AWS GENERAL

Question 1

what is cloud computing?

Answer 1

on-demand delivery of compute power, database storage, applications and other resources - pay as you go

IaaS: EC2
PaaS: Elastic Beanstalk
SaaS: Rekognition

Question 2

each AWS Region has a minimum of 3 Availability Zones…

Answer 2

and each AZ consists of one or more discrete data centers

(Region>AZ>Edge Locations)

Question 3

why use an AWS-managed service?

Answer 3

pre-trained ML services
responsiveness and availability
redundancy and regional coverage
performance
token-based pricing
provisioned throughput

Question 4

AWS Comprehend

Answer 4

uses ML to find insights and relationships in text, extract key phrases, and automatically organize it by topic

Question 5

AWS Polly

Answer 5

turns text into life-like speech using Deep Learning

Question 6

AWS Rekognition

Answer 6

allows you to find objects, people, text, scenes in images or videos using Machine Learning (labelling, custom labels, content moderation)

Question 7

AWS Lex

Answer 7

build chatbots quickly using voice or text, integration with AWS Lambda, Connect, Comprehend, Kendra, will ask for “slots” (input parameters) of necessary

Question 8

AWS Personalize

Answer 8

full ML service to build apps with real-time personalized recommendations (amazon.com)

Question 9

AWS Kendra

Answer 9

fully-managed document search service

Question 10

AWS Mechanical Turk use cases:

Answer 10

image classification
data collection
business processing
integration with A2I, Sagemaker, Groundtruth

Question 11

AWS Augmented AI (A2I)

Answer 11

human oversight of ML predictions in production, can be built on AWS or elsewhere

Question 12

AWS Deepracer

Answer 12

used to train and evaluate Deep Reinforcement Learning models (backed by Sagemaker)

Question 13

AWS Hardware for AI

Answer 13

choosing EC2 instances for your AI needs

AWS Trainium: ML chips for high-performance, cost-effective DEEP LEARNING training

AWS Inferentia: ML chip for deep learning and genAI inference applications

both have the lowest enviromental footprint

Question 14

more AWS services

Answer 14

aws IAM: identity and access management
aws EC2: rent virtual machines
aws Lambda: virtual servers in the cloud

aws Macie: data security and privacy service that uses ML and pattern matching to discover and protect your sensitive data

aws config: helps auditing and recording compliance of your aws resources and configurations over time

aws inspector: automated security assessments only for EC2 instances, container images and Lambda functions

aws cloudtrail: governance, compliance and audit for your account - enabled by default

aws artifact: portal that provides customers with on-demand access to aws compliance docs and agreements

aws audit manager: assess risk and compliance of your aws workloads, audit aws services and prepare audits

aws trusted advisor: analyzes your aws account and provides recommendations

Question 15

vpc questions on the exam will be about deploying models privately and accessing aws services without going through the internet

Answer 15

vpc: virtual private cloud

subnet: allow you to partition your network inside your vpc, creating private subnets

internet gateways: help your vpc instances connect with the internet

nat gateways (aws managed): allow your instances in your private subnet to access with internet while remaining private

vpc endpoints: access aws services privately without the public internet

S3 gateway endpoints: accessing aws privately

Question 16

what if bedrock has to access an encrypted s3 bucket?

Answer 16

bedrock has the ability of assigning IAM roles, so by assigning one with the right permissions it must also have access to the KMS key

Question 17

what if a sagemaker model deployed on a vpc wants to access data on s3 privately?

Answer 17

needs a vpc endpoint for s3, and also set up IAM roles

IAM roles are used to access specific aws resources and vpc endpoints are used to privately access some aws services