Core Services - Detailed Flashcards
What is a VPC
VPC stands for Virtual Private Cloud. APC allows you to create a secure private network in the AWS cloud where you launch your resources
What are the main components of a VPC?
NACL, Router, Route Table, Internet Gateway
What is an NACL?
NETWORK ACL, Access control lists (ACLs) ensure the proper traffic is allowed into the subnet.
What is a Router and a Route Table?
A Router and a Route Table define where network traffic is routed.
What is an Internet Gateway?
An Internet Gateway allows public traffic to the internet from a VPC
What is a VPC like?
A VPC is like a fence
What does an internet gateway do?
It allows traffic to the public internet
What does peering do?
It allows you to connect 2 VPCs together
What is an AZ
An AZ stands for availability zone. AZs consist of one or more physically separated data centres, each with redundant power, networking and connectivity, housed in separate facilities
An AZ has one or more discrete data centers but the exact number in each is not disclosed by AWS
An AZ contains the servers you’re renting and it’s where you deploy your applications
An AZ is associated with a single region
What is Route 53
Route 53 is a DNS service that routes users to applications. It performs health checks on AWS resources and supports a HYBRID MODEL
What is Direct Connect
Direct Connect is a dedicated physical network connection from your on-premises data center to AWS. It supports a HYBRID MODEL
What is site-to-site VPN
Site-to-site VPN creates a secute connection between your internal networks and your AWS VPCs. It supports a HYBRID MODEL.
What is API Gateway
API Gateway allows you to build and manage APIs
What is a virtual private gateway?
Virtual Private Gateway is the VPN connector on the AWS side
What is a customer gateway?
Customer Gateway is the VPN connector on the client side
Name the available AWS databases
RDS, Aurora, DynamoDB, DocumentDB, ElastiCache, Neptune
Name the AWS Analytics Services
Redshit, Athena, AWS Glue, Kinesis, EMS, Data Pipeline, QuickSight
What is Redshift
Redshift is an analytics service. Redshift is a scalable data warehouse solution
What is Athena?
Athena is a query analytics service for Amazon S3
What is AWS Glue?
AWS Glue prepares your data for analytics
What is Kinesis?
Kinesis is an analytics service that allows you to analyze data and video streams in real time.
What is EMR?
EMR (Elastic Map Reduce) allows you to process large amounts of data
What is Data Pipeline?
Data pipeline is an analytics service that helps you move data between compute and storage services running either on AWS or on-premises.
What is QuickSight?
QuickSight is an analytics service that helps you visualize data using dashboards
What are the Machine Learning services in AWS?
Rekognition, Comprehend, Polly, SageMaker, Translate, Lex
What is Rekognition
Rekognition is a machine learning service that allows you to automate your image and video analysis
What is Comprehend?
Comprehend is a natural-language processing (NLP) service that finds relationships in text.
What is Polly?
Polly turns text into speech
What is SageMaker?
SageMaker is a machine learning service that helps you build, train and deploy machine learning models quickly.
What is Translate?
Translate is a machine learning service that provides language translation
What is Lex?
Lex is a machine learning service that helps you build conversational chatbots. Alexa uses Lex.
Access control list (ACL)
A firewall/security layer on the subnet level
Buckets
root-level “folders”
Auto scaling
Automates the process of adding or removing EC2 instances based on traffic demand for your application
CloudFront
Content delivery network (CDN) that allows you to store your content at “edge locations” located all around the world, allowing customers to access your content more quickly
CloudTrail
Allows you to monitor all actions taken by IAM users
CloudWatch
Service that allows you to monitor various elements of your AWS account
Consolidated billing
Allows you to view, manage, and pay bills for multiple AWS accounts in one user interface
DNS server
A database of website domains and their corresponding IP addresses
DynamoDB
NoSQL database service that does not provide other NoSQL software options
EBS
Elastic Block Store (EBS) - Provides persistent block storage volumes for use of EC2 instances.
EC2
Elastic Compute Cloud (EC2): A virtual computer, very similar to a desktop/laptop computer
ELB
Elastic Load Balancing (ELB): Evenly distributes traffic between EC2 instances that are associated with it
ElastiCache
Data caching service used to help improve the speed/performance of web applications running on AWS
Elasticity
The ability of a system to increase and decrease in size
Fault tolerance
Property that enables a system to continue operating properly in the event of the failure of one or more components
Firewall
A type of software that either allows or blocks certain kinds of internet traffic to pass through it
Folder
Any “subfolder” created in a bucket
High availability
Refers to systems that are durable and likely to operate continuously without failure for a long time
IAM users
Individuals who have been granted access to an AWS account
IAM
Identity and Access Management (IAM): Service where AWS user accounts and their access to various AWS services are managed
Lambda
Lambda: Serverless computing that will replace EC2 instances, for the most part
Object availability
Percent over a one-year time period that a file stored in S3 will be accessible
Object durability
Percent over a one-year time period that a file stored in S3 will not be lost
Object lifecycle
Set rules to automatically transfer objects between storage classes at defined time intervals
Object sharing
Ability to make any object publicly available via a URL link
Object versioning
Automatically keep multiple versions of an object (when enabled)
Organizations
Allow you or your company access to manage billing and access to multiple AWS accounts in one user interface
Principle of least privilege
Giving a user only the rights/access to the AWS services and resources they need to do their job and nothing more
Publishers
Human/alarm/event that gives SNS the message that needs to be sent
RDS
Relational Database Service (RDS): SQL database service that provides a wide range of SQL database options to select from
RedShift
Data warehouse database service designed to handle petabytes of data for analysis
Roles
How different AWS services are granted permission to communicate and share data
Route 53
Where you configure and manage web domains for websites or applications you host on AWS
Scalability
The ability of a system to easily increase in size and capacity in a cost-effective way
Security group (SG)
Firewall/security layer on the server/instance level
Shared responsibility model
Defines what you and AWS are responsible for when it comes to security and compliance
SNS
Simple Notification Service (SNS): AWS service that allows you to automate the sending of email or text messaging notifications based on events that happen in your AWS account
S3
Simple Storage Service (S3): Online bulk storage service you can access from almost any device
Storage class
Represents “classification” assigned to each object in S3 (standard, RRS, S3-IA, Glacier)
Subnet
A subsection of a network and generally includes all the computers in a specific location
Subscriptions
Endpoints to which a topic sends messages
Topics
How you label and group different endpoints to which you send messages
Trusted Advisor
Service that “advises” and helps you optimize aspects of your AWS account
User credentials
IAM user’s username and password for logging in to AWS
VPC
Virtual Private Cloud (VPC): A private subsection of AWS you control and in which you can place AWS resources
List the 6 advantages of cloud computing
- Trade Capital Expense (CapEx) for variable expense
- Benefit from massive economies of scale
- Stop guessing capacity
- Increase speed and agility
- Stop spending money managing infrastructure and datacentres
- Go global in minutes
List the 4 benefits of cloud computing
Think HEAD
High Availability
Elasticity
Agility
Durability
What is the difference between CapEx and OpEx
Capital expenditures are a company’s major, long-term expenses while operating expenses are a company’s day-to-day expenses. Examples of CapEx include physical assets, such as buildings, equipment, machinery, and vehicles. Examples of OpEx include employee salaries, rent, utilities, and property taxes.
What are the 3 common cloud computing models
Iaas - e.g. ec2, or a company hosting your website
Saas - e.g. A complete product run by the service or software provider - e.g. Gmail, Sagemaker
PaaS - e.g. A service provided by cloud providers that lets you develop without having to install anything - Cloud9, or a service provider giving you the tools to build a storefront website
What are the 3 cloud computing deployment types
Private Cloud - ON-premises!, exists in your internal datacentre, doesn;t offer cloud computing advantages
Public Cloud - AWS - Advantages of cloud computing, you don;t have to mange the underlying hardware
Hybrid Cloud - Secure onprem data - direct connect to AWS where the apps run, or the intermediate position a company may be in as they migrate to the cloud, go through a cloud conversion
What’s a driving force for choosing a parcticular region?
You want to use a region close to your customers for the best performance
How can you protect the root user in your account?
MFA
What privileges does the root user have?
All. You can even delete the account
What are three ways you can access AWS services?
Management console, CLI (programatic access), SDK
Name the core compute services
EC2
AMI
Lambda
Auto Scaling
ELB
Fargate
LightSail
AWS Outposts
AWS Batch
What is ec2 and what can it be used for
Elestic compute. Allows you to rent and manage virtual servers in the cloud
750 compute hrs p/m on free tier plan
Use preconfigured template AMI to launch instance
REal world: deploy a database or a web application on ec2
EC2 Pricing options :
How can you access your ec2 instance?
Acess via AWS management console, secure shell (SSH), ec2 instance connect (EIC) using IAM to control SSH access so you don’t need SSH keys, AWS systems mnager
What is an AMI and how is it used?
Amazon Machine Image - A preconfigured template that you can use to launch an instance
What is AWS Lambda?
Lambda is a serverless compute sevice that lets you run code without managing servers
Serverless compute - Run code
Function, scales automatically, serverless
How can you trigger lambda?
SNS, Direct URL - get more info
What is the Lambda execution timeout?
What is the Lambda pricing model?
What is the free-tier Lambda pricing policy?
What is the free-tier Lambda pricing policy?
What additional compute services are there?
What is AWS Fargate?
AWS Fargate
Serverless compute engine for containers
Allows you to manage containets like DOCKER
SERVERLESS
What is Amazon LightSail?
Amazon Lightsail
Allows you to quickly launch all the resources you need for small projects
Simple screens for people with no cloud experience
Includes a virtual machine, SSD based storage, data transfer, DNS management, and a static IP
Provides a LOW, PREDICTABLE, MONTHLY FEE, as lows as $3.50
What type of applications can Lightsail deploy
Deploy preconfigured applications, like WORDPRESSS websites, at the click of a button
What is lightsail similar too?
(Similar to AWS Quick Starts)
What is AWS Outposts?
Outposts allows you to run cloud services in your internal datacentre
Supports workloads that need to REMAIN ON-PREMISES due to latency or data sovereignty needs
AWS DELIVERS and INSTALLS servers in your internal data center
Used for a HYBRID experience
Have access to the CLOUD SERVICES and APIs to develop apps on-premises
What is AWS batch?
Batch allows you to process large workloads in smaller chunks (or batches)
Runs hundreds and thousands of smaller BATCH PROCESSING jobs
DYNAMICALLY provisions instances based on volume
What are the S3 storage services?
8 Services :
https://docs.aws.amazon.com/AmazonS3/latest/userguide/storage-class-intro.html
S3 Standard
S3 Standard IA (Infrequent Access)
S3 Intelligent Tiering
S3 One Zone-IA (Infrequent Access)
S3 Express One Zone
S3 Glacier Instant Retrieval
S3 Glacier Flexible Retrieval
S3 Glacier Deep Archive
What type of storage is S3?
How much can you store on S3?
How do you get data into S3?
What types of access is allowed for data in S3?
At what level can security be set in S3?
What type of location does S3 use?
How can you track access to your S3 buckets and objects?
What type of protection does S3 have?
What are the 2 different aspects of data accessibility?
What is durability?
What is Amazon S3 standard’s durability level?
What is storage availability in S3?
What is S3 standards availability level?
What are the S3 storage classes?
What are s3 storage class and their availability levels
What are the s3 storage classes protection levels?
When might you use each type of S3 storage class?
What is S3 used for in the real world?
What are the types of Ec2 scaling and what do they do?
What are the benefits of autoscaling?
what is the difference between autoscaling and load balancing?
What types of load balances are there?
What is a region?
A region is a physical location, a collection of AZs
You should setup resources in regions close to your users
Most resources are tied to a specific region
What does AWS Lambda allow developers to do?
Lets developers concentrate on core business logic rather than worring about managing servers
What is the default lambda timeout?
15 minutes
What programming languages does lambda support
Java, Go, PowerShell, Node.js, C#, Python and Ruby
Name the lambda features
Lambda features:
1. Supports popular programming languages liek Java, Go, PowerShell, Node.js, C#, Python and Ruby
2. You author code using your favourite development environment or via the console
3. Lambda can execute your code in response to events
4. Lambda functions have a 15 minute timeout
What is the Lambda pricing model
Lambda Pricing model:
You are chanrged based on duration and number of requests
1. Compute Time
2. Request count
3. Always free - the free usgae tier includes 1 million free requests each month
What is High Availability
Highly available systems are designed to operate continuously without failure for a long time. These systems avoid loss of service by reducing or managing failures.
Elasticity
With elasticity, you don’t have to plan ahead of time how much capacity you need. You can provision only what you need, and then grow and shrink based on demand.
What is Agility
The cloud gives you increased agility. All the services you have access to help you innovate faster, giving you speed to market.
What is durability?
Durability is all about long-term data protection. This means your data will remain intact without corruption.
What are the characteristics of an AZ
Physically separated
Connected through low-latency links
Fault tolerant
Allows for high availability
What are the three main components of the AWS Global strategy?
Regions, AZs, Edge locations
What are edge locations?
Edge locations - way more of them than there are Regions or AZs
They’re not used to run services like compute, instead they cache your web content
They’re like a mini-datacenter, but not used to launch services like EC2 instances, they’re used to CACHE your content which is made possible via CloudFront
Think EDGE/FRONTier -the edge in different places in a cowboy hat and outfit?
Edge locations reduce latency
An Edge Location is used to cache content for speedy delivery
Content delivery network (CDN) and Amazon CloudFront
Reduced latency
An edge location is like a mini datacenter but it doesn’t run your main infrastructure like EC2 instances
What is wavelength zone in AWS?
Wavelength Zones are AWS infrastructure deployments that embed AWS compute and storage services within telecommunications providers’ data centers at the edge of the 5G network, so application traffic can reach application servers running in Wavelength Zones without leaving the mobile providers’ network.
What is local zones in AWS?
AWS Local Zones are a type of AWS infrastructure deployment that place compute, storage, database, and other select services closer to large population, industry, and IT centers, enabling you to deliver applications that require single-digit millisecond latency to end-users.
What are the different EC2 types?
What is AWS Global Accelerator?
What are the ec2 pricing options?
On-Demand
Spot
Reserved Instances
Dedicated Hosts
Savings Plans
What are the differences between the ec2 pricing options?
On-Demand - Pay as you go, fixed price, billed
down to the second based on your instance type, no contract, pay for what you use, for unpredictable workloads.
Spot - 90% savings,cheapest option, let you take advantage
of unused EC2 capacity, request is fulfilled only
if the capacity is available, apps that can survive termination
Reserved Instances - commit to a specific instance type
in a certain region for 1 or 3 years, steady state usage, pay upfront, save up to 75% than on-demand,
Dedicated Hosts - for a physical server
that is fully dedicated to running your instances, use when you want to BYOL, regulatory/compliance requirements around tenancy, save yp to 70% off on-demand,
Savings plans - save up to 72%, savings shared across various computer services (ec2, lambda, fargate), commit to 1 or 3 years compute usage, can lower bill across multiple compute services,