Notebook Notes Flashcards
An Auto Scaling group can use an EC2 system health check to determine whether an instance is healthy. What other type of health check can it use?
ELB
Which CloudFront distribution type requires you to provide a media player?
RTMP
Which of the following Relational Database Service (RDS) features can help you achieve a monthly availability of 99.95 percent?
Multi AZ
Can CodeDeploy deploy a website to S3?
NO
What type of AWS Systems Manager document can take a snapshot of an EC2 instance?
Automation document
Wrong answer is command document. Command document meant to runs commands on an EC2 instance.
Cloudfront flow summary
Distribution (config) –> Origin (content) –> Edge Location
How is DynamodDB Architected?
SSDs, partitioned across multiple AZs
What does RDS use for storage?
EBS
Which of the following Route 53 routing policies can return set of randomly ordered values?
Multivalue answer
Can you set security group rule to deny access to unused ports?
No, because security groups deny any traffic that is not explicitly allowed.
S3 versioning supports what concept of security?
Data integrity
OpsWorks service which uses chef recipes
OpsWorks Stacks
Can you have a private S3 bucket as a Cloudfront distribution?
NO
Can an Ec2 instance be used as a Cloudfront distribution?
YES
Amazon Elastic Transcoder
converts media files
security credentials dashboard
create and manage access keys
well architected pillars
reliability, performance efficiency, security, cost optimization, operational excellence
Which acct types get all checks from Trusted Advisor?
developer, business, enterprise
Cost and Usage Reports
- can generatae detailed spreadsheet
- places reports in S3
- works with Quicksick to turn reports into graphs
RDS traits
- stored on EBS volume
- stores snapshots in S3
- auto backup
- auto scaling available
- read replicas for better performance
- multi-AZ for better availability
Cloudtrail Logs
- stored indefinitely
- can be exported to S3 bucket
neptune
graph database
Security group
- set at instance level
- default deny
AZ
one or more data centers in a region
Glacier
- 40TB max
- Vault created in console
- charge for storage and egress
Redshift Spectrum
analyze data in S3
Buckets
- resides in target region but not VPC
- security via bucket policies, user policies, ACLs
- no data limit
- versioning necessary to delete
- never moves objects b/t regions, only copies
Cloudformation hierarchy
code –> template –> stack –>AWS Resource
Golden Image
snapshot of AWS resource like EBS, RDS, EC2…super fast startup times
Storage Gateway types
- File: NFS and SMB protocols
- Volume: iSCSI, stored and cached versions
- Tape: iSCSI, uses tape backup
AWS Inspector
- auditor
- compliance improvement
- scheduled assessments (not realtime)
- rules packages available
AWS Shield
DDOS protection, can reside inside or out of VPC
- auto configured for some services like R53 and Cloudfront
- free and advanced tiers available
WAF
protects against common exploits, attach to Cloudfront or ALB
SWF
Simple Workflow Service, coordinate across distributed app components
VPN Cloudhub
allow remote sites to communicate via VPN
Glue
load data from S3, transform it, move it to a destination
subnet
tied to single AZ
Quickstart
Cloudformation Templates
regional edge locations
cached content for less popular/used things
What is not cacheable in Cloudfront?
EBS and RDS
GuardDuty
Like an actual guard on duty. real time monitoring, detects anomalies
Cloud HSM
hardware security module, generates keys in the cloud
how many AZs in AWS total?
69
how many regions in AWS total?
22
how many countries served by AWS?
190
which region has al the latest services?
us east 1
what is billing interval for EC2?
by hour or minute depending on instance type
AWS Connect
call center enablement
AWS workdocs
sharepoint
AWS chime
Slack
AWS Pinpoint
Mailchimp
Macie
detects important data in S3 (SSN, CCN, Etc.) and reports it
ALB
layer 7 of OSI
- routing rules
- attach to WAF
NLB
layer 4 of OSI
-tcp/tls traffic
subnet and endpoints are configured via
VPC
EBS and ELB are configured via
EC2
Media Connect
latest version of Elastic Transcoder
Consolidated billing benefit
potential to go into next pricing tier (lower costs per unit of consumption) by consolidating accounts
System impaired response time
< 4 hours (business and enterprise only)
System down response time
< 1 hour (business and enterprise only)
Critical system down response time
< 15 minutes (enterprise only)
RI Types
- standard
- convertible
- scheduled
RI pricing determined by what?
- term
- class type
- payment option (all upfront, partial upfront, no upfront)
Free tier Cloudfront limit?
50GB
AWS Budget types
- cost budget
- usage budget
- reservation budget
