Cloud Essentials

Question 1

What is Cloud

Answer 1

On demand IT resources
Consumption based
You must be connected to the internet

Question 2

Cloud deployment models

Answer 2

On-premise: private cloud, want my own data Center using virtual machines
Hybrid: have some of your own info but new apps migrated to Cloud
Cloud

Question 3

Benefits of the cloud

Answer 3

1. Trade CAPEX for OPEX: data Center investment are based on forecasts vs pay for only of what you consume, savings from DC run & maintain costs can be used for innovation
2. Massive economies of scale: AWS aggregate usage of customer to achieve economies of scale, savings passed onto customer, more than 80X price reductions
3. Stop guessing capacity: pay as you go model, elasticity. Over / under estimating capacity vs scaling on demand.
4. Increase speed and capacity: weeks vs minutes between wanting/needing resources, no need to wait to procure resources
5. Stop spending $ for run & maintain data Center: moving run & maintain $ into biz innovation
6. Go global in minutes: expanding biz into more counties and regions, higher availability, lower latency, regulation compliance

Question 4

AWS security benefits

Answer 4

Keep your data safe 
Meet compliance requirements 
Save money 
Scale quickly
Customer retains complete control and ownership of your data region 
Uses MFA

Question 5

AWS service categories

Answer 5

Total of 23 service categories

• Analytics, Services supporting business intelligence
• Application integration, Services supporting distributed applications
• AR and VR, The fastest and easiest way to create augmented reality (AR), virtual reality (VR), and 3D experiences
• AWS Cost Management, Tools to help you to access, organize, understand, control, and optimize your AWS costs and usage
• Blockchain, Create and manage scalable blockchain networks and managed ledger databases
• Business Applications, Productivity applications
• Compute, Virtual server hosting, container management, and serverless computing
• Customer engagement, Services supporting customer engagement
• Database, Purpose-built databases for all your application needs
• Developer tools, Host code and automatically build, test, and deploy your applications to AWS
• End User Computing, Provision virtual, cloud-based Microsoft Windows desktops for your users
• Game Tech, Support for game development and multiplayer game hosting
• Internet of Things (IoT), Connect devices and collect, store, and analyze data from them
• Machine learning, Machine learning in the hands of every developer and data scientist
• Management & Governance, Complete control for your cloud environment
• Media services, Build video workflows in the cloud
• Migration & Transfer, Features to assist with migration of data, applications and databases
• Mobile, The fastest way to build apps that scale
• Networking and content delivery! Content delivery network, virtual private cloud, direct connections, load balancing, and DNS
• Robotics, Develop, test, and deploy intelligent robotics applications at scale
• Satellite, Fully managed ground stations as a service
• Security, Identity, & Compliance! Secure your environment and achieve compliance
• Storage, A reliable, scalable, and secure place for your data

Question 6

Global infrastructure

Answer 6

25 regions
76 availability zones
216 points of presence

Question 7

AWS region

Answer 7

Physician location of where AWS has their data centres with multiple availability zones
One or more discreet DCs with redundant power, networking, connectivity houses in diff facilities

Each region is located in a separate geographical area
Not all services are replicated in AZ or Region by default

Compliance with regulations, proximity to customers, services in the region, pricing

Question 8

Point of presence

Answer 8

AKA cache servers or Edge locations

Lower latency at users at any location
Route53, CDN (cache domain name service), LambdaH, Cloud Front

Edge locations are located in North America, Europe, Asia, Australia, South America, Africa, and the Middle East. Edge locations cache copies of your content for faster delivery to users at any location. They support AWS services like Amazon Route 53 and Amazon CloudFront.

Regional edge caches, used by default with CloudFront, are used when you have content that is not accessed frequently enough to remain in an edge location. Regional edge caches absorb this content and provide an alternative to fetching that content from the origin server.

Question 9

Selecting a region

Answer 9

1. Data governance, legal requirements
2. Proximity to customers (latency)
3. Services available within the region
4. Costs (vary by region)

Question 10

3 ways to interact with AWS

Answer 10

AWS management console
Command line interface (AWS CLI)
Software development kits (SDKs)

Question 11

AWS management console

Answer 11

Easy to use graphical interface

The console provides a rich graphical interface to a majority of the features offered by AWS. (Note: From time to time, new features may not have all of their capabilities baked into the console when the feature initially launches.)

Administer your AWS account
The console facilitates cloud management for all aspects of your AWS account, including monitoring your monthly spending by service, managing security credentials, and even setting up new IAM Users.

Finding services in the console
There are several ways for you to locate and navigate to the services you need. On the AWS Console Home page, use the search functionality, select services from the Recently Visited Services section, or expand the All Services section to browse through the list of all the services offered by AWS.
At any time, you can also select the Services menu in the top-level navigation bar, which includes the search functionality and the list of all services, either grouped or arranged alphabetically.

Learn more About AWS
The AWS Console Home page features various types of resources to help you learn about the services and features AWS has to offer and get started with building your solutions faster.
The Build a Solution section features various simple automated wizards and workflows that help you create the resources you need for the solution you are seeking.
The Learn to Build section shows you various aggregated learning and training resources, organized by solution type and use case. These resources include tutorials, videos, self-paced labs, project guides, and documentation.

Pin service shortcuts
Personalize your console experience by creating shortcuts to the services you visit most often. Clicking the ”pin” icon in the global navigation bar (top-level toolbar) will allow you to drag and drop service links onto the toolbar to create your shortcuts.

Resource Groups
With Resource Groups, you can view collections of resources that share common tags. Streamline your use of the console by creating a resource group for each application, service, or collection of related resources that you work with regularly.
Quickly navigate to each saved resource group using the AWS menu. Resource Groups are specific to each identity, so each user in an account can create unique Resource Groups for frequently accessed resources and common tasks. Users can also use a URL to share Resource Group definitions with others in the same account.

Tag Editor
Use the Tag Editor to easily manage tags for all resource types that support tags in any Region. Apply tag keys and values to multiple resources at once. The Tag Editor supports global tag search and bulk editing, so it’s easy to find all resources with a particular tag or make tag changes across multiple resources with just a few clicks.

Manage AWS resources from your mobile device
With the AWS Management Console mobile app, you can quickly and easily view your existing resources, including CloudWatch alarms, and perform operational tasks from your mobile device. Download our mobile app from Amazon Appstore, Google Play, or iTunes

Question 12

AWS CLI

Answer 12

Command line interface

Access to services by discreet command

The CLI provides a suite of utilities that can be launched from a command program in Linux, Mac or Windows

The CLI is an open-source tool built on top of the AWS SDK for Python (Boto) that provides commands for interacting with AWS services. With minimal configuration (just one tool to download and configure), you can start using all of the functionality provided by the console from your favorite terminal program.

Linux shells – Use common shell programs such as Bash, Zsh, and tsch to run commands in Linux, macOS, or Unix.
Windows command line – On Microsoft Windows, run commands in either PowerShell or the Windows Command Processor.

Question 13

SDKs (software developer kits)

Answer 13

Software development kits
Access to services in your code

AWS provides packages that enable accessing AWS in a large variety of popular programming languages. This not only makes it easy to use AWS in your existing applications but also enables creating applications to deploy and monitor complex systems entirely through code.

AWS manages infrastructure as code by using the AWS SDKs and the APIs that underlie them. The concept of infrastructure as code (IaC) is powerful and disruptive and sets the cloud apart from the old IT world. These language-specific SDKs contain APIs that allow you to easily incorporate the wide range of AWS Cloud services into your code without writing the functions yourself. There are extensive notes and documentation on how to use the SDKs listed on the slide. Some of the examples of documentation provided for you include guides on how to get started, developer guides, API references, and community forums or developer blogs.

Providing language specific APIS for AWS services

Question 14

Fault tolerant

Answer 14

Ability for a system to remain operational even if some of the compensates fail

Question 15

High durability

Answer 15

Low risk of losing data

Question 16

High availability

Answer 16

Low risk of services being unavailable

Question 17

Scaling up vs scaling out

Answer 17

Scaling up: create a single point of failure, involves adding more resources to a particular instance to meet demand

Scaling out: uses auto scaling groups to increase processing capacity in response to changes in preset thresholds parameters, could involve adding more EC2 instances of a web server

Question 18

Cloud trail

Answer 18

Enables governance, compliance, operating auditing, and risk auditing of your AWS account

Log, continuously monitor and retain account activities related to actions across your AWS Infra with history of account activity, actions taken,

Who has done what, user and API activity tracking

enables governance, compliance, operational auditing, and risk auditing of your AWS account. CloudTrail can be used to record AWS API calls and other activity for your AWS account and save the recorded information to log files in an Amazon Simple Storage Service (Amazon S3) bucket that you choose. By default, the log files delivered by CloudTrail to your S3 bucket are encrypted using server-side encryption with Amazon S3–managed encryption keys (SSE-S3

Question 19

Cloud watch

Answer 19

Log repository for all AWS services! Store and keep the logs
Monitoring NOT debugging

Question 20

Code guru

Answer 20

Developer tool power3d by ML that provides intelligent recommendations for improving quality of code and applications most expensive lines of code

Question 21

AWS codebuild

Answer 21

Fully managed continuous integration service that compiles source code, runs tests, produces software packages that are ready to deploy

Question 22

AWS code artifacts

Answer 22

Fully managed artifacts repository service that makes it easy for orgs to securely store, publish, and share software packages used In their software development process

Question 23

AWS Code star

Answer 23

Develop, build, deploy applications on AWS quickly. AWS code star provides a unified user interface, enabling you to manage your software development activities in one place easily

Question 24

Athena

Answer 24

Serverless query service that does not need to build databases on dedicated elastic block store (EBS) volumes, builds tables from data read directly from Amazon S3 buckets

Does not store any of the data
Compatible with regular data formats ie CSV, JSON, ORC, AVRO, parquet

No additional data storage commitments beyond the object storage
Can query big data complex analysis to such as large joins, window functions, and arrays
Only uses SQL

Question 25

Amazon machine image (AMI)

Answer 25

Provides info required to Launch an instance/ virtual server in the cloud
You specify am AMI when you launch an instance, and you can launch as many instances the AMI as you need,

Question 26

AWS trusted advisor

Answer 26

Checks for service usage for all resources within AWS cloud and provides notifications

Question 27

AWS Codepipeline

Answer 27

Typically utilised when orchestrating and automating the various phases involved in the release of applications updates in line with a release model that the developers defines

Question 28

Codedeploy

Answer 28

Compiling and deploying micro services on Amazon EC2 instances or AWS lambda functions

Automates code deployments to any instance including EC2 and also instances running on premise

Rapidly release new features and avoid downtime during app development

Question 29

Code commmit

Answer 29

Securely Sharing code, collaborating on source code, version control and storing binaries on an AWS fully managed platform

Question 30

Data sync

Answer 30

Simple and fast way to move huge amounts of data (hundreds of terabytes) between on premise storage to S3, EFS, FSx

Question 31

AWS direct connect

Answer 31

Run workloads that are heavy in bandwidth in AWS, ENABLING private and decided connections between the onpremise network and AWS. DATA SYNC can be used over the internet or Direct Connect

Simplifies setting up dedicated network connectivity between AWS and on premise infrastructure

Question 32

AWS Data Pipeline

Answer 32

Web service that facilitates data processing and movement between various AWS Services like compute and storage

Works well with data sources that are on premis

Question 33

AWS MIGRATION Hub

Answer 33

FOR APPS

Service that facilitates discovery of the existing applicants and IT assets and provides a view to better plan and track application migrations

Question 34

AWS global accelerator

Answer 34

Networking service that utilises AWS global network to optimise the user to application path.

Can be tested using a speed comparison tool provided by AWS

Differs from S3 transfer acceleration and dynamo DB accelerator

Question 35

S3 transfer accelerator

Answer 35

Accelerates transfer of files to the S3 bucket by utulizimg edged locations

Question 36

DynamoDB accelerator (Dax)

Answer 36

Fully managed, Highly available in memory cache for DynamoDB

Question 37

AWS web application firewall (WAF)

Answer 37

Helps protect your web apps or APIs against common web exploits that may affected availability, compromise security, or consume excessive resources. Not an access management system, cloudtrail cannot be us3d to manage privledges.

Layer 7

Question 38

AWS Polly

Answer 38

Turns text into life like speech

Question 39

AWS glue

Answer 39

Fully managed extract, transform, and load (ETL) services that make it easier for customers to prepare and load data for analytics

Batch ETL data processing

Question 40

Cloud formation

Answer 40

Define your infra as code

Does not provide general status of your AWS service

Provides common language to model and provision AWS and third party application resources in your cloud environment across all regions and accounts

Can use sample templates to describe AWS resources and associates dependencies or runtime parameters required to run application

Question 41

AWS market place

Answer 41

AWS Marketplace is a digital catalog with thousands of software listings from independent software vendors that make it easy to find, test, buy, and deploy software that runs on AWS. AWS Marketplace includes thousands of software listings from popular categories such as security, networking, storage, machine learning, IoT, business intelligence, database, and DevOps. You can use AWS Marketplace as a buyer (subscriber) or as a seller (provider), or both. Anyone with an AWS account can use AWS Marketplace as a consumer and can register to become a seller.

Question 42

AWS Organization

Answer 42

AWS Organizations helps you centrally govern your environment as you grow and scale your workloads on AWS. Organizations help you to centrally manage billing; control access, compliance, and security; and share resources across your AWS accounts. AWS Organizations cannot help in identifying the right AWS services to build solutions on AWS Cloud

Question 43

AWS service catalog

Answer 43

AWS Service Catalog allows organizations to create and manage catalogs of IT services that are approved for use on AWS. These IT services can include everything from virtual machine images, servers, software, and databases to complete multi-tier application architectures.

Question 44

AWS well architected framework - reliability pillar

Answer 44

Foundations are part of the Reliability pillar of the AWS Well-Architected Framework. AWS states that before architecting any system, foundational requirements that influence reliability should be in place. The services that are part of foundations are: Amazon VPC, AWS Trusted Advisor, AWS Service Quotas (earlier known as AWS Service Limits).

Question 45

Amazon Athena

Answer 45

Amazon Athena is an interactive query service that makes it easy to analyze data in Amazon S3 using standard SQL. Athena is serverless, so there is no infrastructure to manage, and you pay only for the queries that you run.

Question 46

Cloud adoption framework (AWS CAF)

Answer 46

Six areas of focus
Business, people, governance = biz capabilities
Platform, security, operations = technical capabilities

Question 47

AWS CAF - business perspective

Answer 47

Ensure IT aligns with biz needs and that IT investments link to key biz results
Biz case for cloud adoption and prioritize initiatives

Question 48

AWS CAF - people perspective

Answer 48

Org wide change management for cloud adoption

Org stcucturs, Roles, new skills and process requirements

Question 49

AWS CAF - governance perspective

Answer 49

Skills and processes aligned with IT strategy with biz strategy, to undstand and update staff skills and process necessary to ensure biz governance in cloud

Question 50

AWS CAF - platform perspective

Answer 50

Principles and patterns for implementing new solutions on cloud And migrating on premises workloads to cloud

Question 51

AWS CAF - security perspective

Answer 51

Org meets security objectives for visibility, auditability, control and agility

Question 52

AWS CAF - operations perspective

Answer 52

Enable, run, operate, recover IT work.lads to the level agreed upon with your biz stakeholders

Define day to day biz being conducted

Question 53

6 strategies for migration

Answer 53

6Rs

Rehosting
Replatforming
Refactoring / re-architecting
Repurchasing 
Retaining 
Retiring

Question 54

Rehosting

Answer 54

Lift and shift, moving without changes

Question 55

Replatforming

Answer 55

Lifts tinker and shift

Few cloud optimisation by changing the core architecture of the application

Question 56

Refactoring

Answer 56

Re-architecting

Reimagining how an application is architected and developed by using cloud native features

Question 57

Retiring

Answer 57

Removing apps that are no longer needed

Question 58

repurchasing

Answer 58

moving from traditional license to a software as a service model

ie CRM To Salesforce.com

Question 59

Retaining

Answer 59

Keeping apps that are critical for biz in the source environment

Could be including major refactoring before to be migrated or work that can be postponed to later

Question 60

AWS Snowcone

Answer 60

Small rugged secure edge computing and data transfer

2 CPUs, 4 GB memory, 8 TB storage

Question 61

AWS snowball

Answer 61

Snowball edge storage optimised - suited for large scale data migrations and recurring transfer workflows

Snowball edge compute optimise-
Use cases like machine learning, full motion video analysis, analytics, local computer stacks

80TB storage
40 vCPUs

Question 62

AWS snow mobile

Answer 62

Exabyte scale data transfer for moving large amounts of data
Up to 100 PBs, 45 foot long ruggedized shipping container pulled by a semitruck

Question 63

AWS snow family

Answer 63

Physical devices to move large amounts of data into and out of AWS

Question 64

AWS transcribe

Answer 64

Convert speech to text

Question 65

Amazon comprehend

Answer 65

discover patterns in text

Question 66

Amazon lex

Answer 66

Build voice and txt chat bots

Question 67

Amazon sage maker

Answer 67

Build train and deploy ML models quickly

Question 68

Well architected framework (WAF) - Operational excellence pillar

Answer 68

Run and monitor systems to deliver biz value and to continually improve supporting processes and procedures

Question 69

Well architected framework (WAF) - security pillar

Answer 69

Ability to protect info, systems, assets through Risk asssesments and mitigation strategies

Question 70

Well architected framework (WAF) - performance efficiency pillar

Answer 70

Ability to use computing resources efficiently to meet system requirements and to maintain that efficiency as demand changes and technologies evolve

Question 71

Well architected framework (WAF) - cost optimisation pillar

Answer 71

Ability to run systems to deliver biz value at the lowers price point

Question 72

Container

Answer 72

Containers provide you with a standard way to package your application’s code and dependencies into a single object. You can also use containers for processes and workflows in which there are essential requirements for security, reliability, and scalability.

Question 73

Amazon ECS

Answer 73

Elastic container service

is a highly scalable, high-performance container management system that enables you to run and scale containerized applications on AWS. Amazon ECS supports Docker container.

Question 74

Docker

Answer 74

software platform that enables you to build, test, and deploy applications quickly. AWS supports the use of open-source Docker Community Edition and subscription-based Docker Enterprise Edition. With Amazon ECS, you can use API calls to launch and stop Docker-enabled applications

Question 75

5 Trusted advisor best practices

Answer 75

Cost optimisation 
Performance 
Security 
Fault tolerance
Service limits

Question 76

Amazon AppStream 2.0

Answer 76

Fully managed app streaming services that provides users with instance access to their desktop apps from anywhere on any device

Question 77

AWS app sync

Answer 77

Used to develop GraphQL APIs

Question 78

Amazon Kinesis data streams

Answer 78

Collect streaming data for real time analytics

Question 79

AWS data exchange

Answer 79

Millions of AWS customers to securely find subscribe to and use third party data in the cloud

Question 80

AWS resource groups

Answer 80

Organize AWS resources like EC2 instances, Amazon RDS, S3 buckets into groups using criteria that you define as tags

By default, on management console, but resource groups are a custom console that organises the info based on the specific criteria

Question 81

AWS storage gateway

Answer 81

Hybrid cloud storage service that gives you on premises access to virtually unlimited cloud storage

Question 82

Cloud endure

Answer 82

Disaster recovery

Minimise downtime and data loss by providing fast recovery of disaster recovery of physical, virtual, and cloud based servers in AWS cloud

Question 83

Cloud watch

Answer 83

Repository for metrics and logs

Can configure alarm actions

Question 84

Amazon cognito

Answer 84

Add user sign up, sign in, access control to mobile app

Can also sign in with social identity providers like fb,google, Amazon

Question 85

ELB health Check

Answer 85

Possible cause of why you are not able to connec to an EC2 instance behind an ELB

Question 86

AWS Transit Gateway

Answer 86

Connects VPC and on-premises networks trough a central hub

Question 87

VPC Peering

Answer 87

Private connection between two virtual private clouds without using additional software

Question 88

AWS Greengrass

Answer 88

Run local compute, messaging, data caching, syn, and ML inference capabilities on connected devices in a secure way

Question 89

S3 versioning

Answer 89

Keeping multiple variants of an object in the same bucket to easily recover unintended user actions and app failures

Question 90

AWS Kendra

Answer 90

Intelligent search service powered by ML for enterprises within websites and apps

Question 91

Site to site VPN

Answer 91

Secure connection between your data Center or branch office and AWS cloud resources over the internet

Question 92

Cloudwatch billing metric data is stored where?

Answer 92

Us east In north Virginia

Question 93

Active passive

Answer 93

Failover routing - primary location, with a backup secondary locaiton

Question 94

Cost explorer tags in AWS Billing

Answer 94

Activate both AWS generated tags and user defined tags separately before they appear in Cost Explorer

For each resource,e each tag key must be unique and each tag key can have only one value

Question 95

AWS Elasticache

Answer 95

In memory database

Popular choice for real time use cases like caching, session stores, gaming, etc

Question 96

VPC Peering

Answer 96

Network connection between two VPCs that enables you to route traffic between the using private IIP addresses

Question 97

AWS Shield Advanced

Answer 97

Provides enhanced resource specific detection for EC2, ELB, Cloudfront, Global Accelerator, Amazon route 53