Set1(21-25) Flashcards
Q21: AWS resource-based policies
AWS resource-based policies are a type of access policy that can be attached to a resource in AWS. These policies define the permissions that are granted to AWS principals (such as IAM users, groups, and roles) to access the resource.
Resource-based policies are different from identity-based policies, which are attached to a principal and define what actions that principal can perform on resources.
Resource-based policies can be used to grant access to a wide variety of AWS resources, such as S3 buckets, Lambda functions, and KMS keys. They are created using JSON, and the policy statement consists of an effect (allow or deny), a principal (the AWS account, IAM user, group, or role that the policy applies to), an action (the specific operation that is allowed or denied), and a resource (the AWS resource that the policy applies to).
For example, a resource-based policy attached to an S3 bucket can allow access to a specific IAM user to upload objects to that bucket, while denying access to another IAM user to delete objects from the same bucket.
Resource-based policies provide a flexible and fine-grained way to manage access to AWS resources.
Q23: managed services
the more from manged services you use the simple your oparetions will be z.b using autoscaling instead of manually add ec2
Q24: AWS Direct Connect
AWS Direct Connect is a service offered by Amazon Web Services (AWS) that provides a dedicated network connection from a customer’s on-premises infrastructure to AWS. This enables customers to establish a private, high-bandwidth, low-latency connection to AWS, which can be used to access AWS services such as Amazon Elastic Compute Cloud (EC2), Amazon Virtual Private Cloud (VPC), and Amazon Simple Storage Service (S3), among others.
With AWS Direct Connect, customers can establish a dedicated network connection from their data center, office, or colocation environment to AWS.
Q25: route 53 Geolocation VS Geoproximity
Geolocation routing policy allows you to route traffic to resources based on the geographic location of the end user. You can define geolocation rules that map to specific resources based on the country, continent, or state of the end user. This is a simple and effective way to route traffic based on the user’s location, but it doesn’t take into account the distance or network latency between the end user and the resources.
On the other hand, Geoproximity routing policy is a more advanced routing policy that allows you to route traffic based on the geographic location of your users and the location of your resources, as well as the proximity between them. With Geoproximity, you can create routing rules that are based on the geographic location of your users and resources, as well as the proximity between them
Q26: EC2 Hibernate state
EC2 Hibernate is a feature that allows you to pause and resume your EC2 instances, without terminating or stopping them. When an EC2 instance is hibernated, its current state, including the contents of its RAM, is saved to the instance’s root EBS volume. This allows you to resume the instance from where it left off, without having to start it up and restore its state manually.
When you hibernate an EC2 instance, the contents of its RAM are written to the instance’s root EBS volume, and then the instance is stopped. The state of the instance, including the instance ID, IP address, and other metadata, is preserved. When you resume the instance, the contents of its RAM are read from the EBS volume, and the instance is started up from its previous state.
