Set1(1-5) Flashcards
Q1: VPC Peering
allows you to connect two virtual private clouds (VPCs) within the same region or across different regions.
It is also possible to establish vpc peering between VPCs in one AWS account and another AWS account
Q1: VPC Gateway Endpoints
A VPC Gateway Endpoint is a type of AWS endpoint that enables you to privately access specific AWS services, such as Amazon S3 and Amazon DynamoDB, from within your Amazon Virtual Private Cloud (VPC) without requiring an internet gateway, NAT device, VPN connection, or a Direct Connect connection.
Q1: aws direct connect gateway
https://www.edge-cloud.net/content/uploads/2019/09/DXGW-BGP-Limits.pngWith Direct Connect Gateway, customers can create a central hub in their AWS environment that can serve as the entry and exit point for all data traffic going through their DX connection. This hub can then be used to connect multiple VPCs or AWS accounts to the DX connection, enabling secure and high-bandwidth connectivity between these resources and on-premises infrastructure
https://www.edge-cloud.net/content/uploads/2019/09/DXGW-BGP-Limits.png
Q2: Internet Gateway
An Internet Gateway is used to allow traffic to flow between a VPC and the Internet. When a resource in a VPC needs to communicate with the internet, the traffic is routed to the Internet Gateway which then forwards the traffic to the internet. Similarly, when the internet sends traffic to a resource in the VPC, the traffic is first sent to the Internet Gateway which then forwards the traffic to the appropriate resource in the VPC.
Q2: NAT Gateway
NAT Gateway provides internet connectivity to resources in a private subnet within a VPC. When a resource in a private subnet needs to access the internet, the traffic is routed to the NAT Gateway which then forwards the traffic to the internet on behalf of the resource. The NAT Gateway translates the private IP addresses of the resources in the private subnet to a public IP address before forwarding the traffic to the internet. This allows the resources in the private subnet to communicate with the internet while keeping their private IP addresses hidden.
a NAT (Network Address Translation) gateway is designed to provide outbound traffic for resources in a private subnet within a VPC (Virtual Private Cloud) in AWS (Amazon Web Services) or other cloud providers. In other words, it allows resources in a private subnet to connect to the internet or other external services.
For inbound traffic, you typically use an Elastic Load Balancer or an Application Load Balancer to distribute incoming traffic to resources in a VPC. Alternatively, you can use a firewall, such as AWS Security Groups or Network Access Control Lists (ACLs), to control inbound traffic to resources in a private subnet.
It’s important to note that while a NAT gateway can’t provide inbound traffic, it does allow resources in a private subnet to receive responses to their outbound requests. This is because the NAT gateway translates the private IP addresses of the resources to a public IP address that’s routable on the internet.
Q4: Amazon Kinesis
It enables you to ingest, buffer, and process streaming data in real-time. kinesis can handle any amount of streaming data and process the data from hundreds of thousands of resources with very low latency
Q4: AWS API Gateway
AWS API Gateway is a fully managed service that enables developers to create, publish, and manage APIs at scale. It provides a way for developers to create APIs that integrate with backend services such as Lambda functions, EC2 instances, or any HTTP endpoint.
Q5: io1 volume
Provisioned IOPS SSD or io1 volume
is designed for high-performance applications requiring high I/O operations per second (IOPS), low latency, and consistent performance. used for critical workloads such as large database applications, OLTP (Online Transaction Processing) systems, and data warehousing
Q5: nitro based ec2 instance
Nitro-based EC2 instances are a newer generation of Amazon EC2 instances that are built on a Nitro system architecture. This architecture uses lightweight, high-performance Nitro cards to offload virtualization functions from the main processor, allowing for higher performance and better security.
Some of the benefits of Nitro-based EC2 instances include:
1-Improved performance: Nitro-based instances provide faster network and storage
performance compared to previous generation instances.
2-Better security: The Nitro security model uses hardware-based root of trust to protect against unauthorized access and tampering.
3-Greater flexibility: Nitro-based instances are designed to support a range of instance types and configurations, including instances with local NVMe-based SSDs.
4-Increased innovation: The Nitro system architecture allows AWS to rapidly innovate and add new features to EC2 instances without impacting performance.
