Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

AWS Cloud Practitioner > All > Flashcards

All Flashcards

1
Q

IAM

A

Identity Access Management

Starts with a root account by default, that shouldn’t be used.

Groups: contain users, but not other groups

Users: can be part of multiple groups

Policies: can be assigned to users and groups. They define the access permission.

Password and access definition.

All sub items:
- IAM Roles
- IAM Credentials Report
- IAM Access Advisor

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

IAM Roles

A

An IAM Role have two elements:
- Policies that define their access
- Trust to define which entity it can be trusted

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

IAM Credentials Report

A

List of all users and their credentials

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

IAM Access Advisor

A

Show users permissions ad when were last accessed

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

IAM Best Practices

A
  1. Don’t use root account
  2. One physical user = one AWS user
  3. Create Groups
  4. Create Strong password policy
  5. Enforce MFA
  6. Create and use Roles
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

EC2

What are the 8 choices?

A

Elastic Compute Cloud

Service to host server instances.
Choose:
- OS,
- CPU,
- RAM,
- Storage (EBS and EFS or EC2 Istance Store)
- Network Card,
- Firewall Rules (Security Group),
- Bootstrap script (EC2 User Data)
- Instance Type

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

EC2 User Data

A

Script to run ate the boot of EC2
All Commands run as sudo

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

EC2 Instance Types

How are they named and which are the 4 types?

A

m5.2xlarge
m: the instance class
5: generation
2xlarge: size inside the class

Types:
- Compute Optimized: for compute intensive tasks
- Memory Optimized: for processing large datasets
- Storage Optimized: for storage intensive tasks: segmental read and write large datasets
- General pupose: balanced

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Security Groups

A

Control traffic into or out of EC2 Instances
Only contain ALLOW rules
Can be attached to multiple instances
Can authorize other security groups

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

EC2 Instances Purchasing Options (6)

A
  • On Demand
  • EC2 Reserved Instances
  • EC2 Saving Plans
  • EC2 Spot Instances
  • EC2 Dedicated Hosts
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

EC2 On Demand Instance

How is it priced?

A
  • Pay for what you use
  • High Cost
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

EC2 Reserved Instances

A
  • reserve specific attributes: type, region, AZ, tenancy
  • you can’t change them for the reserved time: 1 to 3 years
  • there is the Convertible Reserved Instance, which you can change some attributes only, but doesn’t have much discount
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

EC2 Saving Plans

A
  • commit to a base usage that will be charged (10$/ hour for 3 years)
  • if the usage is passed, it will be charged as demand
  • instance family and region is locked
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

EC2 Spot Instances

A
  • AWS capacity that is not being used, is selled at a discount price
  • you pay for the spot price that changes
  • you can set a max price to pay, if the spot price goes above it, the instance will be lost
  • ideal for workload resilient to failure
  • cheaper option
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

EC2 Dedicated Hosts

A
  • most expansive purchase option
  • physical EC2 fully dedicated
  • can be on demand or reserved
  • allows for compliance requirements and existing serverbound software licenses
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

EC2 Capacity Reservations

A

To make sure one AZ will always have capacity for your On Demand instances, you can reserve it.

17
Q

EC2 Instance Storage

What are the types (5)?

A
  • EBS (Elastic Block Store) Volume
  • AMI (Amazon Machine Image)
  • EC2 Instance Store
  • EFS (Elastic File System)
  • Amazon FSx
18
Q

EBS Volume

A

Elastic Block Storage
Is an EC2 Instance Storage type.
A network drive you can attach to your EC2.
Mounted to one instance at a time
Bound to the AZ
Has latency
Must provide capacity beforehand (can in increase over time)
EBS Snapshots:
- backup the volume anytime
- can transfer copy across regions and AZ
- EBS Snapshot Archive: can archive it for a discount, takes longer to restore it
- Recycle Bin: deleted snapshots are retained for specific time

19
Q

AMI

A

Amazon Machine Image
A customized EC2 Instance.
Built for specific region (can be copied)
Can get AMI from:
- Public AMI (AWS Provided)
- Your own
- AWS Marketplace AMI (other users)

20
Q

EC2 Image Builder

A
  • a Wizard to help creating EC2 images
  • can run on a schedule -> can automate creation
  • FREE , only pay for the created resources
21
Q

EC2 Instance Store

A
  • better I/O performance (than network storage)
  • storage is lost if stopped
  • good for temporary content
  • risk of data loss
  • backup and recovery is user responsability
22
Q

EFS

A

Elastic File System

  • network file system
  • can be mounted to hundreds of EC2
  • works with Linux EC2 in multi-AZ
  • highly available, scalable and expensive
  • pay per use, no capacity planning
  • EFS Infrequent Access (EFS-IA):
    • cost optmized for files not accessed every day
    • cheaper
    • EDF move files automatically based on last time accessed (lifecycle policy)
    • transparent to applications (no difference)
23
Q

Amazon FSx

A

3rd party high-performance file system on AWS
Fully managed service

Amazon FSx for Windows File Server:
- built on Windows File Server
- can be accessed from AWS or on premise

Amazon FSx for Lustre (Linux + Cluster):
- high performance, scalable
- for High Performance Computing (HPC)
- up to 100sGB/s, millions of IOPS, sub-ms latency

24
Q

ELB

What it does and their types (4)

A

Elastic Load Balancer
- Spread load across multiple instances
- Do health checks
- High availabilty
- Managed by AWS

Kinds:
- Application Load Balancer (Layer 7 - HTTP/S Routing)
- Network Load Balancer (Layer 4 - TCP/UDP Routing)
- Gateway Load Balancer (Layer 3 - IP Packets)
- Classic Load Balancer (Layer 4, 7)

25
Q

ASG

What it is and the strategies

A

Auto Scaling Groups
Scale out and in to match load.

Strategies:
- Manual Strategy: update the size manually
- Dynamic Strategy: according to demand
- Simple/Step scaling: triggered by usage
- Target tracking scaling: keep usage at X %
- Scheduled Scaling: by time of day
- Predictive Scaling: Using ML to predict usage

26
Q

S3

Overview

A

Have buckets defined at region level.
Bucket name must be globally unique.
Max size of object is 5TB
Has versioning
Has encryption by KMS
Can do replication:
- Cross region to decrease latency
- Same region for multiple environments (test, prod)

AWS Cloud Practitioner (1 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions