AWS Cloud Management Services Flashcards
What is AWS Organizations?
AWS organizations allows you to consolidate multiple AWS accounts into an organization that you create and centrally manage.
What feature sets is AWS Organizations available in?
Available in two feature sets:
Consolidated Billing.
All features.
What does AWS Organizations include?
Includes root accounts and organizational units.
What does consolidated billing include?
Consolidated billing includes:
Paying Account – independent and cannot access resources of other accounts.
Linked Accounts – all linked accounts are independent.
What is the use of AWS Control Tower?
Simplifies the process of creating multi-account environments.
Sets up governance, compliance, and security guardrails for you.
What does AWS Control Tower integrate with?
Integrates with other services and features to setup the environment for you including:
- AWS Organizations, SCPs, OUs, AWS Config, AWS CloudTrail, Amazon S3, Amazon SNS, AWS CloudFormation, AWS Service Catalog, AWS Single Sign-On (SSO).
What security guardrails can AWS Control Tower configure for you?
Examples of guardrails AWS Control Tower can configure for you include:
Disallowing public write access to Amazon Simple Storage Service (Amazon S3) buckets.
Disallowing access as a root user without multi-factor authentication.
Enabling encryption for Amazon EBS volumes attached to Amazon EC2 instances.
What is AWS Config?
AWS Config is a fully managed service that provides you with an AWS resource inventory, configuration history, and configuration change notifications to enable security and regulatory compliance.
With AWS Config, you can discover existing and deleted AWS resources, determine your overall compliance against rules, and dive into configuration details of a resource at any point in time.
AWS Config enables compliance auditing, security analysis, resource change tracking, and troubleshooting.
What is AWS Service Catalog?
AWS Service Catalog allows organizations to create and manage catalogs of IT services that are approved for use on AWS.
AWS Service Catalog allows you to centrally manage commonly deployed IT services.
IT services can include virtual machine images, servers, software, and databases and multi-tier application architectures.
Enables users to quickly deploy only the approved IT services they need.
What is AWS Systems Manager?
Manages many AWS resources including Amazon EC2, Amazon S3, Amazon RDS etc.
Systems Manager Components:
- Automation.
- Run Command.
- Inventory.
- Patch Manager.
- Session Manager.
- Parameter Store.
What is AWS Personal Health Dashboard?
AWS Personal Health Dashboard provides alerts and remediation guidance when AWS is experiencing events that may impact you.
Personal Health Dashboard gives you a personalized view into the performance and availability of the AWS services underlying your AWS resources.
How is the dashboard in AWS Personal Health Dashboard useful?
The dashboard displays relevant and timely information to help you manage events in progress.
Also provides proactive notification to help you plan for scheduled activities.
What are alerts triggered by in AWS Personal Health Dashboard?
Alerts are triggered by changes in the health of AWS resources, giving you event visibility, and guidance to help quickly diagnose and resolve issues.
How does AWS Personal Dashboard help you see when AWS is experiencing issues?
You get a personalized view of the status of the AWS services that power your applications, enabling you to quickly see when AWS is experiencing issues that may impact you.
What notifications & alerts does AWS Personal Health Dashboard have?
Provides forward looking notifications, and you can set up alerts across multiple channels, including email and mobile notifications, so you receive timely and relevant information to help plan for scheduled changes that may affect you.
Alerts include remediation details and specific guidance to enable you to take immediate action to address AWS events impacting your resources.
