AWS Cloud Practitioner Flashcards
What are the 6 advantages of the cloud?
- Trade capital expense for variable expense
- Benefit from massive economies of scale
- Stop guessing about capacity
- Increase speed and agility
- Stop spending money running and maintaining data centers
- Go global in minutes
What are the 3 types of cloud computing?
- Infrastructure as a service (IAAS)
- Platform as a service (PAAS)
- Software as a service (SAAS)
What is IAAS?
Infrastructure as a service
What is PAAS?
Platform as a service
What is SAAS?
Software as a service
What are the 3 types of cloud computing deployments?
Public, Hybrid, and Private cloud
What is an AWS region?
A region is a physical location in the world which consists of two or more AZs
What is an AZ?
An AZ is an availability zone which is one or more discrete data centers, each with redundant power, networking, and connectivity, housed in separate facilities
What is an edge location?
Edge locations are endpoints for AWS which are used for caching content. Typically consists of CloudFront, Amazon’s Content Delivery Network
What is a CDN?
Content Delivery Network
What is Amazon’s CDN called?
CloudFront
Why should you choose a specific AWS region?
- Data sovereignty laws
- Latency to the majority of end users
- AWS services available in certain regions
What are the different AWS support packages?
- Basic
- Developer
- Business
- Enterprise
How much is the Basic support package?
Free
How much is the Developer support package?
Starts at $29/mo and scales up with usage
How much is the Business support package?
Starts at $100/mo and scales up with usage
How much is the Enterprise support package?
Starts at $15k/mo and scales up with usage. Also includes a Technical Account Manager (TAM)
What does IAM stand for?
Identity Access Management
Is IAM a regional or global service?
Global
What are the 3 ways to access the AWS platform?
- Via the console
- Programmatically via the command line
- Using a Software Development Kit (SDK)
The root account has what kind of access? What is an additional security measure you should add to the root account?
- Full admin access
- 2FA or MFA
What is an IAM Group? What do the things in this group inherit?
- A place to store your users
- Users in a group inherit all permissions applied to the group
IAM Group policies are written in what?
JSON
How many users should be created for each person in a company?
Only one. One user, one human.
Describe how permissions should generally be applied across users and groups
You should try to create groups with certain permissions, and then add users to their respective groups so that they inherit those permissions.
What are two ways to make user accounts more secure?
- Have a strong password rotation policy
- Always enable MFA wherever possible
What is needed for programmatic access to AWS?
An access key
What are IAM credential reports used for?
To audit the permissions of your users and accounts
What information is shown on an IAM credential report?
Passwords, access keys, and MFA
What does S3 stand for?
Simple Storage Service
AWS S3 is ___ based, and allows you to upload ____ file types
- object
- flat
How big can files uploaded to S3 be?
0 bytes to 5tb
What is the storage restriction on S3?
None, storage is unlimited
Files on S3 are stored in what?
Buckets
S3 is a _____ name space so your name must be _____ _____
- universal
- globally unique
Is S3 suitable for installing an operating system on?
No
Successfully S3 upload will generate what HTTP status code?
200
Files uploaded to S3 are stored as _____. Where the ____ is the name of the object and the ____ is the data
- Key value pairs
- Key
- Value
What are the S3 class types?
- Standard
- Standard Infrequently Accessed (IA)
- One Zone IA
- Intelligent Tiering
- Glacier
- Glacier Deep Archive
What is the S3 Standard class for?
General purpose storage for any type of data, typically used for frequently accessed data
What is the S3 Intelligent Tiering class for?
Automatic cost savings for data with unknown or changing access patterns
What is the S3 Standard Infrequent Access class for?
For long lived but infrequently accessed data that needs millisecond access
What is the S3 One Zone Infrequent Access class for? Why is it called One Zone?
For re-creatable infrequently accessed data that needs millisecond access. It is called One Zone because data is stored in a single Availability Zone and would be lost in the event of AZ destruction
What is the S3 Glacier class for?
For long-term backups and archives with retrieval options from 1 minute to 12 hours
What is the S3 Glacier Deep Archive class for?
For long-term data archiving that is accessed once or twice a year and can be restored within 12 hours
S3 buckets are used for what?
Flat file storage
S3 buckets are viewed ____ but you can have buckets in ________
- Globally
- Individual Regions
What kind of websites are appropriate for use with S3? When would a website not be appropriate for use with S3?
- Static websites
- If you need to have a database
Why is S3 appropriate if you expect a lot of requests?
Because S3 scales automatically to meet demand i.e. a static website where you expect a lot of traffic
What are the 3 ways you can restrict S3 bucket access?
- Bucket policies
- Object policies
- IAM policies to Users & Groups
S3 bucket policies apply to what?
Across the whole bucket
S3 object policies apply to what?
To individual files
IAM security policies apply to what?
Users and Groups
What is S3 versioning?
- S3 stores versions of all objects
- Great backup tool
- Cannot be disabled
- MFA delete capability
What is CloudFront service?
Amazon’s Content Delivery Network (CDN)
What is an Edge Location in relation to CloudFront?
The location where content will be cached. This is separate to an AWS region or AZ
What is an Origin in relation to CloudFront?
The origin of all the files that the CDN will distribute. This can either be an S3 bucket, an EC2 instance, an Elastic Load Balancer, or Route 53
What is a Distribution in relation to CloudFront?
This is the name given to the CDN which consists of a collection of Edge Locations
What is a CloudFront Web Distribution used for?
Websites
What is CloudFront RTMP used for?
Media Streaming
Are edge locations for CloudFront read only, write only, or read and write?
Read and write
Objection at CloudFront edge locations are cached for _____
The Time to Live (TTL)
What does EC2 stand for?
Elastic Compute Cloud
What is AWS EC2?
A web service that provides resizable compute capacity in the cloud
What are the main benefits of EC2?
- Reduces the time required to obtain and boot a new server instance to minutes
- Allows you to quickly scale capacity up and down as requirements change
What are the 4 different pricing models for EC2?
- On Demand
- Reserved
- Spot
- Dedicated host
What is EC2 On Demand pricing?
Allows you to pay a fixed rate by the hour or by the second with no commitment
What is EC2 Reserved pricing?
Provides you with a capacity reservation, and offers a significant discount on the hourly charge for an instance. Contract terms are 1 year or 3 years.
What is EC2 Spot pricing?
Enables you to bid whatever price you want for instnace capacity, providing for even greater savings if your applications have flexible start times and end times.
What is EC2 Dedicated Hosting?
Provides access to a physical EC2 server dedicated for your use. Dedicated host can help to reduce costs by allowing you to use your existing server-bound software licenses.
What is the acronym used to remember EC2 instance types?
Fight Dr McPxz AU
What is an EC2 F instance type?
FGPA
