RDS

Question 1

What are the 6 Databases that AWS manages?

Answer 1

• Postgres
• MySQL
• MariaDB
• Oracle
• Microsoft SQL Server
• Aurora (AWS Proprietary DB)

Question 2

Can Read Replicas be set up as Multi AZ for Disaster Recovery (DR)

Answer 2

Yes

Question 3

Do Read Replicas cost money for ASYNC replication across Multi AZs

Answer 3

• Yes - it is expensive for read replicas to work across multi AZs.
• It is FREE if read replicas are in the same AZ

Question 4

T/F - Read Replicas, Reads as eventually consistent

Answer 4

TRUE

Question 5

What are the type of RDS Encryption

Answer 5

• At rest encryption - encryption must be defined at launch time
• In-flight encryption - SSL certificates to encrypt data to RDS in flight

Question 6

RDS - what management aspects are you responsible for?

Answer 6

• Check the ports / IP / security group inbound rules in SG DB
• In-database user creation and permissions or manage through IAM
• Creating a DB with or without public access
• Ensure parameter groups or DB is configured to only allow SSL connections

Question 7

RDS - what management aspects is AWS responsible for?

Answer 7

• Not allow SSH access into DB Instance
• DB Patching
• OS Patching

Question 8

What are the advantages of using RDS verses deploying on EC2?

Answer 8

• RDS is a managed service
• Automated provisioning
• OS Patching
• Monitoring dashboards
• Read replicas available for improved performance
• Multi AZ setup for disaster recovery
• Scaling capabilities
• Storage backed by EBS

Question 9

Can you SSH into an AWS RDS instance?

Answer 9

NO

Question 10

How many Read replicas can you have for RDS?

Answer 10

Up to 5

Question 11

Describe at rest encryption for RDS instantances

Answer 11

• Can be encrypted with AWS KMS AES-256
• Encryption must be defined at launch time
• If master is not encrypted read replicas can not be encrypted

Question 12

Describe in-flight encryption for RDS instances

Answer 12

SSL certs are required to encrypt data to RDS in flight

Question 13

How would you encrypt an un-encrypted RDS database?

Answer 13

• Create a snapshot of the un-encrypted db
• Copy the snapshot and enable encryption for the snapshot
• Restore the DB from the newly encrypted snapshot
• Migrate application to the new db, and delete the old db

Question 14

Describe main features of Aurora DB

Answer 14

• Automatic fail-over
• Backup and recovery
• Isolation and security
• Industry compliance
• Push button scaling
• Automated patching with zero downtime
• Advanced monitoring
• Routine maintenance
• Backtrack: restore data at any point of time w/o using backups

Question 15

Describe Aurora DBS secuirty

Answer 15

• Similar to RDS - uses same engines
• Encryption at rest using KMS
• Automated backups, snapshots and replicas are also encrypted
• Encryption in flight using SSL
• Possibility to authenticate using IAM token (same in RDS)
• You are responsible for protecting the instance with security groups
• You can NOT SSH

Question 16

What is a good use case for Aurora Serverless?

Answer 16

Infrequent, intermittent or unpredictable workloads

Question 17

What is Elasticache?

Answer 17

• In-memory databases with really high performance, low latency
• Helps reduce load off of databases for read intensive workloads
• Helps make your application stateless
• Redis or Memcached = options
• Involves heavy application code changes

Question 18

Redis vs Memcached?

Answer 18

Redis:

• Multi AZ with auto-failover
• Read replicas to scale reads and have high availability
• Data durability using AOF persistance
• Backup and restore features

Memcached

• Using something called Sharding (multi node partitioning)
• NON persistent
• No backup and restore
• Multi- threaded architecture

Question 19

What is lazy loading as it relates to Elasticache?

Answer 19

• AKA Cache-Aside or Lazy Population
• Application first makes a call to the cache. If its a cache hit, data is returned.
• If its a cache miss, another call is made to the DB, data is return to the application, then data is written to cache

Question 20

What are the pros and cons of data caching / lazy loading ?

Answer 20

Pros:

• Only requested data is cached
• Node failures are not fatal to the application health

Cons:

• Cache miss = 3 round trips = delay for user
• Possible statle data

Question 21

Which RDS Class (not Aurora) feature does not require us to change our connection string?

Answer 21

• Multi AZ
• Read Replicas add new endpoints for databases to read from and therefore we must change our application to have the list of these endpoints in order to balance the read load and connect to the databases

Question 22

You want to ensure your Redis cluster will always be available, which do you enable: read replicas or multi-az

Answer 22

Multi - AZ

Question 23

Which database does NOT support Transparent Data Encrytion (TDE) on RDS?

Answer 23

PostgresSQL

Question 24

Which RDS database technology does NOT support IAM authentication?

Answer 24

Oracle

Remeber that both MySQL and PG are Aurora compatible and that Aurora DOES allow for IAM authentication.

Question 25

You would like to ensure you have a database available in another region if a disaster happens to your main region. Which database do you recommend?

Answer 25

Aurora Global DB

Global Databases allow you to have cross region replication

Question 26

Your organization wants to enforce SSL connections on your MySQL database

Answer 26

Apply a ‘REQUIRE SSL’ statement to all your users in your SQL DB

Question 27

Name the 3 main caching stratigies

Answer 27

• lazy-loading / cache - aside / lazy population
• write-through
• TTL

Question 28

Describe write-through elasticache strategy

Answer 28

• Add or update cache when db is updated
• When the application makes a write to the RDS, the app will make a second write to the cache

Pros:

• Data in cache is never stale, reads are very quick

Cons:

• Missing data until data is added / updated
• To mitigate this you can implement lazy loading in addition to the write-through strategy

Question 29

Describe the TTL (Time-to-Live) Elasticache strategy

Answer 29

Cache is deleted after a certain time period (seconds to days)

Deletion can occur in 3 main ways:

• Its deleted explicity
• deleted because memory is full and that data has not recently been used
• you set an item to TTL (to live for a specific time period)

Question 30

You are serving web pages for a very dynamic website and you have a requirement to keep latency to a minimum for every single user when they do a read request. Writes can take longer to happen. Which caching strategy do you recommend?

Answer 30

write-through