Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

Gaukhar > Caching > Flashcards

Caching Flashcards

1
Q

CloudFront Security

A

DDoS protections, AWS Shield, WAF

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Cloudfront Ingress

A

Can upload to S3 even though S3 transfer acceleration will be more efficient

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

CloudFront HA

A

Has support for primary and secondary origins for failover

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

CloudFront S3 origin

A

Traffic goes through private aws network, faster

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

CloudFront EC2

A
  • EC2 must be public, its SG needs to allow traffic from all edge location public ips.
  • Traffic goes through public internet
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

CloudFront + ALB + EC2

A
  • EC2 can be private, its SG needs to allow traffic ALB SG
  • ALB is public, its SG needs to allow traffic from all edge location public ips.
  • Traffic goes through public internet
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

CloudFront vs Cross Region Replication

A

CloudFront:

  • Global Edge replication
  • Files are cached for TTL
  • Great for static content that must be available everywhere

S3 CRR:

  • Must setup replication for each region
  • Near real time replication
  • Replication buckets are read only, source is only one
  • Great for dynamic content that needs to be available at low latency in a few regions
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

CloudFront Geo Restriction

A
  • Whitelist and Blacklist of countries that can(not) access content
  • Country determined using 3rd party ip database
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

ClouFront signed URLs/Signed cookies

A

We attach a policy:

  • URL expiration date
  • IP ranges to access data from
  • Trusted signers (which AWS accounts can create signed URLs)

Signed URL - access to one file
Signed Cooke - access to multiple files

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

CloudFront URL vs S3 Pre-signed URL

A

CloudFront:

  • Allow access to a path no matter the origin (backend, s3)
  • Account wide key-pair, only root can create signs URLs
  • Can filter by ip, path, expiration, date
  • Can leverage caching features
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

CloudFront Caching

A

Based on:

  • Headers
  • Session Cookies
  • Query Parameters

Live on each edge location
TTL set by Header sent in response from origin:
- Control-Cache
- Expires

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Lambda@Edge

A
  • Lambda is deployed globally alongside CloudFront
  • Can implement request filtering (using lambda) before reaching application
  • Pay only for what you use
  • Does not have any cache
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

CloudFront HTTPS configuration and Host

A

If Host header is not forwarded to origin, CloudFront will Host header with the value of the origin

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

ElasticCache

A
  • Managed Redis or Memchached
  • Involves heavy application code changes
  • Must have invalidation strategy
How well did you know this?
1
Not at all
2
3
4
5
Perfectly

Gaukhar (14 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions