that enables you to monitor and manage various metrics and configure alarm actions based on data from those metrics.
What are CloudWatch Alarms?
They automatically perform actions if the value of your metric has gone above or below a predefined threshold.
Whta is AWS CloudTrail?
It records API calls for your account such as identity of the API caller, the time of the API call, and the source IP address of the API caller.
What are two tasks you can perform using AWS CloudTrail?
Track user activities and API requests throughout your AWS infrastructure
Filter logs to assist with operational analysis and troubleshooting
What is AWS Trusted Advisor?
A web service that inspects your AWS environment and provides real-time recommendations in accordance with AWS best practices
What two actions can you perform using Amazon CloudWatch?
Monitor your resources’ utilization and performance
Access metrics from a single dashboard
Which service enables you to review the security of your amazon S3 buckets by checking for open access permissions?
AWS Trusted Advisor
What are two categories included in the AWS Trusted Advisor Dashboard?
Performance
Fault Tolerance
(Others include cost optimization, security and service limits)
What are the 6 pillars of AWS Well Architected Framework?
Operational Excellence
Security
Reliability
Performance Efficiency
Cost Optimization
Sustainability
