AWS-Tech Concepts Flashcards
What is an AWS Availability Zone?
1 or more An Availability Zones may exist within a region.
1 or more discreet data centres
Redundant power, networking and connectivity
What is Cloud Computing?
Refers to the on-demand delivery of IT resources and applications via the internet with pay as you go pricing.
What is Cloud Formation
Cloud Formation enabled the templated envrionments.
What are characteristics of Elasticity ?
- scale resources up or down easily.
- quick deployment
- instantly scale up
- instantly shut down resources that are no longer required.
What are characteristics of Fault Tolerance?
- Built-in redundancy of components to ensure uptime.
What are characteristics of High Availability?
- Minimised downtime.
- systems always functioning and accessible.
- No human intervention required.
What is an AWS Region?
A physical location in the world, it can contain 1 or more availability zones.
What is CloudFront?
This is Amazon’s CDN and is deployed in highly populated areas, also called Edge Locations.
What are Edge Locations?
Edge locations are highly populated areas where Amazon deploys it’s CDN - Cloud front and DNS service.
What services are run at the edge locations?
Amazon Route 53
Cloudfront
AWS WAF
AWS Shield
What are reserved instances ?
Purchased instances with a 1-3 year term at a significant discount.
What are Scheduled Instances ?
Purchased instances that are always available on the specified recurring schedule. 1 year term only.
What are spot instances?
Bid on unused instances, i.e unused technology in an amazon data centre. Your instance runs as long as possible provided it is above the spot price.
What are dedicate instances ?
paid by the hour ? single tenant hardware.
What are dedicated hosts?
pay for a physical host, single tenant.
What is a VPC ?
a virtual private network. You can define VPNs, private subnets, configure gateways.
Each subnet must reside entirely within 1 availability
zone.
VPN options ?
1) Hardware VPN (IPSec)
2) AWS Direct Connect (purchase a direct connection 1-10Gb personal connection)
3) AWS VPN Cloudhub (dedicated private (up to 10 routers))
4) Software VPN (VPN that terminates on an EC2 instance)
What is AWS Artifact ?
It allows the end user to download compliance and audit reports for your auditor. (PCI, FFIEC, ISO, GDPR, SOC1,2,3 etc etc)
(AWS > Services > Artifact)
What is Cloud trail?
1) It is on by default.
2) It logs API calls
3) It can log to an S3 bucket
Amazon DBs
RDS Amazon DynamoDB Amazon elasticache Amazon RedShift AWS DB Migration service
What is RDS ?
Cost-efficient and resizable manages time consuming DBs Fast to deploy isolated DB environment in the cloud Example: MySql, PostgreSQL, MS SQL, MariaDB, Oracle, Amazon Aurora.
What is Amazon DynamoDB ?
Similar to MongoDB / Cassandra NoSQL.
No limit on storage
fully managed.
need to spec the Read and Write throughput.
What is cloud watch?
A big dispersed metrics gathering service, can you cannot opt our.
CPU utilisation, I/O, Network throughput.
You can create alarms based on statistics.
alarms can send notifications and perform functions.
What is an Elastic Load Balancer ?
A network or application layer load balancer that allows you to spread network or application load.
What is the VPC?
Amazon Virtual Private Cloud.
1) Allow you to created virtual networks in the AWS cloud.
2) Allows complete control network configuration
3) Offers several layers of security controls
4) Other AWS services deploy into VPC.
5) Lives in a specific region
6) Can span multiple Availability Zones
What is a VPC subnet ?
It is used to separate and divide multiple Amazon VPCs.
It allows amazon VPCs to span multiple Availability Zones. (AZ)
You can create as many as you want.
Fewer is recommended.
What are VPC route tables?
They control traffic going out of a subnet.
What is the role of an IGW?
Allows access to the internet from the VPC.
What is the role of the NACL?
It controls access to subnets. (stateless)
what is a public subnet ?
A VPC subnet can communicate directly with the internet. *requires a IGW)
what is a private subnet ?
A VPC subnet that cannot communicate directly with the internet.
What is the AWS Security Group?
It is built into AWS.
It is essentially a virtual firewall.
controls accessibility
basically, it filters traffic to your instances