Overall AWS

Question 1

What is the proper way to use IAM for users and security for daily activities.

Answer 1

The initial registering user is the root user. They have full unrestricted access and should not be used for day to day activities. Instead create a IAM group (security group) and add IAM users to that group. Those users are used for daily activities.

Question 2

Difference between a Region and a Availability Zone

Answer 2

Region are set areas around the world that have access. Availability zones are connected areas that comprise a region.

Question 3

Benefit of having many regions/AZs

Answer 3

Lower Latency (faster access)
Global Footprint/presence
Adhere to govenment regulations (run commands in different region)
High availability (good for crash situations)

Question 4

AZs have redundant power, why?

Answer 4

If something goes down/a crash, can utilize extra power

Question 5

Simple summary of the EC2 service?

Answer 5

Essentially just rentable virtual servers (instances) where you can run software, commands, etc.

Question 6

What is EC2 AMI

Answer 6

Template for what operating system and software needed for the instance.

Question 7

What is important about the EC2 instance type

Answer 7

Instance type decided hardware configuration. Think CPU, GPU, memory, etc.

Question 8

What is an instance family

Answer 8

Specialized hardware configuration. Some instance families have higher GPU, or higher CPU, or are balanced depending on the use case.

Question 9

Describe how Key Pairs work in security

Answer 9

Key pairs are composed of public and private keys. Public keys are stored on the EC2 instance while private keys are stored by the user (its typically just a file). Both are necessary to access the instance.

Question 10

What are security groups

Answer 10

A virtual firewall to control incoming and outgoing traffic to/from AWS resources.
Default is deny
Only allow rules

Question 11

Describe the monitoring tab (EC2)

Answer 11

Holds metrics related to the instance. Cloud Watch is the monitoring service that powers these metrics

Question 12

Why are elastic IP addresses important.

Answer 12

Stopping an instance will remove the public IP address and generate a new one when starting again. Elastic IP addresses allows an instance to keep the same public IP address.

Question 13

Are IP addresses free as long as they are attached to an instance?

Answer 13

NOT ANYMORE. They used to be free if attached.

Question 14

Difference between IaaS and PaaS

Answer 14

IaaS (infrastructure as a Service): Using only infrastructure from cloud provider. Customer responsible for OS upgrades and patches, app code and runtime, availability, scalability, load balancing, etc. (Think EC2)

PaaS (Platform as a Service): More is handled by the Cloud provider. Customer only responsible for App code/configuration. (think Beanstalk)

Question 15

Would Elastic Load Balancing better fit under PaaS or IaaS

Answer 15

PaaS. AWS makes sure patches are up to date and takes care of auto scaling. More specifically, it is a managed service.

Question 16

What is the Elastic Load Balancer (ELB)

Answer 16

Distributes traffic across EC2 instances in one or more AZs in a SINGLE region (IE region specific)

Question 17

What is a Classic ELB type

Answer 17

Supports Layer 4 (TCP/TLS) and Layer 7 (HTTP/HTTPS) protocols. NOT RECOMMENDED BY AWS

Question 18

What is an Application ELB type

Answer 18

Supports HTTP/HTTPs protocols. Most popular ELB. Support advanced routing approaches (based on different parts of access request)

Question 19

What is a Network ELB type

Answer 19

Supports TCP/TLS protocols. Specifically used for High performance needs.

Question 20

What is a Gateway ELB type

Answer 20

Distributes traffic across multiple virtual Third party appliances based on demand.

Question 21

In EC2, describe how to achieve higher availability.

Answer 21

Deploy to multiple AZs in multiple regions. Load balancer between those.

Question 22

Describe vertical vs horizontal scaling (scalability). Which is preferred?

Answer 22

Vertical scaling mean increasing instance size (T2.nano –> T2.Large)
Horizontal scaling increases number of instances (requires auto scale group and load balancer tho)
Horizontal scaling is typically better since it is usually less expensive and increases availability.

Question 23

Different EC2 Tenacities

Answer 23

Shared (default): single host with instances from multiple customers.

Dedicated instances: instances in host belong to same customer. Not visibility into hardware of host.

Dedicated Host: Same as dedicated instance but with hardware access. Good for regulatory needs/server bound software licenses (microsoft SQL server)

Question 24

On demand pricing model for EC2

Answer 24

Request instances when you need it. Best for unpredictable traffic or batch programs that cannot be interrupted.

Question 25

Spot pricing model for EC2

Answer 25

Cheapest. Quote maximum price that you may get. Can be terminated due to pricing trends with 2 min warning. Good for anything that can be stopped and resumed over short notice.

Question 26

Reserved pricing model for EC2

Answer 26

Reserve ahead of time (1-3 years)
Submodels available for how much you want to pay upfront. (More = cheaper)
Good for constant workload that runs all the time.

Question 27

Savings Plan pricing model for EC2

Answer 27

Commit spending X per hour on tech in 1-3 years. (no restrictions)
2 Subtypes:
Compute - Spend X dollars/hour on resources. Complete flexibility on hardware.
Instance - spend x dollars/hour for specific instance family in specific region. Can change operating systems.

Question 28

Auto scaling components:

Answer 28

Launch config/template - EC2 instance size and AMI
Auto scaling group - min,max, desired size
Auto scaling policies - When and how to execute scaling (through rules)

Question 29

Features of Beanstalk

Answer 29

It is a PaaS. AWS takes care of auto load balancing, auto scaling, platform updates, health monitoring. Only pay for AWS resources provisioned.

Question 30

What does Serverless mean?

Answer 30

Cloud manages everything (Scaling, availability). You only worry about your own code.
Example: AWS Lambda

Question 31

What is Amazon Lightrail

Answer 31

Used for Pre-configured dev stacks (software) like Node.js or to run websites on weird things like Magento. constantly low monthly price.

Question 32

What is AWS Batch

Answer 32

Run batch computing workloads on AWS. Can use EC2 and Spot instances to make cheaper.

Question 33

What is AWS Cloud9

Answer 33

Cloude based IDE that lets you write, run, and debug code with just a browser. Includes all essential tools for popular languages.

Question 34

What is AWS CloudShell

Answer 34

Browser based shell that provides secure way to manage AWS resources (via command line)

Question 35

What is AWS Amplify

Answer 35

Good/Quick for developers to build scalable and secure cloud-powerweb and mobile apps (IE web and mobile)

Question 36

What is Amazon CodeCatalyst

Answer 36

Similar to AWS Amplify but also includes tools to help with planning and overall app lifecycle

Question 37

What is AWS CodeArtifact

Answer 37

Centalized repository to store and manage reusable code artifacts and dependencies. Securely store, publish, and share software packages.

Question 38

What is Amazon S3?

Answer 38

Simple Storage Service where you can upload objects (files) into buckets for storage. Utilized different storage classes for access frequency and pricing.

Question 39

Describe the Key value approach to S3 storage

Answer 39

Key is a unique entity per bucket. Value is typically the object itself (kinda like a file name). Important in locating a stored object.

Question 40

Can S3 host websites?

Answer 40

YES! but only if they are static

Question 41

For S3 buckets, discuss their uniqueness.

Answer 41

S3 is a global service so bucket names are globally unique. (though I believe buckets are still tied to a region)

Question 42

What elements of S3 have cost and what is free of cost?

Answer 42

Storage (per GB), Retrieval charge (if applicable), monthly tiering fee (only for IT storage), Data transfer fee are cost elements

Data transfer to S3, transfer between S3 and CloudFront, and transfer from S3 to same region services are free

Question 43

Briefly Describe all storage classes in S3

Answer 43

Standard: Frequently accessed
Standard-IA: long-lived, infrequently accessed
One Zone-IA: Infrequently accessed non-critical (1AZ)
Intelligent Tiering: Changing/Unknown access patterns
Glacier: Archive data with slow retrieval
Glacier Deep Archive: Rarely accessed data

Question 44

What S3 storage classes require encryption

Answer 44

Glacier and Glacier Deep Archive

Question 45

What level can you set a storage class?

Answer 45

Classes can be set all the way to the individual object level

Question 46

How much storage can you get with S3?

Answer 46

Unlimited! However, Object size is a max of 5GB. Can have as many objects as you want.

Question 47

High level difference between block storage and file storage

Answer 47

Block storage is more like hard disk. Stored only on the local device. File storage is like file share where storage is on a network.

Question 48

Describe AWS Elastic Block Storage

Answer 48

Durable, high availability storage that can be associated and disassociated with an EC2 instance. Flexible capacity based on how much you need. EBS is on a network storage? Supports snapshots for replication/archiving.

Question 49

Describe AWS Instance Store

Answer 49

Storage method that is physically tied to EC2 instance. Ephemeral storage that is good for cache files. Included in EC2 cost.

Question 50

Describe the 3 AWS options for FILE STORAGE (file share)

Answer 50

Amazon EFS: for EC@ linux based instances. autoscales.
Amazon FSx Windows: Integrates with Microsoft active directory to support Windows environments. Auto encryption.
Amazon FSx for Lustre: For high performance use cases. Auto encryption

Question 51

What is Hybrid Storage?

Answer 51

Automatically think Storage Gateway AWS service. When you store some data on physical servers (on premise) as well as on the cloud.

Question 52

Three Options to Storage Gateway?

Answer 52

File Gateway: Large file share. Files stored in S3 and Glacier. Expensive to manage.
Storage tape gateway: Used to keep archives in virtual tapes
Volume Gateway: Moves block storage to cloud.

Question 53

Describe the two options of volume gateway

Answer 53

Cached volumes: Primarily stored in S3. Cached stores frequently accessed data.
Stored volumes: EBS snapshots saved

Question 54

What storage gateway option would you use for the following scenarios:
1. Large file shares need to be moved to the cloud.
2. Tape backups need to be on the cloud.
3. High performance volume backups needed on cloud.
4. Non-high performance volume backups needed.

Answer 54

1. File gateway
2. Storage tape gateway
3. Volume Gateway (stored volume)
4. Volume Gateway (cached volume)