Cloud Practitioner Apps Flashcards
1
Q
AWS EC2
A
OS System of Windows or Linux
2
Q
AWS EC2 Scale Vertically
A
Optimize
Processor, Ram, Storage, Etc.
3
Q
AWS EC2 Scale Horizontally
A
Add more EC2
4
Q
AWS EC2 instance type
A
General, Compute Optimized, Memory Optimized, Accelerated Computing (Graphic), Storage Optimized
5
Q
Different Type of AWS EC2 Pricing
A
On-Demand, Savings Plans, Reserved Instances, Spot Instances, Dedicated Hosts
6
Q
On-Demand AWS EC2 Pricing
A
Pay as you use instances
7
Q
Savings Plans AWS EC2 Pricing
A
1 to 3 years terms,
66% Discounts vs On-Demand,
Commitment to a consistent amount of usage
8
Q
Reserved Instances Plans AWS EC2 Pricing
A
1 to 3 years terms,
72% Discounts vs On-Demand,
Commitment to specific capacity reservation in a specific availability zone
9
Q
Spot Instances Plans AWS EC2 Pricing
A
90% Discounts vs On-Demand, when application doesn’t need constant running.
Has specific start and end times.
Good for testing applications and running specific one time computing needs
10
Q
Dedicated Host Plan AWS EC2 Pricing
A
Allow to use existing software licenses Good for compliance requirement Can be purchased w/ On-Demand OR Reservation for up to 70% off the On-Demand price
11
Q
Scaling EC2
A
Scale server usage based on peak hours and non-peak hours (Can be automated)
12
Q
Types of Auto Scaling EC2
A
Dynamic Scaling - Responds to changing demand
Predictive Scaling - Predicts ahead and assigns number of EC2
13
Q
Elastic Load Balancing (ELB)
A
Host to direct traffic
Regional Construct
14
Q
Amazon SQS (Simple Queue Service)
A
Queueing messages from application A in buffer zone until application B comes back online
15
Q
Amazon SNS (Simple Notification Service)
A
messages placed until they are delivered
16
Q
EC2 Still
A
Patching instances
Scaling Instances
Ensure EC2 at high availability
17
Q
Container Orchestration Tools
A
manage containers of codes
AWS ECS and EKS
18
Q
AWS Lambda
A
Serverless compute.
Runs code in response to events
19
Q
AWS ECS (Elastic Compute Service)
A
Container Orchestration Service that helps deploy, manage, and scale containerized applications that runs on code.
20
Q
AWS EKS (Elastic Kubernetes Service)
A
Container Orchestration Service that helps run and scale Kubernetes application
21
Q
AWS Global Infrastructure - Regions
A
Datacenters in the regions where in high demand
22
Q
AWS Global Infrastructure - Availability Zone
A
Multiple zones in a AWS Region
23
Q
AWS Edge Location Tools
A
AWS Cloud Front
AWS Route 53
AWS Outposts
24
Q
AWS Cloud Front
A
CDN (Content Delivery Network) for users to gain access to the contents without having to wait a long time to connect to source
25
AWS Route 53
DNS (Domain Name System)
Translates web text addresses to IP addresses to croute end users to correct applications
(For example, users in Korea needs to access web page in Korean which will automatically detect based on the IP address of the end user)
26
AWS Outposts
Mini On-premise AWS server (Actual rack and hardware) for the applications need for low latency.
27
AWS Resources - API
Resource for applications to communicate w/ each other
28
AWS Resources - AWS Management Console
Test environments, view monitoring, work w/ non technical resources
29
AWS Resources - AWS Command Line Interface (CLI)
Control multiple AWS services from the command line and automate them through scripts.
30
AWS Resources - AWS Software Development Kits (SDK)
Interact w/ AWS resources through various programming languages
31
AWS Elastic Beanstalk
Deploys resources to adjust capacity, load balancing, automatic scaling, application health monitoring.
Can deploy repeatedly.
Can copy whole EC2 and paste to re-deploy
32
AWS Cloud Formation
Infrastructure as code tool used to define wide variety of AWS resources
33
AWS VPC (Virtual Private Cloud) features
Subnets, Internet Gateway, Virtual Private Gateway, AWS Direct Connect
34
Subnets
Control EC2 in VPC to be public or private
35
Internet Gateway
Doorway to VPC for public traffic
36
Virtual Private Gateway
Doorway to VPC for private traffic
37
AWS Direct Connect
Physical fiber optic line to connect directly to AWS
38
AWS VPC Security - Network Access Control List (ACL)
Subnet Security Level
| Controls both input and output traffic from/to Subnet
39
AWS VPC Security - Security Group
Subnet Security level based on instances
| Controls input traffic to Subnet only
40
AWS Global Networking - AWS Route 53
Translates text address to IP address to accommodate country specific websites based on the location of IP addresses
41
AWS Global networking - AWS CloudFront
A network that delivers edge content to users based on their geographic location
42
Instance Store Volumes
Storage that comes w/ EC2 but gets deleted when EC2 stops or terminated
43
AWS EBS (Elastic Block Store)
Can link to EC2 to store and access file quickly
| Safely guard it by having it encrypted at rest and create EBS snapshots
44
EBS Snapshots
Incremental backups for EBS
45
AWS S3 Standard
99.999999999999999% durability
| Frequent access
46
AWS S3 IA (Infrequent Access)
Not accessed frequently
Requires long term storage
There is IA Standard for lower storage price than S3 Standard, but higher retrieval price.
IA One Zone which only stores the data in one zone (no copies or back up in other zones) and has lowest price in IA group
47
AWS S3 Intelligent Tiering
Automation that detects the file access frequency and moves them between S3 Standard and S3 Standard IA to save cost.
48
AWS S3 Glacier
Archiving Data to retrieve objects within a few minutes to hours
Can lock files to read only for compliance reasons
49
AWS S3 Glacier Deep Archive
Lowest cost for archiving
| Able to retrieve objects within 12 hours
50
AWS S3 Lifecycle Management
Move data automatically between tiers based on file types and needs trigger point.
51
EBS vs S3
Consider EBS as good hard drive size (Up to 16TB) with quick save options by using SSD. But if you need huge hard drive size (Unlimited Storage) just for saving files purposes, S3 will do that at cheaper rate.
52
AWS EFS (Elastic File System)
Multiple instances access the data at the same time unlike EBS.
Allow access and storage scaling to be automatically adjusted when needed.
Only supports Linux file system.
53
AWS RDS (Relational Database Service)
Best when data is related to one another
Supports SQL
AWS Aurora
54
AWS DynamoDB
Serverless Database
Non-relational and no SQL database
Scales automatically and fast database
Upload data structured in key-value format
55
AWS Redshift
compiles historical data for KPIs
| Scalable
56
AWS DMS (Database Migration Service)
Database migration w/ minimal downtime
| Can do both homogeneous (SQL to SQL) and heterogenous (Convert & Migrate)
57
AWS Document DB
No SQL but document based data migration service
58
AWS Neptune
Graph database service
59
AWS Managed Blockchain
Blockchain network database w/ open source frameworks
60
AWS QLDB
Ledger database (Great for accounting)
61
Amazon ElastiCache
Accelerator database by adding caching layers to improve read times of common requests
62
Amazon Dynamo DB Accelerator (DAX)
In-memory Cache
| Only for DynamoDB
63
Share Responsibility
Customer control sharing IN the cloud (OS, Applications, Data related)
AWS control the sharing OF the cloud (Hypervisor, Network, physical hardware, etc)
In the end, it will depend on the services being used.
64
AWS User Security
AWS Account Root user
MFA
AWS IAM Users
65
AWS Account Root User
Very first account and able to access anything in AWS
66
AWS IAM Users
Principle of least privilege (Starts w/ zero permission when created)
67
IAM Groups
Attach users to pre-organized permission level
68
IAM Policies
Policies allowing or denying permissions to perform certain functions in AWS
69
IAM Roles
Roles are based on set period of time. (Temporary Permissions)
Great for outside vendors to perform projects within AWS at fixed period
70
AWS Organzations
Central location to manage multiple AWS accounts
| Get consolidated bill which will allow us to get volume discounts
71
AWS Artifacts
Contains Compliance reports & agreements done by third-party
72
Customer Compliance Center
Resources provided by AWS for compliance related
73
Types of DDoS
UPD Flood - Overflow with traffic
HTTP attacks
Slowlories Attack
74
AWS Shield w/ AWS WAF
Great for DDoS attack
AWS Shield Standard - Included in AWS
AWS Shield Advance - Paid service that details the DDoS attack and mitigate it.
75
In Transit
SSL tunnel to transit data securely
76
AWS KMS (Key Management Service)
Encrypting keys to protect them from exposure.
77
AWS WAF
Web application firewall
78
AWS Inspector
Security assessment service
79
AWS GuardDuty
Review detailed findings in threat and take action
80
AWS CloudWatch
Tracking & Monitoring metrics of the cloud system
| Can set alarm by setting threshold on usage to get notification via SMS, emails
81
AWS CloudTrail
API auditing Tool
| Can help track down who took certain actions by logging the activities
82
AWS TrustedAdvisor
Evaluate 5 pillars
1. Cost Optimization
2. Performance
3. Security
4. Fault Tolerance
5. Service Limits
83
AWS Free tier types
1. Always Free
2. 12 months Free
3. Trials
84
AWS Pricing Concepts
Pay for what you use
Pay less when you reserve
Pay lesser with volume
85
AWS Budget
Can create budget in AWS system which can have trigger to send out notification when we are near the spending limit
86
AWS Cost Explorer
Visual KPI to show how our money is being spent in AWS
87
AWS Support Plan
Free Support
Developer Support
Business Support
Enterprise Support
88
Developer Support
Can gain email access to customer support
89
Business support
AWS Trusted Advisor
| Direct phone access to Cloud Engineers
90
Enterprise support
Technical Account Manager (TAM) to monitor and provide feedback on TrustedAdvisor five checks
Also provide scaling guidance by providing Infrastructure Event Management
91
AWS Marketplace
Third party software catalog
92
AWS Cloud Adaption Framework (CAF)
Help manage through the process of Migration in six areas
1. Business
2. People
3. Governance
4. Platform
5. Security
6. Operations
93
Migration Strategy
```
6R's
Rehosting
Re Platforming
Retire
Retain
Repurchasing (Same license, different vendor)
Refactoring
```
94
AWS Snowfamily
Snowcone - up to 8TB hard drive shipped to migrate database
```
Snowball -
Compute Optimized (52 CPUs, 208GB ram, 42 TB Storage
Storage Optimized (40 CPUs, 80GB ram, 80TB Storage)
```
Snowmobile - up to 100PB storage (100,000 TB)
95
Innovation with AWS products
```
AWS SageMaker - custom AWS
AWS Augmented AI
Amazon Lex - Alexa
Amazon Textract - Extract text and data
AWS DeepRacer - Machine Learning
Internet of Things - IoT
AWS Ground Station - Lease AWS satellite
```
96
AWS Managed Services
```
Amazon EMR (Elastic MapReduce)
AWS DynamoDB
AWS Lambda
AWS RDS
AWS Redshift
AWS CloudFront
```
97
AWS Quick Start reference deployments
To deploy popular technologies on AWS w/ least amount of effort and time
98
AWS customers penetration test
```
No prior approval on
Amazon EC2, NAT gateways, ELB
RDS
CloudFront
Aurora
API Gateways
Lambda
Lighsail
Elastic Beanstalk
```
99
EC2 Convertible RI (Reserved Instance)
Allow company to exchange the purchased reserved instance for another reserved instance w/ higher computing power.
100
AWS Personal Health Dashboard
Personalized view of AWS service health
Detailed troubleshooting guidance to address AWS events impacting your resources
Proactive notifications
101
AWS Abuse Team
```
Spam
Port Scanning
DDos
Intrusion Attempts
Hosting objectionable or copyrighted content
Distributing Malware
```
102
Amazon Aurora
MySQL and PostgreSQL relational database built for cloud
103
Implement Elasticity
AWS cloud best practice to dynamically to reduce cost by adjusting compute capacity
104
Shared Controls by both AWS and customers
Patch Management
Configuration Management
Awareness & Training
105
AWS Three Cloud Computing Models
IaaS
PaaS
SaaS
106
Application w/ highest level of availability
Deploy the application across multiple regions and availability zones.
