SAA - Udemy Review Flashcards
What are Application Load Balancers good for?
Micro Services & Container-based applications like Docker and Amazon ECS
The port mapping features helps to redirect to dynamic ports in ECS. If Classic Load Balancer was used, we’d need one per application so ALB is a better choice.
What is the port for FTP?
21
What is the port for SSH?
22
What is the port for SFTP?
22
What is the port for HTTP?
80
What is the port for HTTPS?
443
What are the database ports?
PostgreSQL: 5432 MySQL: 3306 Oracle RDS: 1521 MSSQL Server: 1433 MariaDB: 3306 AuroraPostgreSQL: 5432 AuroraMySQL: 3306
Which RDS feature when used does not require you to change SQL connection string regardless of which database is up?
Multi-AZ
If you don’t want to enable sticky sessions on your ALB in fear that it will overload some EC2 instances and you have an Auto Scaling Group behind an ALB with a fleet of EC2 instances, what should you do?
Store session data in ElastiCache to ensure different EC2 instances can retrieve user state if needed
What allows you to have a replica of your database in a different AWS region in case of a disaster?
Aurora Global Database
How can you enhance security of ElastiCache Redis cluster by forcing users to enter a password when they connect?
Use Redis Auth
In case of a regional outage for RDS PostgreSQL database so that DB is made available for both read and write workloads in another AWS region where the DR is highly available, what do you recommend?
Create a read replica in a different region and enable Multi-AZ on the read replica.
Which uses sync and async replication between RDS Read Replicas and Multi-AZ?
RR uses Async replication and Multi-AZ uses Sync replication
How many read replicas can you have for your RDS database?
5
Which RDS db does not support IAM db auth?
Oracle
How many Aurora read replicas can you have in a single Aurora DB cluster?
15
Aurora supports which DBs?
PostgreSQL and MySQL
What is an effective and highly available solution for a gaming leaderboard that is ranked in real-time?
ElastiCache for Redis - Sorted Sets
What is the A R53 recrod tyep?
maps host name to IPv4
What is AAAA?
maps host name to IPV6
What does CNAME do?
Map hostname to another hostname with an A or AAAA record
What is NS?
Name servers for hosted zone that controls traffic
What are the 3 types of health checks via route 53?
Monitor an endpoint (app, server, other AWS resource)
Monitor other health checks (calculated health checks)
Monitor CloudWatch alarms (full control) and is useful for private resources
How do monitoring endpoint healthchecks look?
15 health checkers
3 healthy/unhealthy threshold as default
30 second interval
Supporting HTTP and HTTPs and TCP protocols
If >18% it’s healthy, otherwise unhealthy
Can pass based on status code
Pass based on text in first 51020 bytes of response
Need to configure router/firewall to allow incoming requests
What are calculated health checks?
Can combine child healthchecks with OR, AND, NOT
Monitor up to 256 child health checks
Specify how many need to pass for this “parent” healthcheck to pass
What are thalth checks for private hosted zones?
R53 lives outside of VPC generally and can’t access private endpoints
However, if a cloudwatch metric and cloudwatch alarm is associated, then health check can check the alarm
If purchasing domain on 3rd party registrar, how to use R53 through amazon?
Create a public hosted zone
Update the 3rd party registrar NS records (namespace)
Can a healthcheck monitor an SQS queue for R53?
No it cannot
How to instantiate EC2 instances quickly?
Create golden AMI with applications, OS dependencies, etc.
Add a few small things to user data
Mix golden AMI + user data to instantiate quickly
How to instantiate RDS databases quickly?
Restore the database from a snapshot so all schemas and data are ready
How to instantiate EBS volumes?
Restore from a snapshot so that the disk is formatted and has data
What are the components of Beanstalk?
Aplications
Application Version
Environment with aws resources running an app version
Tiers: web server or worker environment
What is the process for beanstalk?
Create application Upload version launch environment manage environment repeat when versions are updated
What are web server tiers?
Traditional architecture with load balancer and ASG with multiple EC2 instances.
What are worker environment tiers?
No client accessing EC2 instance, instead there is an SQS queue where the instances are workers that are pulling messages to process them. Can have the web environment push messages into the worker environment.
What are the components of an S3 bucket policy?
Version and statement at the top level.
Within the statement: SID Effect Principal Action [] Resource []
What are the block public access options?
New ACLs
Any ACLs
New public bucket or access point policies
ANY public bucket or access point policies
Does an explicit deny in an IAM policy take precedence over an S3 bucket policy?
Yes
What is the default port for HTTPS, HTTP?
443, 80
What is the metadata URL?
http://169.254.169.254/latest/meta-data/
What are the 3 retrieval options for Amazon Glacier?
Expedited - 1-5 minutes
Standard - 3-5 hours
Bulk - 5-12 hours
What is the minimum storage duration for Amazon Glacier/DeepArchive?
90/180 days
What are the retrieval options for Amazon Glacier Deep Archive?
Standard - 12 hours
Bulk - 48 hours
