Kinesis / Parameter Stores / Secrets Manager Flashcards

1
Q

Kinesis

What are 6 common examples real-time streaming data?

A
  • Streaming Data Examples
  • Stock Prices
  • Game Data (as the player plays)
  • Social Network Data
  • Geospatial Data
  • Click Stream Data
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

The 4 types of Kinesis Streams

A
  • Kinesis Data Streams
  • Firehose Delivery Streams (into destination such as s3)
  • Data Analytics (Custom SQL’s)
  • Kinesis Video Analytics
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Kinesis

How long does data persist in a data stream?

A
1 minute (min)
1 day (default)
365 days (max)
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Amazon Kinesis Data Streams (KDS) is a massively scalable and durable real-time data streaming service

3 consumers of \ Data Streams?

keˈnɪsəs

A
  • DynamoDB
  • S3
  • Redshift
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

True or False, Kinesis Video Streams can ingest encoded data from many various devices or services

A

True
Ingest video and audio encoded data from various devices and or service. Output video data to to ML or video processing services

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

How many consumers are used with a Firehose delivery stream?

A

1

You choose one consumer from a predefined list

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Kinisis
True or False, with Firehose, data immediately disappears after its consumed
And how do you pay?

A

True
Pay for only the data ingested

Eg. An application will ingest data at a very high throughput from many sources and must store the data in an Amazon S3 bucket.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

This Kinesis Stream type uses a single consumer, selected from a predefined list

A

Kinesis Firehose Delivery Stream

Eg. An application will ingest data at a very high throughput from many sources and must store the data in an Amazon S3 bucket.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

AWS solution for collecting, processing, and analyzing streaming data in the cloud. When you need “real-time”

A

Amazon Kinesis

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Kinisis
How can you write data to stream?
There are two options

A

KPL (Kinesis Producer Library) is a Java library to write data to a stream

You can write data to stream using AWS SDK, but KPL is more efficient

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What are the 2 tiers available for Parameter Store?

A
  • Advanced

- Standard

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Parameter Store:

Which Parameter Store tier allows you to use parameter policies?

A

Advanced

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Parameter Store:

What can you store in Parameter store?

A
  • License codes
  • Passwords
  • Database strings
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

In Parameter Store How do you create hieraches?

A

by using forward slashes

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

You can’t change a standard parameter to an advanced parameter at any time, but you can revert an advanced parameter to standard parameter.

A

False

Reverting an advance parameter to a standard parameter would result in data loss because the system would truncate the size of the parameter for 8KB to 4KB

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

This AWS service lets you store data such as passwords, database strings, and license codes as parameter values

AWS ___ ___ ___ ___

A

AWS Systems Manager Parameter Store

17
Q

ParaMeter policies are helpful in forcing you to update or delete passwords.

A

True

18
Q

Parameter Store enforces parameter policies by using asynchronous, periodic scans.

What are the 3 Parameter Policies?

A

Expiration: I want this parameter expires after this date

ExpirationNotification: It triggers an even in Amazon Cloud watch

NoChangeNotification: If a parameter has not been modified for a specified period of time

19
Q

Which AWS service would you use to monitor access to Secrets Manager?

A

CloudTrail

AWS Secrets Manager integrates with AWS CloudTrail, a service that provides a record of actions taken by a user, role or an AWS service in Secrets Manager. CloudTrail captures all API calls for Secrets Manager as events, including calls from the Secrets Manager console and from code calls to the Secrets Manager APIs.

20
Q

Secret Manager: Store and automatically rotate database credentials
- RDS - Redshift - DocumentDB - Other Databases:
> (MariaDB, MySQL, PostgreSQL, Oracle DB, SQL Server)
> Key/Value (Text plain)

Which AWS service does Secrets Manager use to encrypt data at-rest?

A

Key Management Service (KMS)
ki ˈmænəʤmənt ˈsɜrvəs (keɪ-ɛm-ɛs)

You’ll see “Select the encryption key”

21
Q

This AWS service enables you to easily rotate, manage, and retrieve database credentials, API keys, and other secrets throughout their lifecycle.

A

AWS Secrets Manager

AWS Secrets Manager helps you protect secrets needed to access your applications, services, and IT resources

It eliminates the need to hardcode sensitive information in plain text. Secrets Manager offers secret rotation with built-in integration for Amazon RDS, Amazon Redshift, and Amazon DocumentDB

22
Q

Which AWS service performs automatic key rotation for Secrets Manager?

AWS Secrets Manager uses this service to perform the actual rotation of a secret

A

AWS Lambda

23
Q

AWS Secrets Manager
Easily rotate, manage, and retrieve database credentials, API keys, and other secrets through their lifecycle

What is the maximum rotation interval you can specify?

A

30 days to 1 Year (365 days)

24
Q

In Secrets Manager this is the maximum interval length you can set for automatic key rotation

A
  • 1 day (min)
  • 30 days (default)
  • 365 days (max)
25
Q

What is the CLI command to get the value of a secret from Secrets Manager?

A

aws secretsmanager get-secret-value

26
Q
What is the CLI command to describe a a secret from Secrets Manager.
The result would be:
- ARN
- Name
- LastAccessedDate
- LastChangedDate
- Version
A

aws secretmanager describe-secret –secret-id enterprise/ShipDatabase

27
Q

Kinesis

What is the Java library to write data to a stream?

A

KPL (Kinesis Producer Library)

prəˈdusər

It’s more efficient

28
Q

What is Kinesis?

What are its 2 components?

A
  • It’s a service that allows real-time processing of streaming large amount of data per second. It is designed for real-time applications
  • Types of streams (Data strams, Firehose delivery…)
  • Kinesis Producer Library (Java library to write streams)
29
Q

What is AWS Parameter Store?

What are its 4 components?

A
  • It’s a service that stores strings. It can store secret data and non-secret data alike. Secrets stored in Parameter Store are secure strings, encrypted with a customer-specific AWS KMS key
  • Tier (Standard 4kb, Advanced 8kb + Policies)
  • Parameter type (String, StringList, SecureString)
  • P. Policies (Expiration, ExpirationNorification…)
  • Hierarchy (Forward slashes)
30
Q

What is AWS Secret Manager?

What are its 3 components?

A
  • It’s a service that helps you protect access to your applications, services and resources. This service enables you to easily rotate, manage, and retrieve database credentials, API keys, and other secrets throughout their lifecycle
  • Secret Type (RDS DB, Redshift Cluster, Other DB…)
  • Credential Access History (By CloudTrail)
  • Rotation (By Lambda and only DB Credentials)
31
Q

You can now encrypt data in your Amazon Kinesis streams using server-side encryption and …

A

AWS Key Management Service (KMS) keys