Design High-Performing Architectures

Question 1

You have just started work at a small startup in the Seattle area. Your first job is to help containerize your company’s microservices and move them to AWS. The team has selected ECS as their orchestration service of choice. You’ve discovered the code currently uses access keys and secret access keys in order to communicate with S3. How can you best handle this authentication for the newly containerized application?

Answer 1

Attach a role with the appropriate permissions to the task definition in ECS.

It’s always a good idea to use roles over hard-coded credentials. One of the best parts of using ECS is the ease of attaching roles to your containers. This allows the container to have an individual role even if it’s running with other containers on the same EC2 instance.

Question 2

A pharmaceutical company has begun to explore using AWS cloud services for their computation workloads for processing incoming orders. Currently, they process orders on-premises using self-managed virtual machines with batch software installed. The current infrastructure design does not scale well and is cumbersome to update. In addition, each processed batch job takes roughly 30-45 minutes to complete. The processing times cannot be reduced due to the complexity of the application code, and they want to make the new solution as hands-off as possible with automatic scaling based on the number of queued orders.

Which AWS service would you recommend they use for this application design that best meets their needs and is cost optimized?

Answer 2

AWS Batch

AWS Batch is perfect for long-running (>15 minutes) batch computation workloads within AWS while leveraging managed compute infrastructure. It automatically provisions compute resources and then optimizes workload distribution based on the quantity and scale of your workloads.

Question 3

You have just been hired by a large organization which uses many different AWS services in their environment. Some of the services which handle data include: RDS, Redshift, ElastiCache, DynamoDB, S3, and Glacier. You have been instructed to configure a web application using stateless web servers. Which services can you use to handle session state data?

Answer 3

Elasticache and DynamoDB both can be used to store session data.

Amazon RDS can store session state data. It is slower than Amazon DynamoDB, but may be fast enough for some situations.

Question 4

A fully managed service for loading streaming data into AWS. It’s designed to make it easy to capture, transform, and load streaming data into data lakes, data stores, and analytics tools.

Answer 4

Amazon Kinesis Data Firehose

It can capture, transform, and deliver streaming data to Amazon S3, Amazon Redshift, Amazon OpenSearch Service (formerly known as Amazon Elasticsearch Service), generic HTTP endpoints, and service providers like Datadog, New Relic, MongoDB, and Splunk.

Question 5

A time-series forecasting service that uses machine learning and provides business insights.

Answer 5

Amazon Forecast

Question 6

A fully managed service that allows you to build and run applications that use Apache Kafka to process streaming data. Kafka is often used for real-time streaming of data pipelines and streaming analytics.

Answer 6

Amazon Managed Streaming for Apache Kafka (MSK)

Question 7

A fully managed integration service that enables secure transfer of data between Software as a Service (SaaS) applications like Salesforce, Marketo, Slack, and AWS services like S3 and Redshift, in real time.

Answer 7

AWS AppFlow

Question 8

A managed message broker service for Apache ActiveMQ and RabbitMQ that makes it easy to set up and operate message brokers in the cloud.

Answer 8

Amazon MQ

Amazon MQ supports industry-standard APIs and protocols for messaging, including JMS, NMS, AMQP, STOMP, MQTT, and WebSocket. This means you can easily migrate your existing applications to the service without having to rewrite code.

Question 9

A logical grouping of instances within a single Availability Zone.

Answer 9

A cluster placement group

A cluster placement group can span peered VPCs in the same Region. Instances in the same cluster placement group enjoy a higher per-flow throughput limit for TCP/IP traffic and are placed in the same high-bisection bandwidth segment of the network.

Question 10

A group of instances that are each placed on distinct underlying hardware.

Answer 10

Spread Placement Groups

Spread placement groups are recommended for applications that have a small number of critical instances that should be kept separate from each other. They ensure that instances are placed on distinct racks, with each rack having its own network and power source.

Question 11

A group of instances that are separated into logical segments, called partitions. Each partition has its own set of racks. Each rack has its own network and power source.

Answer 11

Partition Placement Groups

Partition placement groups are recommended for large distributed and replicated workloads, such as Hadoop, Cassandra, and Kafka.

Question 12

____________ are a way to influence the distribution of instances, which can help in optimizing for latency, throughput, or resilience.

Answer 12

Placement Groups

You can’t merge placement groups or move an instance from one placement group to another after it’s been launched.

But you can create an AMI from your instance, launch a new instance from the AMI into a placement group, and then terminate the original instance.

Question 13

__________ allows businesses and developers to convert media files from their original source format into versions that are optimized for various devices, such as smartphones, tablets, and PCs.

Answer 13

Amazon Elastic Transcoder

Question 14

__________ is a NoSQL database that supports key-value and document data models, and enables developers to build modern, serverless applications that can start small and scale globally to support petabytes of data and tens of millions of read and write requests per second.

Answer 14

Amazon DynamoDB

DynamoDB is designed to run high-performance, internet-scale applications that would overburden traditional relational databases

Question 15

An OLAP database service that is designed for online analytic processing and business intelligence applications

Answer 15

Amazon Redshift

It provides powerful query and data manipulation capabilities with high performance and scalability.

Near real-time complex querying on massive data sets.

Question 16

Supports various database engines like MySQL, PostgreSQL, Oracle, MariaDB, and SQL Server, as well as Amazon’s own Aurora.

Answer 16

Amazon RDS (Relational Database Service)

Question 17

A MySQL and PostgreSQL-compatible relational database built for the cloud that combines the performance and availability of traditional enterprise databases with the simplicity and cost-effectiveness of open source databases.

Answer 17

Amazon Aurora

Question 18

An interactive query service that makes it easy to analyze data directly in Amazon S3 using standard SQL.

Answer 18

Amazon Athena

Question 19

___________ is a web service that makes it easy to deploy, operate, and scale an in-memory data store or cache in the cloud. The service improves the performance of web applications by allowing you to retrieve information from fast, managed, in-memory data stores, instead of relying entirely on slower disk-based databases.

Answer 19

ElastiCache

There are two types of ElastiCache available: Memcached and Redis.

Question 20

A data transfer service that simplifies, automates, and accelerates moving and replicating data between on-premises storage systems and AWS storage services, or between two AWS storage services.

Answer 20

AWS DataSync

Key Features of AWS DataSync:

DataSync automatically handles many of the tasks related to data transfers that can slow down migrations or burden your IT operations.
It uses a purpose-built protocol with built-in validation to ensure data integrity.
DataSync can be used for data migration, transfer for in-cloud processing, and replicating data for business continuity.

Question 21

A hybrid storage service that enables your on-premises applications to seamlessly use AWS cloud storage.

Answer 21

AWS Storage Gateway

(File Gateway, Volume Gateway, and Tape Gateway)

Storage Gateway integrates with your existing applications via standard storage protocols.
It provides low-latency access to data through transparent local caching.
Storage Gateway can be used for moving backups to the cloud, using on-premises file shares backed by cloud storage, and providing low latency access to datasets.

Question 22

A service that brings AWS services to the edge of the 5G network, minimizing the latency when connecting to an application from a mobile device.

Answer 22

AWS Wavelength

Wavelength enables developers to build applications that deliver single-digit millisecond latencies to mobile devices and end-users.

Question 23

A fully managed service that extends AWS infrastructure, AWS services, APIs, and tools to virtually any datacenter, co-location space, or on-premises facility for a truly consistent hybrid experience.

Answer 23

AWS Outposts

The actual Outposts hardware is a rack that is very similar to those found in AWS data centers, which comes fully loaded with compute, storage, and networking.

Question 24

A service provided by AWS to help with migrating applications to AWS. It’s designed to simplify, expedite, and reduce the cost of migrating applications to AWS without requiring significant changes to the applications being migrated.

Answer 24

AWS MGN (Application Migration Service)

AWS MGN is the recommended service for lift-and-shift migrations to AWS.

Question 25

A service provided by AWS to help you migrate databases to AWS easily and securely. The source database remains fully operational during the migration, minimizing downtime to applications that rely on the database.

Answer 25

AWS DMS (Database Migration Service)

AWS DMS can migrate your data to and from most widely used commercial and open-source databases such as Oracle, PostgreSQL, Microsoft SQL Server, Amazon Redshift, Amazon Aurora, MariaDB, and MySQL

AWS DMS is typically used for database migrations but can also be used for continuous data replication with and without ongoing changes, as it provides both one-time migration and continuous replication capabilities.

Question 26

An AWS offering that simplifies the process of migrating on-premises workloads to AWS. It’s designed to automate, schedule, and track incremental replications of live server volumes, making it easier to coordinate large-scale server migrations.

Answer 26

AWS Server Migration Service (SMS)

AWS Server Migration Service is generally best suited for larger-scale migration projects where you need to move multiple on-premises servers to the AWS Cloud.