TD Exam 3 - Short review Flashcards
Does Fargate have ephemeral storage by default
Yes, 20 GiB
Can you use any docker image in Lambda
No, you have to refactor the code and build app from AWS-provided base image
Is there downtime when using AWS Database Migration Service
There is virtually none.
Are ongoing changes replicated when using Database Migration Service
Yes
Does taking a snapshot to migrate a database entail downtime
Yes
Can you change an Aurora instance class to serverless
No
Are you billed when your on-demand EC2 instance is preparing to hibernate with a “stopping” state
Yes
Are you billed when your on-demand EC2 is in “pending” state
No
Are you billed when your reserved instance is in “Terminated” state
Yes
Are you billed when your Spot instance is preparing to stop with a “stopping” state
No
Can you have a retention period of 90 days for RDS automated backups
No, max is 35 days
Can you configure RDS to automatically export a backup to S3 customer-managed bucket
No, this has to be done manually
What should you use to have an RDS backup with 90 days retention policy
AWS Backup
What is S3 Glacier expedited retrieval
Allows you to access Glacier data rapidly (1-5 mins for below 250 MB)
What is provisioned retrieval capacity for S3
It ensures that capacity for expedited retrieval is available when you need it
What is the capacity of an expedited retrieval unit
3 expedited retrieval every five minutes and 150 MB/s
What is the length of bulk retrieval
5-12 hours
What is active-passive failover
When you want the secondary to be on standby
What is active-active failover
When you want all of your resources to be available the majority of the time
Can you have active-active failover with one primary and one secondary
No
Can you use healthchecks with R53 weighted routing
Yes
What happens when you use Healthcheck with R53 weighted routing
If a selected record is unhealthy, the process of selection is repeated until a healthy record is selected
Is it true that EC2 instances in a private subnet can communicate with the internet only if they have an elastic IP
No, it can also have a public IP via a NAT instance or NAT gateway
What is every subnet created automatically associated with
The main route table of the VPC
What makes a subnet public
If it’s traffic is routed to an internet gateway
What is the allowed block sizes for a VPC
/16 (65536 IPs and /28 (16 IPs)
Which is more cost-effective, Parameter Store or Secrets Manager?
Parameter store
What should you use if you are storing mostly application parameters, Parameter Store or Secrets Manager?
Parameter Store
Are you still billed for a stopped reserved instance
Yes
What should you do to avoid being billed from a no-longer needed Reserved instance
Terminate it
If it is still running after reservation term, you get charged on-demand
If it is only stopped, it could be started up again
Also, you would be charged if you had Elastic IP adresses
Can you sell EC2 reservations
Yes, using the AWS Reserved Instance Marketplace
What is AWS Glue job bookmarking
It is a mechanism that allows AWS Glue to keep track of where a job is left off in case it gets interrupted or fails for any reason
How does Glue Job bookmarking work
By storing the state of a job in a data store independant from the job itself
What is instance hibernation
Allows you to pause and resume instances, reduces startup time
What do you pay for when an instance is in hibernation
EBS volumes and Elastic IP
How do you enable hibernation for an existing ec2 instance
You have to migrate your app to a new EC2 instance
Can you enable or disable hibernation on an instance after it has been created
No
Why would requests fail when you use the EC2 API to launch 50 instances in an AZ
There is a vCPU-based on-demand instance limit per region
How do you increase the limit of EC2 instances you can launch in a region
Submit a limit increase form to AWS to increase the vCPU-based limit per region
What is Amazon DynamoDB Accelerator (DAX)
Fully managed, HA, in-memory cache for dynamodb that delivers up to 10x performance improvement
Is Auto-scaling enabled by default in DynamoDB
No
How do you increase performance of a serverless app based on Dynamodb, API Gateway and lambda
Turn on caching (API Gateway)
Enable DynamoDB global replication
Enable DynamoDB Accelerator (DAX) and ensure Auto Scaling is enabled and increase maximum provisioned reand and write capacity
What is AWS Transit Gateway
It provides a hub and spoke design for connecting VPCs and onprem networks
Can VPN provide consistent and dedicated access to onprem network
No
If a company has DX connection and wants its AWS accounts to have consistent and dedicated access to its network services, what should it do?
Create new DX Gateway and integrate it with existing DX Connection
Set up Transit Gateway between AWS accounts and associate it with Direct Connect gateway
What is Firehose used for
Load streaming data into data stores and analytics tools
What is AppSync used for
It makes it easy to build collaborative apps that keep shared data updated in RT
What is CReationPOlicy used for in CloudFormation
Prevent a resource status from reaching create complete until success signals received (or timeout)
How do you send a success signal with CloudFormation
cfn-signal helper script
What do you do to ensure read requests are load balanced between read replicas in Aurora
Use built-in reader endpoint
Which is cheaper, interface endpoint or gateway endpoint
Gateway endpoint
What do you pay for when using a gateway endpoint
No additional charge, you still pay standard charges for data transfer and resource usage
What do you pay for when using interface endpoint
Hourly rate for every provisioned Interface endpoint + standard rates
What should you do to increase disk space without impacting performance in RDS
Modify db instance settings to enable storage autoscaling
Is there downtime when using RDS autoscaling
No
What is a potential downside of manually increasing allocated db instance storage for RDS
Might cause performance degradation during the change
How do you enforce different permissions to IAM users that do not have MFA
You can use an IAM policy
What happens to EBS root volumes by default when an instance is terminated
They are deleted
How can you prevent EBS root volume deletion on instance termination
Set DeleteOnTermination attribute of EBS volumes
What is SNI Custom SSL
Allows multiple domains to serve SSL over same IP
When can you use an IAM policy to allow access to KMS key
If key policy explicitly allows it
What is AWS Cost Explorer
Service that helps ou visualize, understand and analyze AWS costs and usage
What should you use if you want to programmatically query cost and usage data
Cost Explorer API
How long are data records kept for in Kinesis by default
24h
What is the maximum data retention period for kinesis
365 days
What is a limitation when running lambda inside a VPC
It will need an appropriate number of subnet IPs and ENIs
What kind of exception will you get if your lambda inside a subnet runs out of IP or ENI
EC2ThrottleException
What is an Elastic Fabric Adapter
Network device to accelerate HPC and machine learning applications
