AWS Fundamentals Flashcards
Exam prep
What EC2 instance Type is best for high performance processors?
batch processing
media transcoding
high performance web servers
high performance computing
scientific modelling and machine learning
dedicated gaming servers?
Compute Optimized
What EC2 Instance Type is best for fast performance for workloads that process large data sets in memory, such as
High performance databases
distributed web scale cache stores
In memory databases optimized for BI
Real time processing of big unstructured data
Memory Optimized
What EC2 Instance type is great for storage intensive tasks that require high, sequential read and write access to large data sets on local storage?
Use Cases:
High frequency online transaction processing (OLTP) systems
Relational and no SQL dbs
In memory Cache eg Redis
Data Warehousing applications
Distributed file systems
Storage Optimized
Key points of security groups
Only contain allow rules (but are statful)
Can be referenced by IP or security group
Region or VPC combination
What does a time out on accessing the application tend to imean?
Security group issue
Connection refused is likely an app error or it’s not launched
What protocol is port 22 used for?
SSH - log into a linux instance
also used for SFTP
What protocol is port 21 used for?
FTP File transfer - upload files to a shared space
What protocol is port 80 used for?
unsecured web sites HTTP
What protocol is port 443 used for?
HTTPS secured websites
What protocol is port 3389 used for?
RDP - Remote Desktop Protocol (Windows instance log in)
EBS Volume 3 key points
Network (not physical) drive, can be detached from an EC2 instance and attached to another quickly
Locked to an AZ, would need to Snapshot for moving to another AZ
Has a provisioned capacity in GB and IOPS
For default settings what happens when an EC2 instance is terminated?
By default the root EBS volume is deleted
Be default any other attached EBS Volume is persisted
Where can you get an AMI (Customization of an EC2 instance - Amazon Machine Image)
Public AMI - AWS provided
Your own AMI
AWS Marketplace AMI (made by someone else)
What is an EC2 Instance Store?
High performance hardware disk (EBS is a network drive)
with better IO performance
Good for buffer/scratch/cache data
Ephemeral
What are the only EBS volumes that can be used as boot volumes?
gp2/gp3 (SSD - general purpose)
io1/io2 (SSD - highest performance)
When would you use Provisioned IOPs SSD for EBS Volume
Critical business app
Sustained IOPs performance
> 16000 OPS
can be multi-attached
When would you use HDD volume
st1: Throughput optimized
Big Data, warehousing , log processing
st2: Cold HDD
infrequent access
lowest cost is important
What is multi attach EBS with io1/io2 family?
Attaching same volume to multiple EC2 instances in the same AZ
Apps must manage concurrent writes
up to 16 EC2 instances at a time
must use cluster aware file system
Does EFS work with EC2 instances in multi AZ?
Yes
What are the EFS Storage Tiers
Standard for frequently accessed
Infrequent (EFS-IA) cost to retrieve files
How can you manage moving EFS data between Storage Tiers
Use a lifecycle policy
Elastic Load Balancer - advantages
AWS Guarantee it will be working, they will upgrade it and allow easy configuration
Integrated with many AWS services
Where is the Client IP for an ALB
inserted in X-Forwarded-For
What is Cross-Zone Load Banlancing
Each load balancer distributes evenly across all registered instances in the AZ
Without cross zone load balancing the requests are distributed in the instance of the node of the ELB
It is only enabled by Default for ALB
For NLB and GLB it is disabled and costs $$ to enable.
What DBS are managed by AWS (RDS)
- Postgres
- MySQL
- MariaDB
- Oracle
- Microsoft SQL Server
- Aurora (AWS Proprietary database)
Advantages of using RDS
- RDS is a managed service:
- Automated provisioning, OS patching
- Continuous backups and restore to specific timestamp (Point in Time Restore)!
- Monitoring dashboards
- Read replicas for improved read performance
- Multi AZ setup for DR (Disaster Recovery)
- Maintenance windows for upgrades
- Scaling capability
- Storage backed by EBS (gp2 or io1)
- BUT you can’t SSH into your instances
Storage Autoscaling with RDS - what actions do you need to do
Set max storage threshold
What is the max RDS Read Replica?
Are RDS Read replica Confined to a region?
15
RDS Read replicas can be cross region, reads are ASYNC and eventually consistent
If you are using RDS read replicas what must the application update in order to read them.?
The connection string
How does Aurora handle read scaling?
One Aurora instance takes writes
The master takes writes, once there is a quorum
eg 4 copies out of 6 are written then write is done.
What is unique about Aurora
AWS propietarty DB
Cloud Optimized
Storage automatically grows in increments of 10TB to 128TB
Very fast replication
HIghly available
More expensive
RDS and Aurora Security points
At-rest encryption:
* Database master & replicas encryption using AWS KMS – must be defined as launch time
* If the master is not encrypted, the read replicas cannot be encrypted
* To encrypt an un-encrypted database, go through a DB snapshot & restore as encrypted
* In-flight encryption: TLS-ready by default, use the AWS TLS root certificates client-side
* IAM Authentication: IAM roles to connect to your database (instead of username/pw)
* Security Groups: Control Network access to your RDS / Aurora DB
* No SSH available except on RDS Custom
* Audit Logs can be enabled and sent to CloudWatch Logs for longer retention
