AWS Core Services

Question 1

Elastic Compute Cloud (EC2)

Answer 1

• A web service that provides secure, resizable compute capacity in the cloud
• Designed to make cloud computing easier for developers as it provides complete control of your computing resources

Question 2

What does ‘elastic’ refer to within EC2?

Answer 2

The fact that if your servers (EC2 instances) are configured properly, you can increase or decrease the amount of servers required by an application automatically

Question 3

What does ‘compute’ refer to within EC2?

Answer 3

The server (EC2 instances) that resources are being presented from

Question 4

What does ‘cloud’ refer to within EC2?

Answer 4

The fact that the resources are cloud-hosted compute resources

Question 5

Benefits of EC2 instances

Answer 5

• Pay as you go — you only pay for running instances

- Broad selection of hardware/software and selection of where to host your instances

Question 6

Steps to build and configure an EC2 instance

Answer 6

• Choose the region where the instance will be hosted
• Launch the EC2 wizard
• Select the Amazon Machine Image (AMI) — which provides a software platform for the instance
• Select the instance type — which refers to the hardware capabilities
• Configure the network, storage, and key pairs
• Launch & connect

Question 7

Amazon Elastic Block Store (Amazon EBS)

Answer 7

An easy to use, high performance block storage service designed for use with Amazon EC2 for both throughput and transaction intensive workloads at any scale

Question 8

Benefits of Amazon EBS volumes

Answer 8

• Can be used as a storage device for Amazon EC2 instances
• Gives you the ability to create point-in-time snapshots of your volumes and recreate a new volume from a snapshot at any time in order to provide an even higher level of data durability
• Have the ability to increase capacity and change to different types — such as a hard disk to an SSD disk (and vice versa)

Question 9

Amazon Simple Storage Service (Amazon S3)

Answer 9

• A fully managed storage service that provides a simple API for storing and retrieving data
• Ability to place unlimited objects in the service as it holds trillions of objects and regularly peaks at millions of requests per second
• Provides low-latency access to data over the internet by HTTP or HTTPS — that way you can retrieve data anytime and from anywhere
• Ability to create buckets to store data
• Can access this service via the AWS Management Console, AWS CLI, AWS SDK, or in your bucket directly via the rest endpoints

Question 10

What is a “key”?

Answer 10

• A string that can be used to retrieve the object later (Example– media.welcome.mp4)
• Common practice is to set these strings in a way that resembles a file path

Question 11

Amazon S3 common use cases:

Answer 11

• Storing application assets
• Static Web Hosting
• Backup & disaster recovery
• Staging area for Big Data

Question 12

AWS Global Infrastructure includes:

Answer 12

• AWS Regions
• Availability Zones
• Edge locations

Question 13

AWS Regions

Answer 13

Geographic areas that host two or more Availability Zones and are the organizing level for AWS services

Question 14

Details about AWS Regions:

Answer 14

• Picking the right region is important to optimize latency while minimizing costs and adhering to regulatory requirements
• Ability to deploy resources in multiple regions
• Regions are separate from one another — resources and services are not automatically replicated in other regions

Question 15

Availability Zones

Answer 15

Collection of data centers within a specific region

Question 16

Details about Availability Zones:

Answer 16

• Each zone is physically isolated from other data centers, but connected by a fast, low-latency network
• They are physically distinct, independent infrastructures
• Have their own discrete, uninterruptable power supply; onsite backup generators; cooling equipment; and networking and connectivity
• Supplied by different grids; from independent utility companies for power
• Isolating the zones means they are protected from failures in other zones — which ensures high availability
• AWS recommends provisioning your data across multiple zones as a best practice

Question 17

Data redundancy

Answer 17

If one Availability Zone goes down, the other zones can still handle requests

Question 18

Edge locations

Answer 18

They host a cloud delivery network (CDN) called Amazon CloudFront — which delivers content to your customers

Question 19

Details about edge locations:

Answer 19

• Requests for content are automatically routed to the nearest edge location so that content is delivered faster to end users
• Edge locations are typically located in highly populated areas

Question 20

Amazon Virtual Private Cloud (VPC)

Answer 20

The networking AWS service that meets your networking requirements

Question 21

Details about Amazon VPC:

Answer 21

• Allows you to create a private, virtual network in the AWS cloud
• Allows complete control of network configuration
• Ability to control what you expose to the Internet and what you isolate within the VPC in a way to layer security controls within the network

Question 22

Features of Amazon VPC:

Answer 22

• Builds upon the high availability of AWS Regions and Availability Zones since these live within regions and can span across multiple zones
• Subnets
• Route tables
• Internet Gateway (IGW)
• Network Address Translation (NAT) Gateway
• Network Access Control List (NACL)

Question 23

Subnets

Answer 23

Used to divide VPC’s and allow VPC’s to span across multiple availability zones

Question 24

Details about subnets:

Answer 24

• Ability to create multiple subnets — but the fewer created, the better as it creates complexity of the network topology if more subnets are created
• Subnets are classified as either public or private

Question 25

Public subnet

Answer 25

A subnet that has direct access to the Internet

Question 26

Private subnet

Answer 26

A subnet that does not have direct access to the Internet

Question 27

Route tables

Answer 27

Contains sets of rules (called routes) that are used to determine where network traffic from your subnet or gateway is directed

Question 28

Internet Gateway (IGW)

Answer 28

Allows access to the Internet from Amazon VPC

Question 29

Network Address Translation (NAT) Gateway

Answer 29

Allows private subnet resources to access the Internet and other AWS services, but prevent the internet from initiating a connection with those resources

Question 30

Network Access Control Lists (NACL)

Answer 30

An optional layer of security for your VPC that acts as a firewall for controlling traffic in and out of your subnets

Question 31

AWS Security Groups

Answer 31

• Act like a built-in firewall for your virtual servers
• Have full control of accessibility of your instances
• Web Tier only accepts traffic from the Internet, the Application Tier only accepts traffic from the Web Tier, and the Database Tier only accepts traffic from the Application Tier (Internet —> Web —> Application —> Database)
• By default, all inbound traffic is DENIED and all outbound traffic is ALLOWED; but you can edit this
• 0.0.0.0/0 is the source that allows for all web traffic