Services Flashcards by David Hanks

How are Linux EC2 instances billed?

billed per second.
1 minute minimum

https://aws.amazon.com/blogs/aws/new-per-second-billing-for-ec2-instances-and-ebs-volumes/

How well did you know this?

Not at all

Perfectly

What is Amazon Macie?

a fully managed data security and data privacy service that uses machine learning and pattern matching to discover and protect your sensitive data in AWS.

How well did you know this?

Not at all

Perfectly

What is AWS Glue?

AWS Glue is a fully managed extract, transform, and load (ETL) service that makes it easy for customers to prepare and load their data for analytics. AWS Glue job is meant to be used for batch ETL data processing.

How well did you know this?

Not at all

Perfectly

What is Amazon Polly?

Amazon Polly is a service that turns text into lifelike speech

How well did you know this?

Not at all

Perfectly

What is AWS Secrets Manager?

AWS Secrets Manager helps you protect secrets needed to access your applications, services, and IT resources. The service enables you to easily rotate, manage, and retrieve database credentials, API keys, and other secrets throughout their lifecycle.

How well did you know this?

Not at all

Perfectly

What is the AWS Marketplace?

AWS Marketplace is a digital catalog with thousands of software listings from independent software vendors that make it easy to find, test, buy, and deploy software that runs on AWS. The AWS Marketplace enables qualified partners to market and sell their software to AWS Customers.

AWS Marketplace offers two ways for sellers to deliver software to customers: Amazon Machine Image (AMI) and Software as a Service (SaaS).

https://aws.amazon.com/partners/aws-marketplace/

How well did you know this?

Not at all

Perfectly

AWS CloudFormation

…provides a common language to model and provision AWS and third-party application resources in your cloud environment.

…allows you to use programming languages or a simple text file to model and provision, in an automated and secure manner, all the resources needed for your applications across all Regions and accounts

How well did you know this?

Not at all

Perfectly

AWS Database Migration Service

AWS DMS helps users migrate databases to AWS quickly and securely. The source database remains
fully operational during the migration, minimizing downtime to applications that rely on the database. AWS DMS can migrate data to and from most widely used commercial and open-source databases.

How well did you know this?

Not at all

Perfectly

Amazon VPC

Amazon Virtual Private Cloud lets users provision a logically isolated section of the AWS Cloud where users can launch AWS resources in a virtual network that they define.

How well did you know this?

Not at all

Perfectly

Amazon CloudFront

To deliver content to users with lower latency, Amazon CloudFront uses a global network of points of
presence (edge locations and regional edge caches) worldwide

How well did you know this?

Not at all

Perfectly

AWS CloudTrail

AWS CloudTrail helps users enable governance, compliance, and operational and risk auditing of their
AWS accounts. Actions taken by a user, role, or an AWS service are recorded as events in CloudTrail. Events include actions taken in the AWS Management Console, AWS Command Line Interface (CLI), and AWS SDKs and APIs.

How well did you know this?

Not at all

Perfectly

AWS OpsWorks

AWS OpsWorks is a configuration management service that provides managed instances of Chef and Puppet.

How well did you know this?

Not at all

Perfectly

AWS CodeDeploy

AWS CodeDeploy is a service that automates code deployments to any instance, including EC2 instances and instances running on premises

How well did you know this?

Not at all

Perfectly

AWS Trusted Advisor

AWS Trusted Advisor is an online tool that provides you real-time guidance to help you provision your resources following AWS best practices on cost optimization, security, fault tolerance, service limits, and performance improvement.

How well did you know this?

Not at all

Perfectly

Storage Classes

S3 Standards
S3 Intelligent-Tiering
S3 Standard-IA
S3 One Zone-IA
S3 Glacier
S3 Glacier Deep Archive
S3 Outposts
https://aws.amazon.com/s3/storage-classes/

How well did you know this?

Not at all

Perfectly

AWS Budgets

AWS Budgets gives the ability to set custom budgets that alert you when your costs or usage exceed (or are forecasted to exceed) your budgeted amount. You can also use AWS Budgets to set reservation utilization or coverage targets and receive alerts when your utilization drops below the threshold you define.

How well did you know this?

Not at all

Perfectly

List AWS Support Plans

Developer
Business
Enterprise

How well did you know this?

Not at all

Perfectly

What is available with the Developer Support Plan

Trusted Advisor 7 core checks
email Tech support during business hours
response < 24 hrs or <12 hrs for system impaired

How well did you know this?

Not at all

Perfectly

What is available with the Business Support Plan

Developer support plan plus,
+ Trusted Advisor full set of checks
+ email, phone, & chat 24x7 support
+ response general < 24hr, system impaired < 12 hrs, production system impaired < 4 hrs, production down < 1 hr

How well did you know this?

Not at all

Perfectly

What is available with Enterprise Support Plan

Business support plan plus,
\+ response Business-critical system down < 15 min
\+ Technical Account Manager
\+ online self-paced labs
\+ Concierge Support team

How well did you know this?

Not at all

Perfectly

Vertical Scaling

Vertical Scaling is adding more resources (like CPU, RAM) to a single node or machine. Example- Resizing an instance of EC2.

How well did you know this?

Not at all

Perfectly

Horizontal Scaling

A “horizontally scalable” system is one that can increase capacity by adding more computers to the system.

How well did you know this?

Not at all

Perfectly

Cost Explorer

AWS Cost Explorer has an easy-to-use interface that lets you visualize, understand, and manage your AWS costs and usage over time. AWS Cost Explorer includes a default report that helps you visualize the costs and usage associated with your top five cost-accruing AWS services, and gives you a detailed breakdown of all services in the table view.

How well did you know this?

Not at all

Perfectly

What are some advantages of Cloud Computing

+Trade capital expense for variable expense
+Benefit from massive economies of scale
+Stop guessing at capacity
+Increase speed and agility
+Stop spending money running and maintaining data centers
+Go global in minutes

How well did you know this?

Not at all

Perfectly

AWS Artifact

AWS Artifact is your central resource for compliance-related information

EFS

Elastic File System is a network storage that can be concurrently-accessible for up to thousands of Amazon EC2 instances across multiple Availability zones.

AWS CloudHSM

AWS CloudHSM is a cloud-based Hardware Security Module (HSM) that enables you to easily generate and use your encryption keys on the AWS Cloud.

Network Load Balancer

distributes TCP/UDP & TLS traffic, does not scale resources.

Auto Scaling

Auto Scaling automatically adds or removes EC2 instances based on demand. It helps you ensure that you have the correct number of Amazon EC2 instances available to handle the load for your application.

Amazon Inspector

inspects EC2 instances for security issues such as operating system patches, known vulnerabilities, and common issues. https://aws.amazon.com/inspector/

AWS Systems Manager

Systems Manager allows you to group resources, like Amazon EC2 instances, Amazon EKS clusters, Amazon S3 buckets, or Amazon RDS instances, by application, view operational data for monitoring and troubleshooting, implement pre-approved change work flows, and audit operational changes for your groups of resources

AWS X-Ray

You can use AWS X-Ray to analyze and debug serverless and distributed applications such as those built using a microservices architecture.

AWS Elastic Beanstalk

AWS Elastic Beanstalk is an easy-to-use service for deploying and scaling web applications and services you retain full control over the AWS resources powering your application and can access the underlying resources at any time. There is no additional charge for Elastic Beanstalk

AWS Storage Gateway

AWS Storage Gateway is a hybrid cloud storage service that connects your existing on-premises environments with the AWS Cloud.

AWS Direct Connect

a physical dedicated private connection from a remote network to your VPC. takes a month to establish

AWS Service Health Dashboard

AWS Service Health Dashboard publishes most up-to-the-minute information on the status and availability of all AWS services

EFS stands for

Elastic File System

Where can an EFS be used?

AWS Cloud Services | On premises

How large can EFS storage scale?

can easily scale to petabytes of data.

Where can an EFS be mounted?

EFS file system can be mounted on instances across multiple Availability Zones.

Where can an EBS be mounted?

EBS volume can be mounted to a single instance in the same Availability Zone.

Which AWS Support plans provide access to guidance, configuration, and troubleshooting of AWS interoperability with third-party software?

Business and Enterprise

Which service allows you to automate the evaluation of recorded configurations against desired configurations.?

AWS Config

Which service continuously monitors and records your AWS resource configurations?

AWS Config

Which service enables governance, compliance, operational auditing, and risk auditing of your AWS account?

AWS CloudTrail

Which service can log, continuously monitor, and retain account activity related to actions across your AWS infrastructure?

AWS CloudTrail

Which service provides event history of your AWS account activity, including actions taken through the AWS Management Console, AWS SDKs, command-line tools, and other AWS services.

CloudTrail

Which service provides data and actionable insights to monitor applications, respond to system-wide performance changes, optimize resource utilization, and get a unified view of operational health.

CloudWatch

Which service provides real-time guidance to help you provision your resources following AWS best practices on cost optimization, security, fault tolerance, service limits, and performance improvement.

AWS Trusted Advisor

Which service monitors malicious activity and unauthorized behavior to protect your AWS account?

GuardDuty

Which service analyzes billions of events across your AWS accounts from AWS CloudTrail (AWS user and API activity in your accounts), Amazon VPC Flow Logs (network traffic data), and DNS Logs (name query patterns).

GuardDuty

Note differences between Dedicated Hosts and Dedicated Instances.

Host provides visibility of sockets, cores, and host ids Host provides visibility and control over how instances are physically placed in a server https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/dedicated-hosts-overview.html

Which storage type is located on disks that are physically attached to the host computer.

Instance Store

Which storage type is good option when you need storage with very low latency, but you don't need the data to persist when the instance terminates

Instance Store

Which service provides a highly available, durable, secure, fully managed pub/sub messaging service that enables you to decouple microservices, distributed systems, and serverless applications.

Amazon Simple Notification Service (SNS)

With this service, you can send, store, and receive messages between software components at any volume, without losing messages or requiring other services to be available.

Amazon Simple Queue Service (SQS)

Which service is a fully managed message queuing service that enables you to decouple and scale microservices, distributed systems, and serverless applications.

Amazon Simple Queue Service (SQS)

Which service automates application deployments to Amazon EC2 instances, on-premises instances, serverless Lambda functions, or Amazon ECS services?

CodeDeploy

Which organization is a global team of experts that can help you realize your desired business outcomes when using the AWS Cloud.

AWS Professional Services

a solution that helps customers more quickly set up a secure, multi-account AWS environment based on AWS best practices.

AWS Landing Zone

This service lets you coordinate multiple AWS services into serverless workflows.

AWS Step Function

These are Compute Serverless Services

Lambda | Fargate

Serverless services for Application Integration

``` Eventbridge Step Functions SQS SNS API Gateway AppSync ```

Serverless data storage

S3 DynamoDB Aurora RDS Proxy

Hows long does it take to setup an AWS Direct Connection?

at least 1 month

What 2 purposes does an internet gateway serve?

+ provide a target in your VPC route tables for internet-routable traffic. + perform network address translation for instances.

On the OSI internet model what is available on layer 7?

The application layer, which includes HTTP and HTTPS requests.

The transport layer includes these protocols

TCP, UDP

In the OSI model what is layer 4?

The transport layer (TCP, UDP)

In the OSI model what is layer 3?

The network layer. | This layer decides which physical path data will take when it moves on the network.

AWS Shield offers protection at which network layer

Layer 3, the network layer & Layer 4, The transport layer

Which is considered the transport layer

Layer 4

What percent of durability does Amazon S3 offer?

99.999999999% (11 9's)

What is the cost for transferring data between AWS services within a region?

data transfer between AWS services within the same region is not charged

What is the max % discount of a Reserved EC2 instance vs an on-demand EC2 instance?

75%

What is the max % discount of a Spot EC2 instance vs an on-demand EC2 instance?

90%

AWS Budgets gives you the ability to set reservation alerts for which services?

``` EC2, RDS, Redshift, ElastiCache, Elasticsearch ```

Which service allows you to set reservation utilization or coverage targets and receive alerts when your utilization drops below the threshold you define.

AWS Budgets

Which service provides an estimate of usage charges for AWS services?

Simple Monthly Calculator

Infastructure as a Service (IaaS) provides access to

networking features, computers, and data storage space.

Platform as a Service (PaaS) example

AWS Beanstalk

AWS will provide Interoperability and configuration guidance and troubleshooting for 3rd party software for which support plan(s)

Business & Enterprise

two types of VPC endpoints

interface endpoints | gateway endpoints

define an interface endpoint

an elastic network interface with a private IP address from the IP address range of your subnet that serves as an entry point for traffic destined to a supported service.

define a gateway endpoint

a gateway that you specify as a target for a route in your route table for traffic destined to a supported AWS service.

Which AWS services support VPC gateway endpoints?

Amazon S3 | DynamoDB

Which layers does AWS Shield Advanced includes intelligent DDoS attack detection and mitigation for?

``` Layer 3 (Network) Layer 4 (Transport) Layer 7 (Application) ```

AWS Shield Advanced provides expanded DDoS attack protection for web applications running on which resources?

``` EC2 ELB CloudFront Route53 Global Accelerator ```

Which support plan(s) offer a response to an impaired system of 12 hrs

Developer Business Enterprise

Which support plan(s) offer a response time of 15 min for business-critical system down?

Enterprise

Which support plan(s) offer a response time of 4 hrs for an impaired production system.

Business | Enterprise

Which support plan(s) offer AWS Support API?

Business | Enterprise

Which support plan(s) offer Infrastructure Event Managment

Business - for fee | Enterprise - for free

What are the available EC2 instance types?

On-demand Reserved Spot Instances Dedicated Hosts

Which type of EC2 instance offers up to 75% savings over on-demand instances?

Reserved Instances

Which type of EC2 instance offers up to 90% savings over on-demand instances?

Spot Instances

This type of EC2 instances is most useful for workloads that are resilient to failure. Such as, Batch jobs, data analysis, image processing, distributed workloads, workloads with flexible start/stop times.

EC2 Spot Instances

What are examples of workloads that are resilient to failure?

``` Batch jobs, data analysis, image processing, distributed workloads, workloads with flexible start/stop times. ```

Which type of EC2 instance is a physical server?

Dedicated Host

When is an EC2 dedicated host useful?

address compliance issues | utilize existing server-bound software license

Which type of EC2 instance utilizes hardware dedicated to your account alone, but may share the hardware with other instance in your account

Dedicated Instance

What is meant by a services elasticity?

The ability of the service to scale up and down based on demand

What are the 3 types of Elastic Load Balancers and what Layer do they support?

- Application LB (HTTP - Layer 7) - Network LB (TCP - Layer 4) - Classic LB (old)

Which AWS service is a fully-managed petabyte-scale cloud-based data warehouse product designed for large scale data set storage and analysis?

Redshift

Which service automatically assesses applications for exposure, vulnerabilities, and deviations from best practices?

Amazon Inspector

____________ is an automated security assessment service that helps improve the security and compliance of applications deployed on your Amazon EC2 instances.

Amazon Inspector

____________ is a threat detection service that monitors malicious activity and unauthorized behavior to protect your AWS account.

Amazon GuardDuty

Which service analyzes billions of events across your AWS accounts from AWS CloudTrail, Amazon VPC Flow Logs, and DNS Logs?

Amazon GuardDuty

___________ is a managed Distributed Denial of Service (DDoS) protection service that safeguards applications running on AWS.

AWS Shield

________________ provides a unified user interface so you can view operational data from multiple AWS services and allows you to automate operational tasks across your AWS resources

AWS Systems Manager

Which service gives you visibility and control of your infrastructure on AWS?

AWS Systems Manager

Sort in order of size: Data centers, Regions, Availability Zones

Regions - consists of multiple isolated AZs AZ - is a group of Data Centers Data Centers

What is AWS Wavelength?

AWS infrastructure deployments that embed AWS compute and storage services at the edge of the 5G networks.

How many Regions, Availability Zones and Points of Presence exist?

24 Regions, 77 AZs, 220+ Points of Presence

These services support reservations:

``` EC2, DynamoDB, ElastiCache, RDS, Redshift ```

________ provides an event history of your AWS account activity, including actions taken through the AWS Management Console, AWS SDKs, command-line tools, and other AWS services.

CloudTrail

Which service enables you to assess, audit, and evaluate the configurations of your AWS resources?

AWS Config

_________ provides data and actionable insights to monitor applications, respond to system-wide performance changes, optimize resource utilization, and get a unified view of operational health.

CloudWatch

_________ is an online tool that provides you real-time guidance to help you provision your resources following AWS best practices on cost optimization, security, fault tolerance, service limits and performance improvement.

AWS Trusted Advisor

Which service includes performance monitoring, events, and alerts;

CloudWatch.

Which service provides account-specific activity and audit?

CloudTrail

Which service provides resource-specific change history, audit, and compliance?

Config

Which services have encryption enabled by default?

Cloudtrail Logs Storage Gateway S3 Glacier

Use ________________ to store, rotate, monitor, and control access to secrets such as database credentials, API keys, and OAuth tokens.

Secrets Manager

What does the Network ACL (NACL) protect?

a VPC subnet

What does a Security group protect

ENI or EC2

This firewall can have Allow and Deny rules

Network ACL

This firewall for EC2s can only have Allow rules

Security Group

A Network ACL can have (Allow/Deny/Both) rules

Both, Allow and Deny