Getting started with AWS Cloud

Question 1

What is the Cloud?

Answer 1

Cloud computing is the on-demand delivery of IT resources over the internet with pay-as-you-go pricing.

Question 2

Name six benefits of Cloud Computing?

Answer 2

1. Pay as you go
2. Benefit from massive economies of scale
3. Stop guessing capacity
4. Increase speed and agility
5. Stop spending money running and maintaining data centers
6. Go global in minutes

Question 3

What is a Region?

Answer 3

Regions are geographic locations worldwide where AWS hosts its data centers. Consists of 2 or more availability zones.

Question 4

How to choose the correct Region?

Answer 4

1. Latency
2. Price
3. Service Availability
4. Data Compliance

Question 5

What is an Availability Zone?

Answer 5

An AZ consists of one or more data centers with redundant power, networking, and connectivity.

Question 6

What is the AWS Management Console?

Answer 6

Web based console GUI.

Question 7

What is the AWS Command Line Interface?

Answer 7

Programmatically access AWS services.

Question 8

What is AWS SDK?

Answer 8

API calls to AWS with familiar programming languages

Question 9

Explain the relationship between Regions, Availability Zones, and Data Centers.

Answer 9

Data Centers are within availability zones and availability zones are within regions.

Question 10

What is an Edge Location?

Answer 10

Used to cacher content closer to end users to reduce latency.

Question 11

What is Redundancy?

Answer 11

the practice of duplicating critical components like servers, storage, or network connections across multiple Availability Zones within a region, ensuring that if one component fails, another can seamlessly take over, preventing data loss and maintaining system availability

Question 12

What are 6 pillars of Well Architected Framework?

Answer 12

O - Operation Excellence
P - Performance Efficiency
S - Security
C - Cost Optimization
R - Reliability
S - Sustainability

Question 13

What is Cloud Formation?

Answer 13

CloudFormation is an infrastructure as code (IaC) service. It helps you model and set up your AWS resources so that you can spend less time managing those resources, and more time focusing on your applications that run in AWS.

Question 14

What is control tower?

Answer 14

AWS Control Tower is a service offered by Amazon Web Services that provides a straightforward way to set up and govern a secure, multi-account AWS environment based on AWS best practices. It’s designed to help organizations quickly establish a well-architected and secure multi-account setup while providing governance and compliance controls.

AWS Control Tower offers a straightforward way to set up and govern an AWS multi-account environment, following prescriptive best practices. AWS Control Tower orchestrates the capabilities of several other AWS services, including AWS Organizations, AWS Service Catalog, and AWS IAM Identity Center, to build a landing zone in less than an hour. Resources are set up and managed on your behalf.

AWS Control Tower orchestration extends the capabilities of AWS Organizations. To help keep your organizations and accounts from drift, which is divergence from best practices, AWS Control Tower applies controls (sometimes called guardrails). For example, you can use controls to help ensure that security logs and necessary cross-account access permissions are created, and not altered.

Question 15

What is Service Catalog?

Answer 15

AWS Service Catalog is a service provided by Amazon Web Services that enables organizations to create, manage, and distribute portfolios of approved products to their end users, who can then access them through a personalized portal. This service is designed to help organizations manage AWS resources more effectively by enforcing governance and compliance while also increasing efficiency and reducing costs.

Question 16

What are SCP

Answer 16

AWS Service Control Policies (SCPs) are a feature of AWS Organizations that allow you to manage permissions and set guardrails for the AWS accounts in your organization

Service control policies (SCPs) are a type of organization policy that you can use to manage permissions in your organization. SCPs offer central control over the maximum available permissions for the IAM users and IAM roles in your organization

SCPs are applied to an account, and they limit permissions. IAM policies are applied to users/roles and grant permissions

Question 17

What are tags?

Answer 17

A tag is a label that you assign to an AWS resource. Each tag consists of a key and an optional value, both of which you define.

AWS Tag Policies are a feature of AWS Organizations that enable you to enforce consistent tagging practices across your AWS resources. **Tags are key-value pairs that help you organize, categorize, and manage your AWS resources for various purposes, including cost allocation, automation, access control, and resource organization. **Tag policies allow you to set rules for how tags should be applied, ensuring consistency and helping you manage resources effectively.

Question 18

AWS Control Tower vs. Organizations

Answer 18

AWS Organizations is a service for managing AWS accounts, while AWS Control Tower is a higher-level service that automates the setup and management of a secure AWS environment