Testing Flashcards
IAM Stands for:
Identity and Access Management
What does a IAM User use to Log in:
Username and Password
CLI stands for:
Command Line Interface
API stands for:
Application Programming Interface
CLI/API uses what to log in
Access Keys and Access Key IDs
MFA stands for:
Multi Factor Authentication
SCP Stands for:
Service Control Policies
IAM Best Prctices:
- Lock AWS account user access keys
- Create individual users
- Use groups to assign permissions to users
- Grant least privilege
- Start with AWS managed policies
- Use customer managed policies
- Use access levels to review permissions
- Strong Password policy
- MFA
- Use Roles for apps and to delegate permissions
- do not share keys
- rotate credentials
- remove unnecessary credentials
- Use policy conditions
- Monitor activity
EBS stands for:
Elastic block store
What is Block Storage and what is AWS service
Hard drives connected to a system (a C: or D: drive
What is Block Storage and what is AWS service
Hard drives connected to a system (a C: or D: drive
EC2 Stands for:
Elastic Compute Cloud
What does EC2 do?
Runs virtual servers or instances in the cloud
What is User Data
User Data is code that runs commands
What is Meta Data
Metadata returns information
What is LightSail
SUPER SIMPLE cheap cloud server for those with little expertise
What is Batch
Allows you to run thousands of computing jobs on AWS
It dynamically provisions the optimal quantity and types of resources
What is a Docker Container
It is a place to store all the steps to run an app including OS, code, settings, etc
It makes the movable from hardware and very efficient
What does ECS stand for
Elastic Container Service
What is a cluster
a logical grouping of tasks or services
What is ECS Launch Type
it is an elastic container that you keep control of
You are charged per instance
You are responsible for optimization and management but get more control
What is ECS Fargate
it is an elastic container that is managed by AWS
Charged per running tasks
You have limited control
EBS Snapshots do what
Capture a volume at a point in time
where is a snapshot stored
Inside a region outside of a AZ
Differences between SnapA and SnapB and SnapC
Snap A is the OG while all those after are the changes that are made after the OG
What does DLM stand for
Data Lifecycle Manager
What does DLM do
automates creation, retention, and deletion of snapshots
What does S3 stand for:
Simple Storage Service
What kind of storage system is S3
Object storage
What are the 6 classes of S3 storage
- Standard
- Intelligent Tiering
- Standard-IA
- One Zone-IA
- Glacier
- Glacier Deep Archive
Standard S3 Storage
3 AZ
common data
Intelligent Tiering
3 AZ
It moves data to the most logical storage class
Standard-IA Storage Class
3 AZ
charged per GB retrieved so it needs to data not regularly accessed
One Zone-IA Storage class
Like Standard-IA but in one AZ
It makes the data less protected at a cheaper price
Glacier Storage
3 AZ
Available in minutes at an updated price
Glacier Deep Dive
3 AZ
Available in hours
protected data that you do not need right away
S3 Versioning
Keeping multiple variants in the same bucket
used to preserve, retrieve and restore objects
S3 Replication
CRR Replicates data across region
SRR Replicates data in the same region
Storage Gateway uses
Moving data from on premises to the cloud
File Gateway
Storage gateway using a file based system
Volume Gateway
Block based storage gateway system
Backup Gateway
Storage gateway that uses block or file protocols
S3 Features
Transfer acceleration Requester pays Events Static website hosting Encryption Replication
What is Route 53
It is a DNS or Domain Naming System
Route 53 Policies
simple failover geolocation geo proximity latency Multivalue answer weighted
Route 53 features
Domain registration
hosts zones
health checks
monitors Traffic flow
Auto scaling Groups
EC2 Status Check
CloudWatch
EC2 Status Check
If one instance fails status check will replace that instance
CloudWatch does what
Monitors Metrics
adds and removes instances based on metrics
What does Auto Scaling do?
Launches and terminates instances automatically scales horizontally Responds to checks and metrics can scale on demand or by a schedule set policies on how to respond
What does ELB stand for:
Elastic Load Balancer
4 types of Elastic Load Balancers
Application
Network
Classic
Gateway
Application Load Balancer
Operates at request level (level 7)
Network Load Balancer
Operates at the connection level (level 4)
Classic Load Balancer
Older generation that uses both level 4 and 7
Gateway Load Balancer
used in front of virtual apps such as firewalls
Scaling Policies
Target Tracking
Simple Scaling
Step Scaling
Scheduled scaling
Benefits of Serverless services
No instances No hardware No management Capacity provisioning and patching Provides auto scaling
Serverless services
Lambda Fargate EventBridge Step Function SQS SNS S3 API Gateways DynamoDB
Lambda Functions
Executes code when needed
only pay when code runs
Lambda function benefits
no servers
Continuous Scaling
millisecond billing
integrates with services
SQS stands for what
Simple Queue Service
SQS does what
It decouples the App tier from the Web tier.
pull based. the app will pull the info from the queue
MQ is a what
Message broker service
MQ does what
It works like sqs EXCEPT:
it works with industry standards like apache
and
it is a push based system
SNS stand for what
Simple Notification Service
What does SNS do?
Pushes out information out instead of pull like SQS
pushes info to topic which will be sent to all accounts attached to that topic
Step Functions
Coordinates workflows automatically
Uses visual workflows and run state machines
SWF stands for what?
Simple Workflow Service
SWF does What?
Works like Step functions but in workflows that require human interaction
EventBridge Does what?
It is a serverless event bus
it takes data that triggers an event to signal to the right server
API stands for what?
Application Programming Interface
API Gateways do what?
It is the front door for applications
Connects multiple ways
forwards requests to Lambda or VPCs
VPC Stands for?
Virtual Private Cloud
What are Security Groups
Firewall for Instances
What does ACL stand for
Access Control List
What is ACLs purpose
A firewall at the Subnet level
3 types of IP addresses
Public
Private
Elastic
Qualities of a Public IP address
Dynamic
lost when instance stops
cannot be moved between instances
Qualities of a Private IP
Attached to ALL instances
Retained when instance stops
Qualities of an Elastic IP
Static public address
Retained when instance stops
can be moved between instance
Pay if not in use