Set3(34-65) Flashcards
Q34:Amazon Aurora Global Database Cross-Region disaster recovery
If your primary Region suffers a performance degradation or outage, you can promote one of the secondary Regions to take read/write responsibilities. An Aurora cluster can recover in less than 1 minute, even in the event of a complete Regional outage. This provides your application with an effective recovery point objective (RPO) of 1 second and a recovery time objective (RTO) of less than 1 minute, providing a strong foundation for a global business continuity plan.
Q35:What is the difference between logs and events in AWS CloudWatch?
- CloudWatch Logs reports on application logs,keeps logs from AWS services such as AWS Lambda function executions, or you can send your own logs to the service.
- CloudWatch Events is a near real time stream of system events describing changes to your AWS resources.
Q35:CloudWatch vs CloudTrail
CloudWatch is a monitoring service for AWS resources and applications.
CloudTrail is a web service that records API activity in your AWS account.
Q36:connect machines in the private subnet to internet
Create a NAT gateway in the public subnet. This allows outbound traffic from your private subnet to the internet. Ensure that the NAT gateway has an Elastic IP address associated with it.
Q36:Virtual private gateway
A virtual private gateway is the VPN endpoint on the Amazon side of your Site-to-Site VPN connection that can be attached to a single VPC.
it is often used with Direct Connect
Q37: aws DataSync vs Storage Gateway
AWS DataSync is an online data transfer service that simplifies, automates, and accelerates the process of copying large amounts of data to and from AWS storage services over the Internet or over AWS Direct Connect.
AWS Storage Gateway is a hybrid cloud storage service that gives you on-premises access to virtually unlimited cloud storage by linking it to S3
Q38:EFS
To start using Amazon EFS, you need to create an EFS file system within an AWS region. You can then mount the file system to your EC2 instances using standard file system interfaces such as NFS. EFS supports the NFSv4.1 and NFSv4.0 protocols.
you can mount NFS on as many intances as you want across a single region
Q40:FSx for Windows File Server
It supports the Server Message Block (SMB) protocol and can be accessed by Windows-based EC2 instances or on-premises servers.
even Linux Maschines can use the files system by installing cifs-utils package that allows mounting SMB/CIFS
Q61:What is the difference between Amazon Inspector and Amazon GuardDuty?
Amazon Inspector provides you with security assessments of your applications settings and configurations on your EC2 instances while Amazon GuardDuty helps with analyzing your entire AWS environment for potential threats.
Inspector only covers EC2 at the moment. GuardDuty, on the other hand, will continuously monitor your “AWS accounts, workloads, and data stored in Amazon S3” and alert you.
Q63:Storage for fargate
Amazon Elastic Block Store (EBS) volumes cannot be directly used as persistent storage for AWS Fargate tasks. Fargate is a serverless compute engine for containers that allows you to run containers without managing the underlying infrastructure. It automatically provisions and manages the compute resources for your containers, including the storage.
When using Fargate, you have two options for persistent storage:
- EFS
- Container Storage Interface (CSI) Drivers
Q65:Lambda@Edge
Lambda@Edge is a feature of Amazon CloudFront that lets you run code closer to users of your application, which improves performance and reduces latency.
you can apply Content Customization like compression with it
Route 53 cname load balance
When using AWS Elastic Load Balancers (ELBs) to distribute traffic to multiple instances or services, you can configure a CNAME record to point to the load balancer’s domain name. This allows you to have a more user-friendly hostname (e.g., “app.example.com”) instead of using the raw load balancer URL.
CNAME Purpose
The primary purpose of a CNAME record is to provide a level of abstraction and flexibility in DNS configurations. When a DNS resolver encounters a CNAME record while resolving a domain name, it replaces the original domain name with the canonical domain name specified in the CNAME record and continues the DNS resolution process.
