Account Management, Billing & Support

Question 1

AWS Organizations Properties

Answer 1

• Global service
• Manage multiple account (master & child)
• Cost benefits
• • consolidated billing
• • pricing from aggregate usage
• • Pooling of reserved ec12 instances
• API is available to automate AWS account creation
• Restrict privs using SCP (service control policies)

Question 2

SCP

Answer 2

Service control policy

• whilelist or blacklist IAM
• Apply SCP at OU or account level
• Doesn’t apply to master account
• applies to all users and roles of account
• Deny all
• use cases
• • restrict access to certain services (can’t use EMR)
• • Enforce PCI compliance by explicitly disabling services

Question 3

Multi-account strategies

Answer 3

• Accounts per department, cost center, environment, regulatory, isolation, etc.
• multi account vs one account multi VPC
• use tagging for billing
• Enable cloudtrail, send to central S3
• Send cloudWatch logs to central logging

Question 4

AWS OU

Answer 4

organizational unit

Can have multiple accounts

• Root OU has everything
• • dev OU
• • prod OU
• • finanace OU

Question 5

Organization - consolidated billing

Answer 5

• Usage of all accounts in the org
• share volume pricing
• share reserved instances and savings plans
• One bill
• can turn off reserved instances discount sharing for any account

Question 6

AWS Control Tower

Answer 6

• govern secure multi-account environment based on best practices
• automate set up with clicks
• define policies using guardrails
• Detect policy violations
• monitor compliance
• run on top of Organiations

Question 7

Landing Zone

Answer 7

well structured set of accounts in control towerwith a home region, a couple of OUs, some audit accounts, etc.

Question 8

AWS RAM

Answer 8

Resource Access Manager

• share AWS resources with other accounts
• share with any account or organization
• avoid resource duplication
• Aurora, VPC subnets, transit gateay, R53, EC3

Question 9

AWS Service Catalog

Answer 9

• Simplified portal to launch set of authorized products
• includes virtual machines, databases, storage, etc.
• AWS service catalog predefines these services

Question 10

Service Catalog usage

Answer 10

• define produce in CloudFormation templates
• Portfolios are collections of products
• IAM permissions to access portfolios for users
• launched resources are properly configured and tagged

Question 11

What are the four pricing models?

Answer 11

• pay as you go (on-demand)
• save when reserved
• • reserved instance for different services
• Volume-based discounts
• AWS drops pricing over time

Question 12

What are free services?

Answer 12

• IAM
• VPC
• Consolidated billing
• Elastik beanstalk
• CloudFormation
• Auto scaling groups
• Free tier (t2.micro for a year, data transfer)

Question 13

EC2 Pricing

Answer 13

• on demand pricing
• • 60s min, or by second or hour
• reserved instances
• • up to 75% discount, 1-3 yr commit
• • all, partial, or no upfront payment
• spot
• • up to 90% discount
• • bid for unused capacity
• dedicated host
• • on demand
• • 1 or 3 year reservation
• savings plans if sustained usage

Question 14

Lambda pricing

Answer 14

Pay per call and per duration

Question 15

ECS pricing

Answer 15

No additional fees, but pay for AWS resources storage and created in the application

Question 16

Fargate pricing

Answer 16

Pay for vCPU and memory in containers

Question 17

S3 pricing

Answer 17

• S3 standard, infrequent, One-Zone IA, Intelligent tiering, Glacier, and Glacier deep archive
• number and size of objects (tiered on volume)
• Number and type of requests
• data transfer out of S3 region
• S3 transfer acceleration (if used)
• Lifecycle transitions

EFS is similar (pay per use, has infrequent access, & lifecycle rules)

Question 18

EBS pricing

Answer 18

• volume type
• storage volume (GB/month)
• IOPS (general purpose, provisioned, magentic)
• snapshots
• data transfer
• • outbound cost
• • inbound is free

Question 19

RDS pricing

Answer 19

• per hour billing
• database characteristics
• • engine
• • size
• • memory class
• purchase time (on demand, reserved)
• Backup storage
• number of input/output requests/month
• Single vs multiple AZ
• outbound transfer tiered, inbound is free

Question 20

AWS CloudFront Pricing

Answer 20

• different based on region
• aggregated at edge locations
• pay for data transfer out, not in
• Number of HTTP/HTTPS requests

Question 21

Networking Costs in AWS per GB

Answer 21

• inbound generally free
• use of public network for AZ to AZ gets charges, less if using private IP
• interregion cost
• use same AZ to maximize savings

Question 22

AWS Savings Plan

Answer 22

• Commit certain $$ amount/hour for 1 or 3 years
• easiest way to set up long term commitments
• EC2 savings plan
• • up to 72% discount
• • commit to usage of individual instance families in a region
• • regardless of AZ or tenancy
• • all upfront, partial, or no upfront
• Computer savings plan
• • up to 66% discount
• • regardless of family, region, size, os, etc.
• • EC2, fargate, lambda,
• Machine learning savings plan (SageMaker)

Question 23

AWS Compute Optimizer

Answer 23

• reduce costs and improve performance by recommending optimal resources for workload
• Uses ML to analys workload and checks CloudWatch
• EC2, Autoscaling groups, EBS, Lambda
• Lower costs by 25%
• Export recommendations to S3

Question 24

Billing and Costing Tools

Answer 24

• Estimating costs
• • pricing calculator
• Tracking costs
• • Billing dashboard
• • Cost allocation tags
• • Cost and Usage reports
• • Cost explorer
• Monitoring
• • Billing alarms
• • budgets

Question 25

AWS Pricing Calculator

Answer 25

https://calculator.aws

Question 26

Cost Allocation Tags

Answer 26

• Track AWS costs on detailed level
• AWS generated tags
• • automatically applied to created resources
• • starts with prefix aws:
• user defined tags
• • starts with prefix user:

Question 27

AWS Cost Explorer

Answer 27

• Forecast usage up to 12 months based on prior usage
• visualize AWS cost and usage over time
• Create custom reports
• Choose best savings plan

Question 28

AWS Resource Groups

Answer 28

• Create, maintain, and view resources with common tags
• manage using tag editor

Question 29

CloudWatch billing alarms

Answer 29

• billing data stored in us-east-1
• data is for worldwide AWS cost
• actual, not projected
• simple alarm

Question 30

AWS Budgets

Answer 30

• Create and send alarms
• Usage, Cost, Reservation, Savings Plans
• For RIs
• • track ultilization
• • support EC2, elastichache, RDS, redshift
• 5 SNS notifications per budget
• filter by service, tag, etc.
• 2 budgets free, then 0.02 per day per budget

Question 31

Cost Anomaly Detection

Answer 31

• Monitor usage with ML
• You don’t have to define anything
• Send anomaly detection report with root cause
• Notifications through SNS per event, or daily/weekly

Question 31

Service Quotas

Answer 31

• Notify when you are close to quota threshold
• CloudWatch alarms on the quotas console
• Example: Lambda concurrent executions
• request a quota increase or shutdown resource before limit is hit

Question 32

Trusted Advisor

Answer 32

• Nothing to install
• Analyze on 6 categories
• • Cost optimization
• • performance
• • security
• • fault tolerance
• • service limits
• • operational excellence

Question 33

AWS Basic Support

Answer 33

• Customer service & communities, 24x7 access to CS, documentation, forums
• Trusted advisor
• Personal health dashboard

Question 34

AWS Developer Support Plan

Answer 34

• Basic support +
• Business hours emial access to cloud support associates
• Unlimited cases, 1 primary contact
• general guidance < 24 business hr
• system impair < 12 business hours

Question 35

AWS Business Support Plan

Answer 35

• Production workload
• Full trusted advisor checks
  24x7 phone, email, chat access to cloud support engineers
• unlimited cases, unlimited contacts
• Prod impaired < 4hr
• prod sysrtem down < 1 hr

Question 36

AWS Enterprise On-Ramp Support Plan

Answer 36

Business Support Plan +
* Access to TAM
* Concierge support team for billing and accout best practices
* Infrastructure event management, WAF
* Business critical system < 30 minutes

Question 37

Enterprise Support Plan

Answer 37

Business Support Plan +
* Dedicatd TAM
* Concierge support team for billing and account best practices
* Infrastructure event management, WAF
* Business critical system < 15 minutes