Management and Governance Flashcards

1
Q

CloudWatch

A

Collection of service that help you monitor and observe your cloud resources

  • detects anomalies in your environment
  • set alarms with CloudWatch alarms
  • monitor application logs with CloudWatch logs
  • visualize time-series data with CloudWatch metrics
  • trigger and event based on a condition with CloudWatch events
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

CloudTrail

A

Tracks user activity and API calls within your account

  • log and retain account activity
  • identify which user made changes
  • track activity through the console, SDKs, and CLI
  • identify which user made changes
  • detect unusual activity in your account
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Tags

A

Key/value pairs that help you sort and visualize cloud resources on AWS

  • group and filter resources
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Systems Manager

A

Management service that helps you automate administrative tasks across your AWS resources

  • take automated actions on resource groups
  • view aggregated operational data of resource groups
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Systems Manager Parameter Store

A
  • Provides secure, hierarchical storage for configuration data management and secrets management
  • Can store data such as passwords, database strings, and license codes as parameter values
  • You can then reference values by using the unique name that you specified when you created the parameter
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

AWS Health Dashboard

A

continuously monitors the health of AWS environment

  • provides alerts and remediation guidance when AWS is experiencing events that may impact you
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

AWS Config

A
  • Assess, audit and evaluate the configurations of AWS resources
  • leverages predefined recommendations or creates custom rules
  • detects non-compliant resources and alerts administrators in the console
  • does not enforce standards, but audits adherence
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Audit Manager

A
  • centralize audit data from AWS Config and security services
  • find root causes of non-compliance and generate reports
  • provides pre-built auditing frameworks to meet industry standards
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Trusted Advisor

A

online resource that helps you to reduce cost, increase performance and improve security by optimizing your AWS environment

  • provides real-time guidance to help you provision resources following best practices

Advises on:

  • cost optimization
  • performance
  • security
  • fault tolerance
  • service limits
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

AWS Service Catalog

A

allows organizations to create and manage catalogs of IT services that are approved for use on AWS

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

EventBridge

A

serverless event bus that makes it easier to build event-driven applications at scale using events generated from your applications

  • set rules for actions to take place where certain events happen (ex. instance state changes, items uploaded to S3 bucket etc.)
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Organizations

A

Allows you to consolidate multiple AWS accounts into an organization that you create and centrally manage

  • root account + organizational units
  • Service Control Policies (SCPs) can control tagging and the available API actions

consolidated billing includes:

  • paying account: independent and cannot access resources of other accounts
  • linked accounts - all linked accounts are independent
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Control Tower

A

Provides a central hub (landing zone) for setting up, governing and securing multi-account AWS environments based on AWS best practices and security standards

Configures governance, compliance, and security guardrails for you:

  • Disallowing public write access to Amazon S3 buckets
  • Disallowing access as a root user without multi-factor authentication
  • Enabling encryption for EBS volumes attached to EC2 instance
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Config

A

Fully managed service that enables continuous monitoring and assessment of your AWS resource configurations

  • discover existing and deleted AWS resources
  • determine overall compliance against rules
  • view configuration details of a resource at any point in time
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Quick Start

A

Built by AWS solutions architects and partners to help you deploy popular technologies on AWS, based on AWS best practices for security and high availability.

  • reduce hundreds of manual procedures into just a few steps, so you can build your production environment quickly and start using it immediately
  • includes AWS CloudFormation templates that automate the deployment and a guide that discusses the architecture and provides step-by-step deployment instructions
How well did you know this?
1
Not at all
2
3
4
5
Perfectly