EC2 Flashcards
<p><p>What is the use case for C4 instances?</p></p>
<p><p>CPU intensive apps or databases</p></p>
<p><p>What is a cloud watch dashboard?</p></p>
<p><p>a page of customized charts which provide data on cloud watch monitoring</p></p>
<p><p>What is CORS?</p></p>
<p><p>Cross Origin Resource Sharing
When one AWS resource needs to access another AWS resorts which uses a different domain name, you must enable CORS for it to work</p></p>
<p><p>What are the five EBS volume types?</p></p>
<p><p>General purpose SSD (GP2) for up to 10,000 IOPS
Provisioned IOPS SSD (IO1) For more than 10,000 IOPS
Throughput optimized HDD (ST1) used for big data, data warehouses - cannot be a boot volume
Cold HDD (SC1) lowest cost storage for infrequently accessed workloads
Magnetic (standard) lowest cost per gigabyte. I deal for workloads when data is accessed in frequently and applications with the lowest storage cost is important
</p></p>
<p><p>What file system is supported by EFS?</p></p>
<p><p>NFS version 4</p></p>
<p><p>True or false: Groups can assume roles</p></p>
<p><p>False</p></p>
<p><p>What is the use case for G2 instances?</p></p>
<p><p>Video encoding, 3d application streaming</p></p>
<p><p>What is an ec2 dedicated host?</p></p>
<p><p>It is a physical ec2 server dedicated for use. It allows you to use existing server – bound software licenses</p></p>
<p><p>What is the difference between basic monitoring and detailed monitoring on an instance?</p></p>
<p><p>Basic monitoring pings the instance every five minutes while detailed monitoring is every minute and encourages additional charges</p></p>
<p><p>What is the use case for M4 instances?</p></p>
<p><p>Application servers</p></p>
<p>Which type of ELB supports TCP protocol?</p>
<p>Classic Load Balancer</p>
<p><p>True or false: it is recommended that instances within a placement group are homogenous</p></p>
<p><p>True</p></p>
<p><p>What command do you type from the CLI to retrieve instance metadata?</p></p>
<p><p>Curl http://169.254.169.254/latest/meta-data
This retrieves a list of variables that can be added to the command, such as
/public-ipv4</p></p>
<p><p>How can you move an EBS volume from one region to another</p></p>
<p><p>Create a snapshot of the first volume then make a copy of the snapshot which you can designate for another region, Then you create an image from that copied snapshot</p></p>
<p><p>True or false: there is a many to many relationship between instances and security groups</p></p>
<p><p>True</p></p>
<p><p>True or false: elastic load balancers can be called using a public IP address</p></p>
<p><p>False. You must use the DNS name associated with the load balancer, as Amazon does not publish the public IP for load balancers</p></p>
<p><p>Explain Amazon EBS</p></p>
<p><p>Elastic Block Store allows you to create storage volumes and attach them to EC2 instances</p></p>
<p><p>What is Amazon Polly?</p></p>
<p><p>It is a text to audio translation service</p></p>
<p><p>Can you share encrypted Snapshots?</p></p>
<p><p>No, because the keys are associated with your account</p></p>
<p><p>What is the CLI?</p></p>
<p><p>AWS Command Line</p></p>
<p><p>Can you assign an IAM role to an ec2 instance that is already running?</p></p>
<p><p>Yes</p></p>
<p><p>Explain on-demand ec2</p></p>
<p><p>It allows you to pay a fixed rate by the hour or by the second with no time commitment</p></p>
<p><p>What kind of instance is best for data warehousing and NoSQL database?</p>
</p>
<p><p>I2</p>
| </p>
<p><p>Do EBS Snapshots exist on S3?</p></p>
<p><p>Yes</p></p>
What is the difference between EFS and EBS/S3 in terms of provisioning storage?
S3 and EFS allocate storage based on your usage, while EBS volumes need the size to be pre-defined
True or false: Termination Protection is turned on by default for new instances
False
What is an IAM role?
An entity that defines a set of permissions for making AWS service requests
Describe the two ways in which lambda is used
1. As an event driven compute service where AWS lambda runs your code in response to events. These events could be changes to data in an Amazon S3 bucket or an Amazon Dynamo DB table. 2. As a compute service to run your code in response to HTTP requests using Amazon API gateway or API calls made using AWS SDKs
Which EBS volume types can be used as boot volumes?
SSD General purpose (GP2) SSD provisioned IOPS (IO1 HDD Magnetic
What are some differences between EBS volumes and Instance Store volumes?
EBS volumes can be backed up with snapshots EBS volumes can be removed from instances and reattached to other instances EBS volumes support encryption EBS volumes preserve their data through instant stops and terminations Instance store volumes can’t be stopped at all, only rebooted
True or false: users can assume service – linked roles
False
What is the use case for I2 instances?
NoSQL databases, data warehousing
Explain “serverless“ as it applies to Lambda
It means that there is no server or infrastructure required to run code in a lambda function
What are the five different EBS volume types?
SSD, general purpose - GP2 SSD, provisioned IOPS - IO1 HDD, throughput optimized - ST1 HDD, Cold, - SC1 HDD magnetic, low cost
```Can you associate multiple IAM roles with an instance?
No. An instance can only be associated with one IAM role at a time
When launching a new instance from an instance store AMI, can you add instance store volumes after it is created?
No. After the instance is created you can still attach additional EBS volumes, but not instance store volumes. You can still add instance store volumes to the instance before it is initially launched
True or false: roles incur additional charges
False. IAM roles are free of charge
What is the use case for F1 instances?
Hardware acceleration
Do EBS volumes exist on S3?
No
What is the use case for D2 instances?
File servers, data warehousing, Hadoop
What traffic is blocked and allowed by default in a security group?
By default, all inbound traffic is blocked, and all outbound traffic is allowed
What is the best instance type for video encoding and 3D application streaming?
G2
|What is the data consistency model for EFS?
Read after Write, same as S3
What is Lambda?
A compute service where you can upload your code and create a Lambda function. Lambda takes care of provisioning and managing the servers that you use to run the code. You don’t have to worry about operating systems, patching, scaling etc.
What kind of instance is best for Machine learning?
P2
|True or false: a placement group can span multiple availability zones
False
Describe cloud watch alarms
Cloud watch alarms allow you to notify or otherwise take action when a metric reaches a certain threshold which you define
What are the two different AMI root volume types?
EBS volumes and Instance Stores
Can you encrypt the root volume of an instance?
Not by default, although you can use third-party tools such as bit locker to encrypt the route volume, or you can create your own AMI with an encrypted root volume and use that for your instance
What are cloud watch logs?
Cloud watch logs allow you to store your applications log data in adorable and cost-effective storage which you can then monitor within AWS
How long does it take for changes to security groups to affect instances using that security group?
Security group changes should affect instances that use it immediately
Explain Spot Instances
Spot instances allow you to set a bid price for ec2 instances, and you are only provided those instances when the price meets your bid price.
What is the use case for T2 instances?
Web servers, small databases, development
True or false you can switch a load balancer from one type to another
False
Explain the differences between S3 EFS and EBS
S3 is like dropbox. It is file based storage only, and best used for worm throughput (write once read many) EBS is essentially a hard disk that can be attached to an instance. It is much more expensive than S3 but has very high throughput speeds. It is Block based storage so it is designed for operating systems and data bases with large amounts of reads and writes EFS is also like a hard drive, and is Block based like EBS, but with EFS it is automatically scaled based on usage and unlike EBS many instances can be attached to a single EFS volume, where as there is a one to one relationship between instances and EBS volumes.
What programming languages do lambda functions support?
Node.JS Python Java C-sharp
True or false: Root volumes on instances can be encrypted
False. You cannot encrypt the route volume of an instance, though you can encrypt additional volumes add it to it
True or false: To create a snapshot for EBS volumes that serve as root devices, you should stop the instance before taking the snapshot.
True
What is another common term for availability zone?
Subnet
What is a service-linked role?
A type of role that links to an AWS service such that only the linked service can assume the role
Does lambda scale out or up, and what does that mean exactly?
Lambda functions scale out, meaning they will generate as many instances of a function as necessary depending on how many users are calling that function. (Scaling up means an addition of resources such as more storage or ram)
Please enumerate the list of 13 available lambda triggers
API Gateway AWS IOT Alexa skills kit Alexis smart home Cloud front Cloud watch events Cloud watch logs Code commit Cognito sync trigger Dynamo DB Kinesis S3 SNS
```Do auto scaling groups span multiple availability zones within a region
They do if you add the subnets when creating the autoscaling group.
What problems do IAM roles solve?
They allow you to delegate access with defined permissions to trusted entities without having to share long-term access keys
If you terminate a spot instance, do you pay for the hour?
Yes
True or false: you can change EBS volumes on the fly, including changing the size and storage type
True
Are roles associated with specific users or groups?
No, trusted and it is assume roles such as users, applications, or AWS services such as ec2
What is the difference between EFS and EBS in terms of attaching to instances?
EFS storage could be attached to multiple ec2 instances simultaneously. EBS volumes can only be attached to one instance at a time.
True or false: lambda functions can operate globally
Lanbda functions can operate globally, though they are created and stored in a specific region
What does EBS stand for?
Elastic Block Store
Can volumes be attached to instances residing in a different availability zone?
No
True or false: Snapshots of encrypted volumes are not also encrypted
False.Snapshots of encrypted volumes are encrypted automatically
What is the maximum duration for a lambda function?
Five minutes
What are cloud watch events?
Cloud watch events allow you to set up actions to be taken when certain things happen with your AWS resources such as invoking a lambda function to update DNS entries when an ec2 instance boots up
What is a Security Group?
Set a firewall rules that control the traffic for an instance.
True or false: roles are associated with specific regions
False. Roles are global across the account
True or false: lambda functions can call other lambda functions
True
How do you move EBS volumes from one availability zone to another?
You create a snapshot of the EBS volume, and then you can create a new volume in the new availability zone using that snapshot
What does ARN stand for?
Amazon Resource Name
If AWS terminates a spot instance because the price went above your bid price, do you pay for the hour portion that you had the instance?
No
Can you have two placement groups in an account that have the same name?
No. All placement groups within an account must have a unique name
When you delete an instance, what happens to any EBS volumes attached to it?
If “delete on termination“ is checked, the volume will be deleted. This is the default setting
What is the use case for X1 instances?
SAP HANA, Apache Spark
Are security groups stateful or stateless, and what does that mean exactly?
Security groups are stateful, which means that inbound rules will apply to outbound traffic
True or false: A public AMI can only be used to launch an EC2 Instance in the same region as the AMI
True
How do you block a specific IP address using security groups?
You can’t. Instead you have to use Network Access Control Lists
What are the four different trusted entity types for IAM roles?
Service roles Roles for other AWS accounts Web identity SAML federation
What is the difference between a role and a user?
Users have permanent long-term credentials and are used to directly interact with AWS services. Roles do not have any credentials and cannot make direct requests to AWS services, but instead are meant to be assumed by authorized entities such as users, applications, or services such as ec2
What is the difference between cloud watch and cloud trail?
Cloud watch is used for logging and monitoring your performance of AWS resources Cloud trail is used for auditing and provides history for all activity in your account
How many Elastic IP addresses are allowed per EC2 instance?
5
What kind of instances are best for SAP HANA or Apache Spark?
X1
|What is a Placement Group
A logical grouping of instances within a single availability zone. Placement groups are recommended for applications that benefit from low latency, high network throughput, or both
What is the use case for P2 instances?
Machine learning
What is an Elastic Load Balancer?
A virtual appliance which will spread the load of your traffic across different Web servers
What are the four different EC2 instance types
On demand Reserved Spot Dedicated host
What four types of metrics are available by default in cloud watch?
CPU related Disc related Network related Status checks
What is an Autoscaling Group?
A collection of instances which can automatically be added to or subtracted from using auto scaling groups, intended to ensure good performance with traffic spikes and redundancy in case of failures
When would you want to use instance store volumes instead of EBS volumes?
Instance store volumes are meant to be used as scratch space for running processing, not long-term storage it is much less in expensive than building EBS volumes, and if you don’t need the volume to be persistent after it is done processing, it is better to use instance store which is then deleted
Explain reserved ec2
It provides you with a capacity reservation and offers a significant discount on the hourly charge for instance. Terms are for one year or three years
True or false: you can mount an EBS volume to more than one EC2 instance
False. EBS volumes can only be mounted to a single ec2 instance
Please list all the EC2 instance types
D2 - Dense Storage R4 - Memory (RAM) optimized M4 - General purpose C4 - Compute optimized G2 - Graphics intensive I2 - High speed storage F1 - Field Programmable Gate Array T2 - Lowcost, general purpose ("test") P2 - Graphics/General purpose GPU X1 - Memory Optimized
```What is an AMI?
Amazon Machine Image Snapshots of virtual machines that you can provision and boot up as ec2 instances
How do you prevent instances from being terminated?
You can set Termination Protection to True which will prevent instances from being terminated. In order to terminate such an instance, you need to change the termination protection setting to false
What is the use case for R4 instances?
Memory intensive apps or databases (RAM)
What is a Launch Configuration?
A template for an instance, which can be used by an Autoscaling Group to provision new instances as needed
True or false: an instance can have more than one security group
True
Can you use existing instances in a placement group?
No. You can create an AMI then launch a new instance from that into the placement group
How often is cloud watch data collected?
The standard is every 5 minutes, or detailed monitoring every minute, which has added chrges
True or false: It is possible to mount an EBS volume from one availability zone to an instance residing in another availability zone
False. EBS volumes must reside in the same availability zone as the instances they are attached to
What does ec2 stand for?
Elastic Compute Cloud
What are the three different types of elastic load balancers and how are they different?
Application load balancer Network blood balancer Classic load balancer
True or false: security groups can deny traffic as well as allow it
False. Security groups can only allow traffic, it cannot deny it
