Confusions2 Flashcards
Amazon S3 Transfer Acceleration Vs AWS Global Accelerator
Enhances content transfers to and from Amazon S3
Vs
Uses edge locations and AWS global infrastrure for storage and compute for better performance of applications
OLTP Vs OLAP which service?
OLTP->Amazon RDS,Amazon DynamoDB
OLAP->Amazon Redshift(DW)
AWS Personalize Vs AWS Comprehend Vs AWS Kendra
Amazon Personalize is a machine learning (ML) custom recommendation engines with real-time personalization and user-specific content recommendations
Vs
NLP
Vs
Enterprise document search solution by AWS, enhancing productivity and customer satisfaction
Data encryption is automatically enabled for which services?
S3 and Storage Gateway
Encryption of data in transit and encryption at rest
EFS
Lowest Availability for which storage class?
S3 One Zone-IA
Minimum Storage Duration
S3 Standard = NA
S3 Intelligent Tiering = NA
S3 Standard IA=30
S3 One Zone IA=30
S3 Glacier Instant Retrieval = 90
S3 Glacier Flexible Retrieval = 90
S3 Glacier Deep Archive= 180
Site to Site VPN what components
Customer Gateway
Virtual Private Gateway/Transit Gateway
Customer gateway device
AWS Migration Evaluator
Migration assessment service
AWS Transit Gateway
Vs
AWS Customer Gateway
Vs
AWS Internet Gateway
Vs
VPN
Vs
Virtual Private Gateway
Transit Gateway, Virtual Private Gateway and Internet Gateway are on AWS
AWS Customer Gateway is on on-premise
VPN is a connection between AWS and on-premise
VPC<—–>[VPG]—-(vpn)—–[CG]
VPC1,2,3<—->[TG]—-(vpn)—–[CG]
(Internet)——-[IG]<——>VPC
What is EFS scope
EFS can be accessed within the same region across all AZs
Budget types under Budgets
Cost Budget
Usage Budget
RI Utilization Budgets
RI coverage budgets
Savings Plans utilization budgets
Savings Plans coverage budgets
S3 Storage Classes
S3 Standard
S3 Intelligent-Tiering (less availability)
S3 Standard-IA (>=30 days storage duration, retrieval fees, (less availability))
S3 One Zone-IA (>=30 days storage duration, retrieval fees, (least availability))
S3 Glacier Instant Retrieval (>=90 days storage duration, retrieval fees, (less availability))
S3 Glacier Flexible Retrieva(>=90 days storage duration, retrieval fees)
S3 Glacier Deep Archive(>=180 days storage duration, retrieval fees)
Less Availability= 2 3 4 5
Retreival Fee = 3 4 5 6 7
Min storage duration = 3 4 5 6 7
Min Capacity Charge = 3 4 5 6 7
VPN
Site-to-Site VPN for hybrid connectivity and Client VPN for remote workforce access
Route 53 routing policies
Simple routing
Geolocation routing
Weighted routing
Failover routing
Underutilization check using which service
Trusted Advisor and Cost Explorer
Create Alerts using which service
AWS CloudWatch, AWS Budgets, AWS EventBridge, AWS User Notifications
Tags
For each resource, each tag key must be unique, and each tag key can have only one value
You must activate both AWS generated tags and user-defined tags separately before they can appear in Cost Explorer or on a cost allocation report
Separate invoices for different departments
Create separate AWS accounts
GeoLocation Vs GeoProximity
Geolocation routing policy — Use when you want to route traffic based on the location of users.
Geo-proximity routing policy — Use when you want to route traffic based on the location of your resources and optionally switch resource traffic at one location to resources elsewhere
OpsWork Vs CloudFormation
Application Deployment Vs IaaS
Kinesis data stream
vs
data analytics
vs
client library
vs
data firehose
Capture, process and store(Ingestion service) data for consumers
vs
Analytical service using SQL service
vs
Analytical service using SQL KCL (more complex than Anlytical service)
vs
ETL service to load data in data lakes, data stores, and analytics services
AWS Cost Explorer Vs AWS Bills Vs AWS Reports
AWS cost explorer gives graphical representation but others not
AWS Billing Conductor
Vs
AWS Cost Explorer
Vs
AWS Cost and Usage Report
Vs
AWS Organization
Grouping of accounts for billing and apply custom pricing plans
Vs
Visualize, understand, forcast and manage your AWS costs and usage over time
Vs
Publish your AWS billing reports to an Amazon Simple Storage Service (Amazon S3) bucket that you own. Reports that break down your costs by the hour or day, by product or product resource, or by tags that you define yourself
Vs
If you create multiple accounts, you can use the consolidated billing feature of AWS Organizations to combine all your member accounts under one management account and receive a single bill
FSx vs EFS
FSx is designed for Windows workloads, offering fully managed Windows file systems, including Windows-native features like Active Directory integration and Windows ACLs (Access Control Lists).
Vs
EFS is a managed Network File System (NFS) for Linux-based workloads
IoT Greengrass vs IoT Core
IoT Core operates in the cloud, while Greengrass is designed for edge computing, allowing devices to perform computations locally
Synchronous Vs Asynchronous Replication
Multi-AZ deployment Vs Read Replicas
Routing Table vs ACLs
Route tables control traffic between subnets, specifying how packets should flow within a VPC.
ACLs, acting as subnet-level firewalls, determine which packets are allowed to flow in and out of subnets.
Route tables focus on routing decisions, directing traffic based on destination IP addresses.
ACLs control traffic based on rules, specifying allowed or denied communication between subnets.
AWS Data Pipeline vs AWS SQS
Automates the movement and transformation of data, allowing users to define data-driven workflows
Vs
scalable and fully managed message queuing service for decoupling components of a cloud application, ensuring reliable and asynchronous communication
AWS Managed services vs professional services
Managed services are ongoing and typically contracted, addressing daily IT needs comprehensively
Vs
Professional services offer expertise for specific projects, ensuring optimal implementation and functionality
AWS Audit Manager Vs Security Hub
Security Hub conducts automated security checks aligned to different industry and regulatory frameworks. Audit Manager automatically collects the findings generated by these Security Hub checks as a form of evidence and combines them with other evidence, such as AWS CloudTrail logs, to help customers generate assessment reports
It is cloud security posture management (CSPM) service
Audit Manager helps you manage stakeholder reviews of your controls and enables you to build audit-ready reports with much less manual effort
AWS Audit Manager Vs Inspector
AWS Audit Manager: Assists in continuous auditing of AWS usage, automating evidence collection to assess policy compliance and control effectiveness.
Vs
AWS Inspector: A vulnerability management tool that analyzes AWS workloads, identifying network exposure and software vulnerabilities.
AWS workspaces vs appstream
AWS WorkSpaces is a fully managed desktop-as-a-service (DaaS) solution that lets you provide virtual desktops to your users
Vs
AWS AppStream is a fully managed application streaming service that lets you stream desktop applications to any computer running a web browser
AWS PrivateLink Vs AWS DirectConnect
Connects VPCs (using VPC endpoints) to AWS Services or other VPCs in private network connection.
Vs
Connects On-Premise to AWS in private network connection
Stateless Vs Stateful
Configure and more control
Vs
Ready configured and less control
EC2 Image Builder Vs AMI
Service facilitating automated creation, management, and deployment of machine and container images. It simplifies the creation of virtual machines
Vs
Snapshot of an EC2 instance that includes the operating system and application software
EC2 Image Builder can distribute AMIs or container images to any AWS Region
AWS Manage Parameter Store Vs Secrets Manager
Designed for centralizing configuration data with only one version and with or without encryption using KMS (Mostly non secret data and no additional charge)
Vs
Securely storing and managing sensitive information, such as API keys and database credentials which always encrypted with multiple versions(additional charge)
PCSFS ( Trusted Advisor)
EALS (CAF Life Cycle)
BGPPOS (CAF)
TPOP (CAF Domains)
CORPSS (Well Architected Framework)
Performance, Cost, Security, Fault Tolerance, Service Limits
Envision, Align, Launch, Scale
Business, Governance, People, Platform, Operations, Security
Technology, Process, Organization, Product
Cost Optimization, Operational Excellence, Reliability, Performance Efficiency, Security and Sustainability
AWS Owned
Vs
AWS Managed
Vs
Customer Managed keys
Encryption keys owned by AWS and NOT stored in customer account and used across multiple customer accounts and stored under default key store. Customer cannot access it
Vs
Encryption keys created, managed, and used on your behalf by an AWS service that is integrated with AWS KMS and stored in customer account under default key store. Customer can access it.
Vs
Encryption keys you create, own, and manage and stored in customer account under custom key store. Customer can access it.
AWS Cognito Vs AWS Identity Center
Social Media Integration and access for Mobile and Web based apps
Vs
Centralized access and Workforce identity management
In short, Amazon Cognito is identity management solution for developers building B2C or B2B apps for their customers, which makes it a customer-targeted IAM and user directory solution.
Vs
AWS SSO is focused on SSO for employees accessing AWS and business apps, initially with Microsoft AD as the underlying employee directory.
Application Discovery Vs Migration Service
Discover on-premises applications to streamline migration
Vs
Automate application migration and modernization
TAM
Vs
Partner Network
Vs
Managed Service Provider(MSP)
Vs
Professional Services
TAM provide architectural and operational guidance under enterprise support plans
Vs
Consists of MSP(Overall), Competency Partners(Technical) , Service Partners(s/w products) and consulting partners (advisory)
Vs
MSP provide end-to-end AWS solutions and services at any stage of the cloud journey
Vs
During cloud Adoption stage provide professional service
AWS Backup
Vs
Data Sync
Vs
Storage Gateway
Automated backup service within AWS
Vs
Onpremise to AWS sending of data over internet
Vs
Accessing AWS storage services on premise + data back capabilities
AWS GuardDuty Vs AWS Detective
RealTime Threat Detection Vs Post Incident Analysis
