Services and more Flashcards
What is the usable HDD Storage for:
- Snowcone
- Snowball
- Snowmobile
- Snowcone: 8 TB
- Snowball: 80 TB
- Snowmobile: 100 PB
Explain Route 53 Simple routing policy
Use for a single resource that performs a given function for your domain, for example, a web server that serves content for the example.com website. You can use simple routing to create records in a private hosted zone.
Explain Route 53 Failover routing policy
Use when you want to configure active-passive failover. You can use failover routing to create records in a private hosted zone.
Explain Route 53 Geolocation routing policy
Use when you want to route traffic based on the location of your users. You can use geolocation routing to create records in a private hosted zone.
Explain Route 53 Geoproximity routing policy
Use when you want to route traffic based on the location of your resources and, optionally, shift traffic from resources in one location to resources in another.
(Uses bias to set a weight)
Explain Route 53 Latency routing policy
Use when you have resources in multiple AWS Regions and you want to route traffic to the region that provides the best latency. You can use latency routing to create records in a private hosted zone.
Explain Route 53 IP-based routing policy
Use when you want to route traffic based on the location of your users, and have the IP addresses that the traffic originates from.
Explain Route 53 Multivalue routing policy
Use when you want Route 53 to respond to DNS queries with up to eight healthy records selected at random. You can use multivalue answer routing to create records in a private hosted zone.
Explain Route 53 Weighted routing policy
Use to route traffic to multiple resources in proportions that you specify. You can use weighted routing to create records in a private hosted zone.
Explain CIDR range 192.168.10.255/32
/32 means that that the IP range selected only a single IP address 192.168.10.255
+0.0.0.0
addresses: 1 = 2 to the 0
Explain CIDR range 192.168.10.255/31
/31 means that that the IP range selected only 2 IP addresses 192.168.10.254 and 192.168.10.255
+0.0.0.1
addresses: 2 = 2 to the first
Explain CIDR range 192.168.10.255/30
/30 means that that the IP range selected only 4 IP addresses 192.168.10.252, 192.168.10.253, 192.168.10.254 and 192.168.10.255
+0.0.0.3
addresses: 4 = 2 to the second
Explain CIDR range 192.168.10.255/24
/24 means that that the IP range selected only 4 IP addresses 192.168.10.0 to 192.168.10.255
+0.0.0.255
addresses: 256 = 2 to the eight
What is AWS Proton?
AWS Proton allows you to deploy any serverless or container-based application with increased efficiency, consistency, and control
Is it possible to assign an Elastic IP to an Application Load Balancer?
No
Name 3 types of Network Adapters
- ENI - basic type
- ENA - for enhanced networking, high bandwidth and low latency
- EFA (fabric adapter) - for high performance computing
Can an ASG with predictive scaling policy contains instances of different types and sizes?
No. Predictive scaling assumes that your Auto Scaling group is homogenous, which means that all EC2 instances are of equal capacity.
Using the default settings, which will be the first instance that will be terminated when the scale-in policy triggers?
The EC2 instance launched from the oldest launch configuration
In Auto Scaling, the following statements are correct regarding the cooldown period.
- It ensures that the Auto Scaling group does not launch or terminate additional EC2 instances before the previous scaling activity takes effect.
- Its default value is 300 seconds.
- It is a configurable setting for your Auto Scaling group.
What can you do to create an asynchronous copy of a S3 bucket?
Enable Replication. Either Cross-Region Replication (CRR) or Same-Region Replication (SRR). Buckets can be in different AWS accounts. Ensure versioning is enabled and to give S3 proper IAM permissions.
What are use-cases for using S3 Pre-Signed URLs?
- Give someone temporary access to a file in a private bucket.
- Allow only logged in users to download premium content.
- Allow a user to upload a file to a bucket for temporary time.
A company is hosting a static website on S3. The assets are hosted from a different S3 bucket. The website is not displaying the images. What can be the cause?
CORS is probably not enabled on the assets bucket, so the CORS headers are not sent as a response to the preflight request.
Which service can be used to perform a lift-and-shift migration to the cloud?
AWS Application Migration Service (AWS MGN) is the primary migration service recommended for lift-and-shift migrations to AWS
What’s the difference between Amazon S3 server access logs and CloudTrail Logs?
AWS CloudTrail logs provide a record of actions taken by a user, role, or an AWS service in Amazon S3, while Amazon S3 server access logs provide detailed records for the requests that are made to an S3 bucket.
What’s the difference between the Personal Health Dashboard and the Service Health Dashboard?
The Personal Health Dashboard shows the health of the services used in your account while the Service Health Dashboard shows the health of the services within AWS for all customers.
Which service can be used to extract text from PDF documents saved on S3?
Amazon Textract
What is AWS Trusted Advisor?
AWS Trusted Advisor is an online tool that provides you with real-time guidance to help you provision your resources following AWS best practices. It inspects your AWS environment and makes recommendations for saving money, improving system performance and reliability, or closing security gaps.
You need to create a subnet that can contain 64 instances in the range 10.0.0.0. How do you define the CIDR?
10.0.0.0/25 = 128 addresses - 5 = 123, leaves enough room for 64 instances.
10.0.0.0/26 would give us 64 addresses, but since AWS preserves 5 of them, it’s not enough to hold 64 instances.
What’s the difference between VPC Endpoint types Interface Endpoint (PrivateLink) and Gateway Endpoint?
Gateway Endpoints can only be used for S3 and DynamoDB.
Gateway Endpoints are easy to use as it’s just a change in the route table.
Interface Endpoints provision an ENI (private IP address) as entry point and support most AWS services.
What do you need to create a VPN from your on-premise site to AWS?
- Define Customer Gateways in AWS (Referring to the gateway on your on-premise site)
- Define a Virtual Private Gateway in AWS (Referring to the VPC in AWS)
- Then connect both Site-to-Site VPN Connections
How can we establish a high resilient private connection from an on-premise data center to a AWS?
Setup 2 (multiple) Direct Connect locations. The downside is that direct connect can take months to setup and is expansive.
How can we establish a maximum resilient private connection from an on-premise data center to a AWS?
Setup 2 (multiple) Direct Connect locations with multiple connections. The downside is that direct connect can take months to setup and is expansive.
What can we use as a backup connection from our on premise data center to AWS if we already have Direct Connect?
Use a Site-to-Site VPN connection as a backup. This is using the public internet so the stability should be more reliable than a private connection.
What is the minimum storage duration of Amazon S3 Standard-IA and One Zone IA?
30 days
What is the minimum storage duration of Amazon S3 Glacier Deep Archive
180 days
What are the benefits of using IAM database authentication?
– Network traffic to and from the database is encrypted using Secure Sockets Layer (SSL).
– You can use IAM to centrally manage access to your database resources, instead of managing access individually on each DB instance.
– For applications running on Amazon EC2, you can use profile credentials specific to your EC2 instance to access your database instead of a password, for greater security
Amazon Athena supports a wide variety of data formats like CSV, JSON, .. Which format can give better query performance?
Apache Parquet
How can you invoke a Lambda function from Amazon Aurora?
You can invoke an AWS Lambda function from an Amazon Aurora MySQL-Compatible Edition DB cluster with a native function or a stored procedure.
How can we store objects in S3 using a WORM model?
With S3 Object Lock, you can store objects using a write-once-read-many (WORM) model
A simplified alternative to SQS?
Amazon Simple Workflow (SWF) is a web service that makes it easy to coordinate work across distributed application components.
What is AWS Control Tower?
AWS Control Tower provides a single location to easily set up your new well-architected multi-account environment and govern your AWS workloads with rules for security, operations, and internal compliance.
What is the minimum and maximum retention period for an SQS message?
In Amazon SQS, you can configure the message retention period to a value from 1 minute to 14 days. The default is 4 days. Once the message retention limit is reached, your messages are automatically deleted.
IAM database authentication is supported for?
MySQL and PostgreSQL database engines
Explain the Lambda Limits?
Function memory allocation : 128 MB to 10,240 MB, in 1-MB increments.
Function timeout : 900 seconds (15 minutes)
Package size : 50mb zipped, 250mb unzipped
Function layers : 5 layers
Function burst concurrency : 500 - 3000 (varies per Region)
