Technology Flashcards
What is EC2?
EC2 is a web service that provides resizeable compute capacity in the Cloud.
What are the storage options for EC2 instances?
The supported storage options are :
- Elastic Block Store (EBS)
- Elastic File System (EFS)
- Instance Store
What are the key attributes of EBS?
The key attributes of note for EBS are:
- The data persists when the instance is not running
- It is tied to one AZ
- It can only be attached to 1 instance in the same AZ
What is EBS recommended for?
EBS is recommended for
- Quickly accessible data
- Running a database on an instance
- Long-term data storage
What is EC2 instance store?
EC2 instance store is local storage that is physically attached to the host computer and cannot be removed.
What are the key attributes of EC2 instance store?
The key attributes of note for EC2 instance store are:
- Storage on disks physically attached to an instance
- Storage is temporary with the data being lost when the EC2 is stopped
- EC2 instance store is fast with high I/O speeds
What is EC2 Instance Store recommended for?
EC2 instance stores are recommended for:
- temporary storage data needs
- data replicated across multiple instances
What are the key attributes of Elastic File System (EFS)?
The key attributes of note for EFS are:
- It only supports the Linux file system
- It is accessible across different AZ’s in the same region
- It is more expensive than EBS
What is EFS recommended for?
EFS is recommended for:
- Main directories for business-critical apps
- Lift and shift existing enterprise apps
What are the steps in connecting to an EC2 using SSH?
The steps to connect to an EC2 using SSH are:
- generate a key pair
- use the private key to connect to the EC2 (public key)
When should you use On-Demand EC2 instances?
You should use on-demand instances when:
- you care about low cost without upfront payment or long-term commitment
- your applications have unpredictable workloads that can’t be interrupted
- your applications are under development
- your workloads will not run any longer than a year
When should you use Spot instances?
You should use Spot instances when:
- you are not concerned about the start or stop time of your application
- your workloads can be interrupted
- your application is only feasible at very low compute prices
When should you use EC2 Reserved Instances?
You should use EC2 Reserved Instances when:
- your application has a steady state usage and you can commit to 1 - 3 years
- you can pay money upfront in order to receive a discount on on-demand prices
- your application requires a capacity reservation(you need to sign a contract)
When should you use EC2 Dedicated Hosts?
You should use EC2 Dedicated Hosts when:
- you want to bring your own server-bound software licences
- you have regulatory or corporate compliance requirements around tenancy models
When should you use EC2 Savings Plans?
You should use EC2 Savings Plans when:
- you want to lower your bill across multiple compute services.
- you want the flexibility to change compute services, instance types, OS’s or regions
- savings can be shared across various compute services like EC2, Fargate and Lambda
What are the methods to access an EC2 instance?
EC2 instances can be accessed by:
- AWS Management Console
- Secure Shell (SSH)
- EC2 Instance Connect (EIC)
- AWS Systems Manager
What is EC2 auto-scaling?
EC2 auto-scaling adds or replaces EC2 instances automatically across AZs based on need and changing demand.
A developer wants to be alerted when an EC2 running their application is approaching 100% CPU utilization. Which service helps the developer do this in an automated way?
CloudWatch can monitor the state of your AWS resources and can notify you when an EC2 is approaching 100% utilization
How would you create and manage access keys for users that need to access AWS services from the AWS Command Line Interface (CLI)?
IAM allows you to create and manage access keys for an IAM user.
Under the AWS shared responsibility model, who is responsible for the configuration of infrastructure devices?
AWS maintains the configuration of its infrastructure devices. Don’t forget AWS is responsible for its global infrastructure elements: Regions, edge locations, and Availability Zones.
What pillar of the Well-Architected Framework would include the use of information gathered through a workload process evaluation to drive adoption of new services or resources when they become available?
This Performance Efficiency pillar focuses on the effective use of resources to meet demand.
In this pillar, you would use the information gathered through the evaluation process to actively drive adoption of new services or resources. You would also define a process to improve workload performance, and you would need to stay up-to-date on new resources and services.
A customer has created an Administrators group in IAM containing 5 users. What does the customer attach to the group to ensure all the users have the needed administrative access?
IAM policies can be attached to a group to ensure all users in the group have the same access.
AWS even has a managed policy, Administrator Access, you can use.
Which is the most efficient AWS feature that allows a company to restrict IAM users from making changes to a common administrator IAM role created in all accounts in their organization?
Service control policies (SCPs) within AWS Organizations provides central governance and management for multiple accounts.
Organization SCPs allow you to create permissions guardrails that apply to all accounts within a given organization.
You need to set a number range of EC2 instances to be made available to handle the load for your application. Which AWS service should you use?
AWS Auto Scaling will ensure you have the optimal number of EC2 instances to handle your application’s load, based on rules you specify.
The other services mentioned can help distribute load amongst existing resources, but they do not have the ability by themselves to create new resources.
A company has designed a hybrid architecture and needs to connect its on-premises database to an application running on an EC2 instance in the AWS cloud using a fast, private, and secure manner. Which method allows the company to securely connect on-premises to the cloud?
Direct Connect is a private (bypasses the public internet), dedicated physical network connection from your on-premises data center to AWS. Since the connection is private, it is extremely fast.
When you upload an object to S3 storage, where will AWS keep it?
Any object uploaded to S3 is automatically stored in multiple Availability Zones in the Region in which it was uploaded.
This means that if any single AZ in a Region is experiencing issues, objects stored in S3 will still be available. Although objects in S3 can be made to be accessible globally, by default they are always stored in a redundant fashion in only the Region they were uploaded, ruling out the other answers
A customer has an on-premises 5-gigabyte Oracle database that needs to be migrated to AWS and converted to Aurora. The customer requires minimal downtime to the database. Which service is the best option for migration and conversion?
DMS supports homogeneous migrations like Oracle to Oracle and heterogeneous migrations like Oracle to Aurora, with minimal downtime.
A company is migrating its workloads to AWS. Which tool will help the company estimate their potential cloud bill and calculate their overall total cost of ownership (TCO) based on their current workloads?
The Pricing Calculator provides an estimate of AWS fees and charges. Since the company knows the workload details, the AWS Pricing Calculator can also help with calculating the total cost of ownership.
A company wants to ensure all AWS accounts in their environment conform to company-wide policies. Which services can help?
Organizations allows you to centrally manage multiple AWS accounts under 1 umbrella. You can allocate resources and apply policies across accounts.
Control Tower helps you ensure your accounts conform to company-wide policies. Control Tower actually sits on top of Organizations.
What is the Lambda pricing model?
Using Lambda you are charged based on the duration and number of requests.You have access to 1 million free Lambda calls each month.
When using Lambda, what are you responsible for ?
You are only responsible for your application code. AWS manages servers, coding environment, and language support
What is Lambda?
Lambda is a sever less compute service that lets you run code without managing servers.
What are the key features of Lambda?
The key features of Lambda are:
- the support of popular programming languages such as Java, Powershell and Python
- coding via IDEs or in the console
- Lambda can execute in response to events
- Lambda functions have a 15 minute timeout
What is Lambda?
Lambda is a serverless compute function that runs code in response to events and requests without managing servers
What is Fargate?
Fargate is a serverless compute engine for containers.
Fargate allows you to manage containers. It is serverless and scales automatically
What is Lightsail?
Lightsail is a service that allows you to quickly launch all the resources needed for small projects.
Lightsail enables the deployment of preconfigured applications such as WordPress websites and comes with a VM, a static IP, SSD based storage and more.
What is AWS Batch?
AWS Batch allows you to process large workloads in smaller chunks (or batches).
AWS Batch can run hundreds / thousands of smaller batch processing jobs and can dynamically provision instances based on volume.
What are S3 access logs used for?
S3 Access logs are used to track the access to your buckets and objects
Is S3 a global or regional service?
S3 is a regional service but bucket names must be globally unique
What is durability in regards to Data Accessibility and S3?
Durability means your objects are never lost or compromised.
Amazon S3 Standard is designed for 99.999999999% (11 9’s) of durability.
What is availability in regards to Data Accessibility and S3?
Availability means you can access your data quickly when you need it.
Amazon S3 Standard is designed for 99.99% availability.
What is S3 Standard recommended for?
S3 Standard is recommended for frequently accessed data
What is S3 Intelligent Tiering is recommended for?
S3 Intelligent Tiering is recommended for data with unknown or changing access patterns
What is S3 Infrequent Access (IA) recommended for?
S3 Infrequent Access is recommended for long-lived data that is not frequently accessed yet gives millisecond access when needed
What is S3 One Zone Infrequent Access (IA) recommended for?
S3 One Zone IA is recommended for re-creatable data, infrequently accessed with millisecond access but where availability and durability is not essential
What is S3 Glacier recommended for?
S3 Glacier is recommended for long term backups and cheaper storage options
What is S3 Glacier Deep Archive recommended for?
S3 Glacier Deep Archive is used for long-term data archival accessed once or twice a year, or retaining data for regulatory compliance needs.
What is S3 Outposts recommended for?
S3 Outposts is recommended for data that needs to be kept local or has demanding application performance needs.
What are 4 common real world usage scenarios for S3?
4 common real world usage scenarios include:
- Static websites (deploy to S3 and distribute with Cloudfront)
- Data archival ( store in S3 Glacier)
- Analytics systems (store in S3 and use analytic services like Redshift and Athena)
- Mobile applications (App users can upload to S3 buckets)
What is S3?
S3 is secure, durable and highly scaleable object storage.
What are the S3 tiers?
The S3 tiers are:
- S3 standard
- S3 IA (infrequently accessed)
- S3 one zone IA -
S3 intelligent tiering (moves objects around based on how you use/access your data) - S3 glacier
- S3 glacier deep archive
What can you use to restrict bucket access?
You can restrict S3 bucket access in the following ways:
- Bucket policies (that apply across the whole bucket)
- Object policies (that apply to individual files)
- IAM policies to users and groups
What is Amazon S3 Transfer Acceleration?
S3 Transfer Acceleration improves content uploads and downloads to and from S3 buckets.
What are the benefits of S3 Transfer Acceleration?
S3 Transfer Acceleration provides:
- improved speed in the transfer of files over long distances
- enables customers worldwide to upload to a central bucket
- uses CloudFront’s globally distributed edge locations
What is S3 versioning?
S3 versioning allows you to create multiple versions of your file in order to protect against accidental deletion or to use previous versions.
What are S3 access logs?
S3 access logs allow you to track the access to your buckets and objects.
What would you use to query historical data stored in S3 buckets as if they were relational dbs using SQL?
You would use Athena to query historical data in S3.
What is EBS?
EBS (Elastic Block Store) is a high-performance, block-storage service to store data on the cloud. It can be seen as a virtual hard disk in the Cloud.
How can you use an EBS volume to create an image?
You can take a snapshot of your volumes to create images to provision new EC2 instances.
What are EBS volumes?
EBS volumes are stores that are created from an Amazon EBS snapshot.
What is a key use case of EBS?
A use case maybe for large enterprise apps to use EBS to store self-managed relational and NoSQL databases. They may then run big data analytics engines against this information that work at lightning speed.
Does Block Storage contain metadata?
No, block storage contains no metadata. Object-based storage has metadata
When would you use EBS?
EBS’s biggest strengths are its reliable performance and flexibility.
It’s ideal for apps that need low latency with many IO operations like database servers. It’s scalable, so you can add extra block storage volumes without dropping performance.
What is EFS?
(EFS) is a fully managed and scalable NFS file system (for Linux) that can be mounted to EC2 instances and on-premises compute resources.
What is Storage Gateway?
Storage Gateway is a device used to transfer data from your on premise site to AWS Cloud-based storage to provide seamless integration.
What are the different types of Storage Gateways?
The different types of Storage Gateway are:
- File Gateway
- Volume Gateway
- Tape Gateway
What is AWS Backup?
AWS Backup is a service that lets you manage data backups across multiple AWS Services.
To what does AWS Backup integrate?
AWS Backup integrates with EC2, EBS, EFS and more.
Backup plans can include both frequency of backup and retention period
What are 4 key attributes of CloudFront?
4 key attributes of CloudFront are:
- makes content available globally or restricts it based on location
- provides security features like DDoS protection and geo-restriction
- speeds up delivery of static and dynamic web content
- uses edge locations to cache content
What is a Content Delivery Network (CDN)?
A CDN is a mechanism to deliver content quickly and efficiently based on geographic location.
What is latency?
Latency is the time it takes to respond to a request.
What does CloudFront do?
CloudFront:
- makes content available globally or restricts it based on location
- uses edge locations to cache content
- speeds-up delivery of static and dynamic web content
What are 2 use cases for CloudFront in the real world?
2 use cases for CloudFront are:
- S3 Static websites- Prevent attacks (can stop DDOS attacks)
- IP address blocking (geo-restrictions prevents users in certain areas accessing content)
What is the difference IaaS, PaaS and SaaS?
See diagram
