Kinesis / Parameter Stores / Secrets Manager

Question 1

Kinesis

What are 6 common examples real-time streaming data?

Answer 1

• Streaming Data Examples
• Stock Prices
• Game Data (as the player plays)
• Social Network Data
• Geospatial Data
• Click Stream Data

Question 2

The 4 types of Kinesis Streams

Answer 2

• Kinesis Data Streams
• Firehose Delivery Streams (into destination such as s3)
• Data Analytics (Custom SQL’s)
• Kinesis Video Analytics

Question 3

Kinesis

How long does data persist in a data stream?

Answer 3

1 minute (min)
1 day (default)
365 days (max)

Question 4

Amazon Kinesis Data Streams (KDS) is a massively scalable and durable real-time data streaming service

3 consumers of \ Data Streams?

keˈnɪsəs

Answer 4

• DynamoDB
• S3
• Redshift

Question 5

True or False, Kinesis Video Streams can ingest encoded data from many various devices or services

Answer 5

True
Ingest video and audio encoded data from various devices and or service. Output video data to to ML or video processing services

Question 6

How many consumers are used with a Firehose delivery stream?

Answer 6

1

You choose one consumer from a predefined list

Question 7

Kinisis
True or False, with Firehose, data immediately disappears after its consumed
And how do you pay?

Answer 7

True
Pay for only the data ingested

Eg. An application will ingest data at a very high throughput from many sources and must store the data in an Amazon S3 bucket.

Question 8

This Kinesis Stream type uses a single consumer, selected from a predefined list

Answer 8

Kinesis Firehose Delivery Stream

Eg. An application will ingest data at a very high throughput from many sources and must store the data in an Amazon S3 bucket.

Question 9

AWS solution for collecting, processing, and analyzing streaming data in the cloud. When you need “real-time”

Answer 9

Amazon Kinesis

Question 10

Kinisis
How can you write data to stream?
There are two options

Answer 10

KPL (Kinesis Producer Library) is a Java library to write data to a stream

You can write data to stream using AWS SDK, but KPL is more efficient

Question 11

What are the 2 tiers available for Parameter Store?

Answer 11

• Advanced

- Standard

Question 12

Parameter Store:

Which Parameter Store tier allows you to use parameter policies?

Answer 12

Advanced

Question 13

Parameter Store:

What can you store in Parameter store?

Answer 13

• License codes
• Passwords
• Database strings

Question 14

In Parameter Store How do you create hieraches?

Answer 14

by using forward slashes

Question 15

You can’t change a standard parameter to an advanced parameter at any time, but you can revert an advanced parameter to standard parameter.

Answer 15

False

Reverting an advance parameter to a standard parameter would result in data loss because the system would truncate the size of the parameter for 8KB to 4KB

Question 16

This AWS service lets you store data such as passwords, database strings, and license codes as parameter values

AWS ___ ___ ___ ___

Answer 16

AWS Systems Manager Parameter Store

Question 17

ParaMeter policies are helpful in forcing you to update or delete passwords.

Answer 17

True

Question 18

Parameter Store enforces parameter policies by using asynchronous, periodic scans.

What are the 3 Parameter Policies?

Answer 18

Expiration: I want this parameter expires after this date

ExpirationNotification: It triggers an even in Amazon Cloud watch

NoChangeNotification: If a parameter has not been modified for a specified period of time

Question 19

Which AWS service would you use to monitor access to Secrets Manager?

Answer 19

CloudTrail

AWS Secrets Manager integrates with AWS CloudTrail, a service that provides a record of actions taken by a user, role or an AWS service in Secrets Manager. CloudTrail captures all API calls for Secrets Manager as events, including calls from the Secrets Manager console and from code calls to the Secrets Manager APIs.

Question 20

Secret Manager: Store and automatically rotate database credentials
- RDS - Redshift - DocumentDB - Other Databases:
> (MariaDB, MySQL, PostgreSQL, Oracle DB, SQL Server)
> Key/Value (Text plain)

Which AWS service does Secrets Manager use to encrypt data at-rest?

Answer 20

Key Management Service (KMS)
ki ˈmænəʤmənt ˈsɜrvəs (keɪ-ɛm-ɛs)

You’ll see “Select the encryption key”

Question 21

This AWS service enables you to easily rotate, manage, and retrieve database credentials, API keys, and other secrets throughout their lifecycle.

Answer 21

AWS Secrets Manager

AWS Secrets Manager helps you protect secrets needed to access your applications, services, and IT resources

It eliminates the need to hardcode sensitive information in plain text. Secrets Manager offers secret rotation with built-in integration for Amazon RDS, Amazon Redshift, and Amazon DocumentDB

Question 22

Which AWS service performs automatic key rotation for Secrets Manager?

AWS Secrets Manager uses this service to perform the actual rotation of a secret

Answer 22

AWS Lambda

Question 23

AWS Secrets Manager
Easily rotate, manage, and retrieve database credentials, API keys, and other secrets through their lifecycle

What is the maximum rotation interval you can specify?

Answer 23

30 days to 1 Year (365 days)

Question 24

In Secrets Manager this is the maximum interval length you can set for automatic key rotation

Answer 24

• 1 day (min)
• 30 days (default)
• 365 days (max)

Question 25

What is the CLI command to get the value of a secret from Secrets Manager?

Answer 25

aws secretsmanager get-secret-value

Question 26

What is the CLI command to describe a a secret from Secrets Manager.
The result would be:
- ARN
- Name
- LastAccessedDate
- LastChangedDate
- Version

Answer 26

aws secretmanager describe-secret –secret-id enterprise/ShipDatabase

Question 27

Kinesis

What is the Java library to write data to a stream?

Answer 27

KPL (Kinesis Producer Library)

prəˈdusər

It’s more efficient

Question 28

What is Kinesis?

What are its 2 components?

Answer 28

• It’s a service that allows real-time processing of streaming large amount of data per second. It is designed for real-time applications
• Types of streams (Data strams, Firehose delivery…)
• Kinesis Producer Library (Java library to write streams)

Question 29

What is AWS Parameter Store?

What are its 4 components?

Answer 29

• It’s a service that stores strings. It can store secret data and non-secret data alike. Secrets stored in Parameter Store are secure strings, encrypted with a customer-specific AWS KMS key
• Tier (Standard 4kb, Advanced 8kb + Policies)
• Parameter type (String, StringList, SecureString)
• P. Policies (Expiration, ExpirationNorification…)
• Hierarchy (Forward slashes)

Question 30

What is AWS Secret Manager?

What are its 3 components?

Answer 30

• It’s a service that helps you protect access to your applications, services and resources. This service enables you to easily rotate, manage, and retrieve database credentials, API keys, and other secrets throughout their lifecycle
• Secret Type (RDS DB, Redshift Cluster, Other DB…)
• Credential Access History (By CloudTrail)
• Rotation (By Lambda and only DB Credentials)

Question 31

You can now encrypt data in your Amazon Kinesis streams using server-side encryption and …

Answer 31

AWS Key Management Service (KMS) keys