Review Flashcards

1
Q

Monthly billing for lambda is based on what?

A

Execution request and the time is rounded to the nearest 100 ms.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

which is a compulsory section in CFT

A

resources

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Maximum size of an item in DynamoDB table

A

400KB

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

AWS service supports infrastructure as a code?

A

CloudFormation

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

a Load balancer can span across?

A

Multiple AZs

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What can be used to provide internet connectivity to the resources residing in a private subnet?

A

Internet gateway.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

CloudWatch

A

can not manually deleted.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

DATA STORED IN A S3 CAN BE ACCESSED FROM?

A

anywhere across the internet.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

By default, which of the following metrics are not supported by CLoudWatch?

A

Memory free/used.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

which Services is used along with S3 to enable S3 Transfer Acceleration?

A

CloudFront

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

MySQL RDS instance

A

CAN NOT be stopped or paused. TO SAVE MONEY, the user needs to take the final snapshot, terminate the instance and launch a new instance in the future from that snapshot.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Elastic Load Balancing

A

use SSL certificate in order to improve your system security. use AWS identity and Access Management to upload your certificate to your load balancer.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

SQS Time to live

A

1 minute to 2 weeks

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

SQS data size in a message

A

256KB

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

EBS Volume

A

it is required to mount the device when a user creates an EBS volume and attaches it as a device.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

DynamoDb access

A

Amazon DynamoDB integrates with AWS Identity and Access Management(IAM). You can use AWS IAM to grant access to Amazon DynamoDB resources and API actions. To do this, you first write an AWS IAM policy, which is a document that explicitly lists the permissions you want to grant. you then attach that policy to an AWS IAM user or role.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

Best suitable options to allow access to the log bucket.

A

Provide ACL for the logging group.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

CloudFormation

A

gives developers and systems administrators an easy way to create and manage collections of AWS resources. you can now set ReadReplicas for your databases with RDS when you create a new cloudFormation template.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

AWS RDS with multi AZ feature

A

the user can not provision the availability zone. RDS is launched automatically instead.
user need to specify whether it is multi AZ or not.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

AWS Elastic Beanstalk

A

support multiple running environment.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

Ec2-classic

A

AWS does not provide a fixed MAC address to the instances launched in ECs-classic. If the instance is launched as apart of EC2-VPC, it ca have an ENI which can have a fixed MAC. However, with EC2-CLassic, every time the instance is started or stopped it will have a new MAC address. To get this MAC, the orgAMzation can run a script on boot which can fetch the instance metadata and get the MAC address from that instance metadata.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

IAM User

A

IAM users by default cannot change their password. the root owner or IAM administrator needs to set the policy in the password policy page, which should allow the user to change their password. Once it is enabled, the IAM user can always change heir passwords from the AWS console or CLI.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

EBS volume

A

provides persistent data storage. the user cam attacj a volume to any instance provided they are both in the same AZ.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

ReceiveMessageWaitTimeSeconds

A

when set to greater than zero enables long polling. Long polling allows the Amazon SQS service to wait until a message is available in the queue before sending a response.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
Q

S3 bucket policies

A

require a Principal be defined.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
26
Q

If you do not ensure that DNS is re-resolved or use multiple test clients to simulate increased load, the test may continue to hit a single IP address when Elastic Load Balancing has actually allocated many more IP addresses. Because your end users will not all be resolving to that single IP address, your test will not be a realistic sampling of real-world behavior.

A

Use a third party load-testing service to send requests from globally distributed clients, Force the software-based load tester to re-resolve DNS before every request

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
27
Q

MissingSecurityHeader

A

400 bad request would be the HTTP response code for Missing SecurityHeader.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
28
Q

S3:ReducedRedundancyLostObject

A

S3 provides the S3:ReducedRedundancyLostObject for objects that are using the Reduce Redundancy Storage class on Amazon S3. This notification is used with SNS and sends a JSON object notification to the subscribed SNS topics if an object is lost by Amazon S3. This allows you to create automation and be informed with RRS (99.9% durability storage) has an object data loss from one of your buckets. AWS now supports event notifications for object creation as well.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
29
Q

API call to attach an EBS volume to an EC2 instance

A

AttachVolume

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
30
Q

necessary steps to set up a static website on S3.

A

Upload an index document to your S3 bucket, Enable static website hosting in your S3 bucket properties, Select the “Make Public” permission for your bucket’s objects

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
31
Q

What is the API call used when authenticating users against a Web Identity Provider like Facebook, Google, Amazon, etc.)?

A

AssumeRoleWithWebIdentity API call while passing the provider’s token and specifying the ARN (Amazon Resource Number) for the IAM Role.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
32
Q

What is the default timeout of Temporary Security Credentials issued by AWS after a user has authenticated with a third-party Identity Provider?

A

1 hour – minimum is 15 minutes

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
33
Q

In what order are Atomic Counters written to a DynamoDB?

A

All write requests are applied in the order in which they are received.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
34
Q

ec2-net-utils

A

For AWS Linus, it is a package that configures additional network interfaces that the user can attach while the instance is running, refreshes secondary IP addresses during DHCP lease renewal, and updates the related routing rules.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
35
Q

send push notifications to mobile devices using SNS and ADM

A

need to obtain RegistrationID and Client secret. you do not need Device token.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
36
Q

MS SQL RDS

A

does not support multi AZ

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
37
Q

HOW TO CONFIGURE TERMINATION POLICIES?

A

either specify any one of the policies as a standalone policy or list multiple policies in an ordered list.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
38
Q

S3 Bucket ACL

A

can grant permission to S3 Log Delivery group to write access log objects to the user’s bucket.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
39
Q

Elastic Beanstalk

A

support multiple environments

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
40
Q

ec2-share-image-attribute

A

share image

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
41
Q

IAM role

A

– IAM roles are based on temporary security tokens, so they are rotated automatically. Keys in the source
code cannot be rotated (and are a very bad idea). It’s impossible to retrieve credentials from an S3 bucket if you
don’t already have credentials for that bucket. Active Directory authorization will not grant access to AWS
resources.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
42
Q

Which relational database engines does Amazon RDS support?

A

Amazon RDS supports Amazon Aurora, MySQL, MariaDB, Oracle, SQL Server, and PostgreSQL database engines.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
43
Q

the default interval for CloudWatch metrics

A

1 minutes?

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
44
Q

how to attach volume to an EC2 instance from different AZ?

A

take a snapshot of the volume and create a new volume in the instance’s AZ, then attach.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
45
Q

multiple IAM group policies

A

always aggregated.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
46
Q

Connect to RDS(MYSQL)

A

open port 3306 in the security group for MYSQL.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
47
Q

Can user create a larger EBS volume from an existing snapshot with lower size?

A

Yes, user need to change the size of the device with resize…

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
48
Q

AWS ELB with custom domain

A

by creating CNAME with the existing domain name service provider;
by creating a record with Route 53.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
49
Q

can be used to bootstrap both the chef Server and chef Client software

A

CloudFormation

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
50
Q

Amazon RDS DB instance back up

A

automated backups and DB snapshots.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
51
Q

CLI commands for EC2 instances

A
ec2-accept-vpc-peering-connection;
ec2-allocate-address;
ec2-assign-private-ip-address;
ec2-associate-address;
ec2-associate-dbcp-options;
ec2-associate-route-table;
ec2-attach-internet-gateway;
ec2-attach-network-interface(not ec2-allocate-interface).
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
52
Q

SQS security

A

SQS uses either your Access Key ID or an X.509 certificate to authenticate your identity.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
53
Q

x-Forwarded-Port

A

identify the port used by the client while requesting ELB.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
54
Q

Tag limits

A

10 tags er load balancer;
max key length 127;
max value length 255;
keys and values are case sensitive.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
55
Q

DB parameter group

A

contains engine configuration values that can be applied to one or more DB instances of the same instance type.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
56
Q

RDS charge

A

on a pay as you go basis. It charges the user based on the instance type, number of hours that the instance is running, data transfer, storage cost as well for I/O request. the monitoring is free of cost.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
57
Q

SQS free tier message limit

A

1 million

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
58
Q

SQS allow anonymous access queue

A

Yes

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
59
Q

Can an AMI launch EC2 instance within same region?

A

Yes

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
60
Q

AWS console for DynamoDB

A

can setup alarms to monitor your table’s capacity usage;
create, update, and delete tables;
View your table’s top monitoring metrics on real-time graphs from CloudWatch.
can not import data from other databases or from files.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
61
Q

Shared responsibility

A

Customer’s responsibility:
Life-cycle management of IAM credentials;
Security group and ACL settings
Encryption of EBS volumes
Patch management on the EC2 instance’s OS;
AWS responsibility:
Decommissioning storage devices?;
controlling physical access to compute resources;

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
62
Q

manual auto scalling

A

modify the desired capacity. if the user is trying to CLI, use command as-set-desired-capacity – desired-capacity

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
63
Q

account alias

A

has to be unique so different account can not have the same alias.

64
Q

EBS-Optimized instance

A

the Provisioned IOPS volumes are designed to deliver within 10% of the provisioned IOPS performance 99.9% of the time in a given year.

65
Q

Subnet to Route table

A

one subnet must be associated with exactly one Route Table, However, multiple subnets can be associated with the same Routed table.

66
Q

MWF – Markers

A

enable you to record information in the workflow execution history that you can use for any custom or scenario-specific purpose.

67
Q

tracking usage

A

The cost of an IAM user or groups can never be tracked separately for the purpose of billing. usage a tracking is only at account level.

68
Q

default visibility timeout

A

30 seconds.

69
Q

creating an EBS Volume

A

user can attach multiple volumes to the same instance and stripe them together to in crease the I/O, can take a snapshot from the existing volume but can not create an AMI from the volume. the user can create an AMI froma snapshot.

70
Q

creating an EBS Volume

A

user can attach multiple volumes to the same instance and stripe them together to in crease the I/O, can take a snapshot from the existing volume but can not create an AMI from the volume. the user can create an AMI from a snapshot.

71
Q

The longest duration for which the user can retain the automated backup?

A

35 days

72
Q

/dev/sda1

A

reserved for the root device for Linux instance.

73
Q

Glacier resources

A

Vault and Archives are core data model concepts;
job is required to initiate download of archive.
notification configuration is required to send user notification when archive is available for download.

74
Q

SNS delivery transports

A

HTTP, SMS, not UDP.

75
Q

Peek a message in Amazon SQS

A

PeekMessage action has been removed from Amazon SQS. was mainly for debug. to do this, you can log the message ID and the receipt handle for your messages and correlate them to confirm when a message has been received and delated.

76
Q

When to use an Object ACL?

A

An object ACL is the only way to manage access to objects not owned by the bucket owner
Permissions vary by object and you need to manage permissions at the object level
(an object ACL is also limited to a maximum of 100 grants);
Object ACLs control only object-level permissions

77
Q

When to Use a Bucket ACL

A

is to grant write permission to the Amazon S3 Log Delivery group to write access log objects to your bucket.

78
Q

When to Use a Bucket Policy

A

You want to manage cross-account permissions for all Amazon S3 permissions

79
Q

protocol

A

SSH – prot 22
RDP – port 3389
TCP,UDP – port 3306 – MYSQL

80
Q

AWS OpsWorks

A

a configuration management service uses chef, an automation platform that treats server configurations as code.
has 2 offerings, AWS Opsworks for Chef Automate, and AWS OpsWorks Stacks.

81
Q

Share responsibility – AWS

A

AWS Global infrastructure: AZs, regions, edge locations;

compute, storage, database, networking

82
Q

Share responsibility – Customer

A

Platform, Applications, IAM; OS, Network & Firewall configuration; client-side data encryption, server-side data encryption, Network Traffic Protection

83
Q

AWS Products – Compute

A
EC2; EC2 auto scaling; Elastic Container Service;
Elastic Container Service for Kubernetes;
Elastic Container Registry;
Amazon Lightsail;
AES Batch;
Elastic Beanstalk;
AWS Fargate;
Lambda;
severless Application Repository;
VMware Cloud on AWS.
84
Q

AWS Products – Storage

A

S3, EBS, Elastic File system, Glacier, Storage gateway; snowball; snowball Edge; snowmobile;

85
Q

AWS Products – Database

A

Aurora; RDS; DynamoDB; ElastiCache; Reshift; Neptune; Database Migration Service;

86
Q

AWS Products – Migration

A
Application Discovery Service;
database migration service;
Migration Hub;
server migration service;
snowball
snowball edge;
snowmobile;
87
Q

AWS Products – Networking & Content Delivery

A
VPC;
cloudFront;
Route 53;
API gateway;
direct connect;
Elastic load Balancing;
88
Q

SNS end point protocol

A
HTTP(s);
Email;
Email-JSON;
SQS;
Application;
AWS Lambda;
SMS(short Message Service)
89
Q

maximum number of SWF domain in an account

A

100

90
Q

limits on the size of item collection

A

10GB

91
Q

smallest amount of Reserved Capacity

A

100 capacity units

92
Q

Can data be saved when a stack is deleted in CloundFormation?

A

Yes. by define deletion policy. you can specify snapshots be created before it is delected. you can also specify a resource should be preserved and not deleted when the stack is deleted.

93
Q

Identify Security Weakness

A

Perform SQL injection for application testing;
Penetration testing – as performed by attackers to find any vulnerability.
hardening test – to find if there are any unnecessary ports open perform SQL injection to find any DB security issues.
Not this one – Code memory checks are generally useful when the organization wants to improve the application performance.

94
Q

ItemCOllectionSizeLimitExceededException

A

For a tabe with a local secondary index, a group of items with the same partition key value has exceeded the maximum size limit of 10 GB.

95
Q

BundleInstance

A

Bundles an Amazon Instance store-backed Windows instance. During bundling, only the root device volume is bundled. Data on other instance store volumes is not preserved.
This action is not applicable for Linus instances, or windows instances taht are backed by Amazon EBS.

96
Q

BatchGetItem

A

can retrieve a max 100 items total size <16MB.

97
Q

limit of data can be retrieved by a scan operation

A

1MB

98
Q

max SWF workflows per domain

A

10,000

99
Q

Elastic Map Reduce

A

allows organizations to do complex analysis on large volumes of data.

100
Q

Available SDK

A
Android, IOS, JavaScript, 
Java,
.Net,
Node.js
PHP
Python
Ruby
Go
C++
101
Q

Shared responsibility – AWS

A

Restricting access to the data centers;
proper destruction of decommissioned disks;
Patching of firmware for the hardware on which your AWS resources reside.

102
Q

by default, subnets within a custom VPC

A

can communicate with each other, across availability zones.

103
Q

SQS was the first service on the AWS platform.

A

yes

104
Q

In Identity Access Management, you can use SAML (Security Assertion Markup Language 2.0) to give your federated users single sign-on (SSO) access to the AWS Management Console.

A

Yes

105
Q

free services

A

auto scaling;
elastic bean stalk;
VPC;
cloudconformation;

106
Q

What is the name of the API call used to request temporary security credentials from the AWS platform when federating with Active Directory?

A

AssumeRoleWithSAML

107
Q

The steps When using Active Directory to authenticate to AWS,

A

The user navigates to ADFS webserver. The user enter in their single sign on credentials. The user’s web browser receives a SAML assertion from the AD server. The user’s browser then posts the SAML assertion to the AWS SAML end point for SAML and the GiveUserSAMLAccess API request is used to request temporary security credentials. 5) The user is then able to access the AWS Console.

108
Q

The steps When using Active Directory to authenticate to AWS,

A

The user navigates to ADFS webserver. The user enter in their single sign on credentials. The user’s web browser receives a SAML assertion from the AD server. The user’s browser then posts the SAML assertion to the AWS SAML end point for SAML and the AssumeRoleWithSAML API request is used to request temporary security credentials. 5) The user is then able to access the AWS Console.

109
Q

What is CIA and AAA models, ingress vs. egress filtering, and which AWS services and features fit

A

CIA are the fundamentals of Information Security. Confidentiality (generally encryption), Integrity (the accuracy of a message or server…i.e. hash value), Availability (availability of a service)
AAA is authentication, authorization, and accounting. Who you are (identification), what are you allowed to do (privileges), and audit

110
Q

ReturnItemCollectionMetrics

A

set this parameter to SIZE to monitor item collection size.

111
Q

HTTP Status Code

A

400 – IncompleteSignature; MissingAction
InvalidParameterValue; Missing Parameter; InvalidDigest; InvalidBuckeName; IncompleteBody;
403 – OptInRequired; InvalidClientToken; MalformedQueryString; InvalidObjectState;

112
Q

DynamoDB limit

A

Sort key – 1024

partition key –2048

113
Q

ElasticBeanstalk supported platform

A

Elastic Beanstalk provides platforms for programming languages (Java, PHP, Python, Ruby, Go), web containers (Tomcat, Passenger, Puma) and Docker containers, with multiple configurations of each.

114
Q

Securely upload/download data to Amazon S3

A

via SSL endpoints using the HTTPS protocol.

115
Q

ListTables

A

To obtain a list of all your tables, use the ListTables operation. A single ListTables call can return a maximum of 100 table names; if you have more than 100 tables, you can request that ListTables return paginated results, so that you can retrieve all of the table names.

116
Q

BatchWriteItem

A

The BatchWriteItem operation puts or deletes multiple items in one or more tables. When called in a loop, it also checks for unprocessed items and submits a new BatchWriteItem request with those unprocessed items until all items have been processed.

117
Q

features supported by RDS

A

automated backup. automated failure detection and recovery;
automated software patching;
scaling is not automated and the user needs to plan it with a few clicks.

118
Q

what to do to ensure that EC2 instances accept requests only from ELB?

A

remove all the rules set for the other requests and open the port only for ELB source security group. meaning configure the security group of EC2, which allows access to the ELB source security group.

119
Q

maximum number of stacks per cloudformation templates

A

20

120
Q

How can you secure data at rest on an EBS volume?

A

Use an encrypted file system on top of the EBS volume.?

121
Q

RDS DB instance

A

is an isolated DB environment provided by AWS in which the user can create more than one database, The maximum size of the instance should be between 5GB–3TB. the size of each DB can be anything in this range.

122
Q

cloudformation

A

can be used to bootstrap both the Chef Server and Chef Client software.

123
Q

registering an activity in Amazon SWF

A

provide: name, version, and timeout values based on how long you expect the activity to take. you do not need to provide domain.

124
Q

access RDS from an EC2 instance using IP address. Both are in the same region but different AZs. how to her configure the instance is accessed faster.

A

specify an IP range in RDS security group. recommends using the private IP address of the Amazon EC2 instance. this provides more direct network route from the amazon EC2 instance to the RDS DB instance. and does not incur network charges for the data sent outside of the amazon network.

125
Q

how to know accounts limits

A

as-describe-account-limits/ calling DescribeAccountLimits action

126
Q

hosting MS SQL on an EBS volume vs RDS

A

RDS provides an automated backup feature, PIOPS is available with both RDS and EBS. HA is not available with MS SQL.

127
Q

settingup an ELB, what to be considered so the instance gets registered with ELB

A

IP address.

128
Q

setting up an ELB, what to be considered so the instance gets registered with ELB

A

IP address.

129
Q

using RDS with MYSQL

A

RDS charges the user on a pay as you go basis. it charges the user based on the instance type, number of hours that the instance is running, data transfer, storage cost as well for the IO requests. the monitoring is free of cost.

130
Q

CloudFormation allows you to create Microsoft Windows stacks?

A

Yes. based on EC2 Windows AMIs and provides you with the ability to install software, to use remote desktop to access your stack, and to update and configure your stack.

131
Q

Can user get a notification of each instance start/terminate configured with auto scaling?

A

Yes if configured with the auto scaling group.

132
Q

to achieve automated scaling

A

EC2; cloudwatch will be used to monitor the resources and based on the scaling need it will trigger policies.

133
Q

Advantage of DynamoDB on SSD

A

low request pricing; serve high-scal request workloads; low-latency response time; high IO performance of SSD.(not WebApp)

134
Q

AWS can not assigh public IPs to network interface

A

yes. assign EIP.

135
Q

features supported by RDS

A

automated backup. automated failure detection and recovery;
automated software patching;
scaling is not automated and the user nneds to plan it with a few clicks.

136
Q

features can be used to restrict access to data in S3

A

set an S3 Bucket policy;

set an S3 ACL on the bucket or the object.

137
Q

configuring IAM policy from AWS console

A

use policy generator;
use custom policy;
assign no permission;
policy simulator is not available int eh console;

138
Q

products and features can be deployed by Elastic Beanstalk

A

auto scaling groups;
elastic Load Balancers;
RDS instance;

139
Q

AWS console for DynamoDB can not import data from other database or from files.

A

set up alarms to monitor table capacity usage;
create, … delete table;
View your table’s top monitoring metrics on real-time graphs from cloudwatch.

140
Q

How many workflow types, activity types, and domains can I register with Amazon SWF?

A

You can have a maximum of 10,000 workflow and activity types (in total) that are either registered or deprecated in each domain. You can have a maximum of 100 Amazon SWF domains (including registered and deprecated domains) in your AWS account.

141
Q

Are there limits on the number of workflow executions that I can run simultaneously?

A

At any given time, you can have a maximum of 100,000 open executions in a domain.

142
Q

Can data be saved when a stack is deleted in cloudformation?

A

AWS CloudFormation allows you to define deletion policies for resources in the template. You can specify that snapshots be created for Amazon EBS volumes or AmazonRDS database instances before they are deleted. You can also specify that a resource should be preserved and not deleted when the stack is deleted. This is useful for preserving Amazon S3 buckets when the stack is deleted.

143
Q

ListStackResources

A

Returns descriptions of all resources of the specified stack.

For deleted stacks, list-stack-resources returns resource information for up to 90 days after the stack has been deleted

144
Q

AWS OpsWorks

A

AWS OpsWorks is a configuration management service that uses Chef, an automation platform that treats server configurations as code. OpsWorks uses Chef to automate how servers are configured, deployed, and managed across your Amazon Elastic Compute Cloud (Amazon EC2) instances or on-premises compute environments. OpsWorks has two offerings, AWS Opsworks for Chef Automate, and AWS OpsWorks Stacks.

145
Q

CreatePlatformEndPoint

A

creates an endpoint for a device and mobile app on one of the supported push notification services, such as GCM and APNS. CreatePlatformEndpoint requires the PlatformApplicationArn that is returned from CreatePlatformApplication. The EndpointArn that is returned when using CreatePlatformEndpointcan then be used by the Publish action to send a message to a mobile app or by the Subscribe action for subscription to a topic.

146
Q

cloud resources powering my AWS Elastic Beanstalk application?

A

EC2, RDS, ELB, auto scaling, S3, SNS

147
Q

SNS APIs

A

CreateTopic – Create a new topic.
DeleteTopic – Delete a previously created topic.
ListTopics – List of topics owned by a particular user (AWS ID).
ListSubscriptionsByTopic – List of subscriptions for a particular topic
SetTopicAttributes – Set/modify topic attributes, including setting and modifying publisher/subscriber permissions, transports supported, etc.
GetTopicAttributes – Get/view existing attributes of a topic
AddPermission – Grant access to selected users for the specified actions
RemovePermission – Remove permissions for selected users for the specified actions

148
Q

Topic limit

A

10 million subscriptions per topic;

100,000 topics per account;

149
Q

SWF Limit

A

100 domains per account;

10,000 workflow and activity types in each domain.

150
Q

How can you ensure maximum protection of preserved versions in S3?

A

MFA

151
Q

REF function of AWS::EC2::EIP

A

returns instance public IP

152
Q

limit parameters in cloudformation template

A

60

153
Q

AWS Flow Framework

A

enables you to develop amazon SWF-based applications quickly and easily.

154
Q

open activity tasks per workflow execution in SWF

A

1000

155
Q

SWF

A

manage your workflow execution history and other details of your workflows across 3 availability zones.

156
Q

connection draining

A

time out value – 1 second to 1 hour; default 5 minutes.

157
Q

max subnets in a VPC

A

200