AWS Services and Use Cases Flashcards
Low-latency ingestion, buffering and processing of streaming data in real-time, from a 1000s of sources.
Amazon Kinesis Data Streams
Prioritise work in SQS queues, based on criteria.
Use separate queue and configure application layer to poll fro priority queue.
Sender-consumer model, must account for failure of message processing.
Amazon SQS (Simple Queue Service), with dead letter queue to collect failed messages.
Encrypting an existing DB that is not encrypted.
Create snapshot of existing DB. Create an encrypted copy from the snapshot, then create a new instance of the DB from the encrypted snapshot.
Low latency experienced on read queries to a DB.
Amazon Aurora Global DB, one master in primary region where data is mastered and up to 5 read only in secondary Regions.
Content on CloudFront needs restricting depending on country.
Use CloudFront Geo Restriction feature. Whitelist or blacklist countries.
Intelligently route traffic for lowest latency and provide fast regional failover.
AWS Global Accelerator, uses AWS global network to route TCP and UDP traffic to healthy application endpoint in the closest region to the user, reducing latency.
Cost effectively reduce latency for content delivery in certain regions.
Use CloudFront price class feature to determine where in the world the content will be cached.
Copy data from NFS (Network File System), SMB (Server Message Block), AWS Snowcone, S3, AWS EFS (Elastic File System) and Amazon FSx (Windows File Server).
AWS DataSync alongside AWS Direct Connect, for enhances security and reliability.
Instances in private subnet, user requires access to the instances.
Create an ALB (Application Load Balancer and associate public subnets in the AZs as the private subnets. This way instances become targets for Load-Balancing and are accessible from the internet.
Restrict access on S3 via CloudFront. Don’t want to change URL.
Signed Cookies on CloudFront, for providing/restricting access to multiple files and don’t want to change URL.
Restrict access to documents in S3 to a specific VPC.
Create an S3 access point and configure it to only allow a specific VPC.
Write-Once-Read-Many requirement on S3 Objects.
Enable S3 Object Lock. Helps prevent object from being deleted or overwritten.
ETL use case for moving data between data stores.
AWS Glue
Optimise Aurora DB workloads and redirect different types of queries to high capacity and low capacity instances.
Create custom endpoints, depending on traffic
Secure execution of Redis commands
User Redis AUTH command so that users have to enter password to execute commands.
Access of data required from cloud to/from on prem file system.
File gateway on prem and AWS Storage Gateway to provide on-prem access and management into oher storage solutions (S3)
Fastest way to transfer data and collate from a variety of locations
Enable Transfer Accelerator in S3 destination bucket
Improve performance of DynamoDB DB by distributing workload effectively
Partition Keys with High-Cardinality Attributes. High number of distinct value between them
Protect backend system that receive API calls from excessive traffic
API throttling limit within the API gateway
Query data from multiple AWS accounts from a central repo.
AWS Lake Formation
Execute a function to allow CloudFront content closer to users
Lambda@Edge allows customisation of CloudFront content and execution of functions in locations closer to users.
Share resources across AWS OU account.
AWS RAM (Resource Access Manager) sharing of Transit Gateway, Subnets etc
Enable event-drive architecture, do something when an event happens.
AWS EventBridge to run tasks on Fargate whenever an event happens in an S3 bucket for example.
Migrate a Windows File System to the cloud.
Amazon FSx for Windows File Server
Track data compliance on PII data
Amazon Macie, ML powered data security service that prevents data loss. It uses ML to discover and protect sensitive data.
Ensure an RDS DB can only be accessed via an authentication token
Enable IAM DB Authentication for SQL DBs
Analyse vats amounts of data.
Amazon EMR - Elastic MapReduce, allows you to process data for analytics and business intelligence purposes. ETL as well and works with Apache Hadoop and Spark.
Manage software licensing.
AWS License Manager
