Set1(56-65)

Question 1

Q56: Decoupling Techincs

Answer 1

• SQS
• SNS
• Amazon EventBridge

MQ is used for Legacy apps being migrated to AWS, for Cloud native apps , it is better we use SQS

Question 2

Q57: Types of vpc endpoints

Answer 2

VPC endpoints are virtual devices that enable you to privately access AWS services from your VPC without using public IPs or NAT devices1. There are two types of VPC endpoints:

1. Interface endpoints: These are powered by AWS PrivateLink and are used to access services over the public internet. They are elastic network interfaces with private IPs from your subnet that serve as entry points for traffic destined to a supported service.
2. Gateway endpoints: These are used to access services in the same region, such as Amazon S3 or DynamoDB. They add an entry to your route table and route the traffic to the supported services through Amazon’s private network.

Question 3

Q58: AWS SCP (Service Control Policy)

Answer 3

AWS SCP stands for AWS Service Control Policies. These are a set of rules that allow you to set permissions on the AWS resources that are being used for all AWS accounts within your AWS Organization. You can use SCPs to ensure that your accounts adhere to your company’s security policies and prevent unauthorized actions. SCPs are only available in organizations where all features are enabled.

SCPs are similar to IAM permission policies and use almost the same syntax. However, an SCP never grants permissions. Instead, SCPs specify the maximum permissions for the affected accounts. You can attach SCPs to organizational units (OUs), accounts, or the entire organization root.

Question 4

5Q60: aws elastic fiber optic usecases

Answer 4

AWS Elastic Fabric Adapter (EFA) is a network interface for Amazon EC2 instances that enables customers to run applications requiring high levels of inter-node communications at scale on AWS. It supports multiple communication libraries such as Message Passing Interface (MPI), NVIDIA Collective Communications Library (NCCL), and AWS Ofi Libfabric

• .High Performance Computing (HPC): EFA can accelerate HPC applications such as computational fluid dynamics, weather modeling, reservoir simulation, etc. by reducing latency and increasing throughput.
• .Machine Learning (ML): EFA can speed up ML training and inference workloads such as natural language processing, computer vision, speech recognition, etc. by enabling efficient distributed training across multiple GPU instances

Question 5

Q61: aws global accelerator

Answer 5

AWS Global Accelerator is a service provided by Amazon Web Services (AWS) that allows you to improve the performance and availability of applications that are deployed globally.

It works by using a network of AWS Edge Locations that are distributed around the world, which are connected to AWS data centers using Amazon’s private network. AWS Global Accelerator uses anycast routing to direct traffic to the optimal AWS Edge Location based on the location of the user and the health of the application endpoints.

With AWS Global Accelerator, you can improve the performance of your application by reducing the latency and improving the availability of your application. It is particularly useful for applications that are deployed in multiple AWS regions or for applications that require low-latency and high-availability connections.

Question 6

Q65: could front & S3 securtiy options

Answer 6

1. Signed URLs
2. Origin Access Identity (OAI): It is a special cloudFront User , to prevent users from accessing the S3 bucket(attached to cloudfront disribution) directly

Question 7

AWS Inspector

Answer 7

AWS Inspector is a service that helps you find and fix security vulnerabilities and issues in your AWS compute resources. It continuously scans your Amazon EC2 instances, AWS Lambda functions, and container images in Amazon ECR and automatically detects the affected resources. It also provides recommendations on how to remediate the findings based on best practices and severity levels.