AWS Core Services Flashcards
1
Q
3 ways to interact with AWS
A
- Console: Users can leverage their browser to configure resources
- Command line interface (CLI) : Command line access for administering AWS resources
- Software Deveopment Kit (SDK) : Programmatic access to manage AWS resources
2
Q
What is the AWS Management Console?
A
A web and app based interface for interacting with most all of the 150+ AWS services. All major browsers and mobile operating systems are supported.
3
Q
What is the AWS Command Line Interface (CLI)?
A
Tool to manage your use of AWS services from the command line on Windows, Mac, and Linux. Most every task that can be done in the console can be done in with the CLI.
4
Q
What is AWS Software Developer Kit (SDK)?
A
Programming language-specific resources that allow you to interact with AWS services via code. This approach enables you to automate many aspects of how you interact with the platform.
5
Q
Languages are supported for the SDK
A
- Java
- .NET
- Node.js
- PHP
- JavaScript(Browser)
- Python
- Ruby
- Go
- C++
6
Q
Roger’s company runs several production workloads in AWS
They have a new web application that manages digital assets for marketing
They need to automatically create a user account in Amazon Cognito on sign-up
They want this step seamlessly integrated into the application
Which interaction method would Roger’s company use for this?
A
Solution: Software Development Kit (SDK)
7
Q
Eliza’s company is considering transitioning to AWS
They want to leverage Amazon Relational Database Service
Eliza wants to test out a single database on the service
What interaction method would Eliza use for this use case?
A
Solution: AWS Console
8
Q
Jennifer’s company is a startup
They created a social network for entrepreneurs with a web and mobile app
Jennifer has a set of tasks she needs to run on AWS each day to generate reports
What interaction method would Jennifer use for this use case?
A
Solution: Command Line Interface (CLI)
9
Q
3 Compute Services on AWS
A
- EC2: Provides secure and resizable virtual servers on AWS
- Elastic Beanstalk: Platform for scaling and deploying web apps and services
- Lambda: Enables compute without managing servers
10
Q
What is Elastic Compute Cloud (Amazon EC2)?
A
A web service that provides resizable compute capacity in the cloud. It is designed to make web-scale computing easier for developers.
11
Q
EC2 Instance Types
A
Defines the processor, memory, and storage type Cannot be changed without downtime Provided in the following categories - General purpose - Compute, memory, and storage optimized - Accelerated computing Pricing is based on instance type Some instance types have unique capabilities
12
Q
What is the EC2 Instance Store?
A
Ephemeral storage that is physically attached to the host the virtual server is running on
13
Q
What is Elastic Block Store (EBS)?
A
Persistent storage that exists separately from the host the virtual server is running on
14
Q
Amazon Machine Image (AMI)
A
- Template for an EC2 instance including configuration, operating system, and data
- AWS provides many AMI’s that can be leveraged
- AMI’s can be shared across AWS accounts
- Custom AMI’s can be created based on your configuration
- Commercial AMI’s are available in the AWS Marketplace
15
Q
3 EC2 Purchase Options
A
- On-Demand
You pay by the second for the instances that are launched - Reserved
You purchase at a discount instances in advance for 1-3 years - Spot
You can leverage unused EC2 capacity in a region for a large discount
16
Q
Reserved Instance Cost Model
A
- All Upfront
Entire cost for the 1 or 3 year period is paid upfront. (Maximum Savings) - Partial Upfront
Part of 1 or 3 year cost is paid upfront along with a reduced monthly cost. - No Upfront
No upfront payment is made, but there will be a reduced monthly cost. (Minimum Upfront Cost)
17
Q
Spot Instances
A
Can provide up to 90% discount over on-demand pricing
There is a market price for instance types per availability zone called the Spot price
When you request instances, if your bid is higher than Spot price they will launch
If the Spot price grows to exceed your bid, the instances will be terminated
Spot instances can be notified 2 minutes prior to termination
18
Q
EC2 Purchase: If you have an instance that is consistent and always needed, you
should leverage what kind of purchase?
A
A Reserved Instance
19
Q
EC2 Purchase: If you have batch processing where the process can start and stop without affecting the job, you should leverage what kind of purchase?
A
Spot Instance
20
Q
EC2 Purchase: If you have an inconsistent need for instances that cannot be stopped without affecting the job, you should leverage what kind of purchase?
A
On-Demand Instance
21
Q
What is AWS Elastic Beanstalk?
A
- Automates the process of deploying and scaling workloads on EC2 (PaaS)
- Supports a specific set of technologies
- Leverages existing AWS services
- Only pay for the other services you leverage
- Handles provisioning, load balancing, scaling, and monitoring
22
Q
What are the Application platforms supported by AWS Elastic Beanstalk?
A
- Java
- .NET
- PHP
- Node.js
- Python
- Ruby
- Go
- Docker
23
Q
What is the use case for AWS Elastic Beanstalk?
A
- Deploy an application with minimal knowledge of other services
- Reduce the overall maintenance needed for the application
- Few customizations are required
24
Q
What is AWS Lambda?
A
- Enables the running of code without provisioning infrastructure
- Only charged for usage based on execution time
- Can configure available memory from 128 MB to 3008 MB
- Integrates with many AWS services
- Enables event-driven workflows
- Primary service for serverless architecture
25
What are the advantages of AWS Lambda?
- Reduced maintenance requirements
- Enables fault tolerance without additional work
- Scales based on demand
- Pricing is based on usage
26
Sylvia’s company is in the process of moving multiple workloads into AWS
One workload is an application that will be leveraged for at least 5 more years
The organization is looking to be as cost efficient as possible for its EC2 usage
What EC2 purchase option should be chosen for this application?
Solution: All Upfront Reserved - 3 Years
27
Edward is looking to deploy his PHP web application to a virtual server
He doesn’t have experience managing EC2 instances on AWS
He needs the ability to scale this application to meet user demand
What is the best compute option for Edward based on this criteria?
Solution: AWS Elastic Beanstalk
28
Cindy’s company is transitioning to the cloud for its data processing workloads
These workloads happen daily and can start or stop without a problem
This workload will be leveraged for at least one year
What EC2 purchase option would be the most cost efficient choice?
Solution: Spot Instances
29
What is the Amazon Virtual Private Cloud (VPC)?
A logically isolated section of the AWS Cloud where you can launch AWS resources in a virtual network that you define.
Supports IPv4 and IPv6
Supports public & private subnets
Can utilize NAT for private subnets
Enables a connection to your data center
Can connect to other VPC’s
Supports private connections to many AWS services
Allows for configuration of:
- IP address range
- Subnets
- Route tables
- Network gateways
30
What is AWS Direct Connect?
A cloud service solution that makes it easy to establish a dedicated network connection from your data center to AWS.
31
Amazon Route 53
- Domain name service (DNS)
- Global AWS service (not regional)
- Highly available
- Enables global resource routing
32
What is Elastic Load Balancing (ELB)
Distributes traffic across multiple targets
Integrates with EC2, ECS, and Lambda
Supports one or more AZ’s in a region
Three types of load balancers:
- Application Load Balancer (ALB)
- Network Load Balancer (NLB)
- Classic Load Balancer
33
What are the types of scaling on Amazon EC2?
Vertical Scaling
You “scale up” your instance type to a larger instance type with additional resources
Horizontal Scaling
You “scale out” and add additional instances to handle the demand of your application
34
Amazon CloudFront
Content delivery network (CDN)
Enables users to get content from server closest to them
Supports static and dynamic content
Utilizes AWS edge locations
Includes advanced security features
- AWS Shield for DDoS
- AWS Web Application Firewall (WAF)
35
What is the Amazon API Gateway?
Fully managed API management service
Directly integrates with multiple AWS services
Provides monitoring & metrics on API calls
Supports VPC and on-premise private applications
36
Jane’s company maintains two corporate data centers
They want their data centers to work alongside AWS for specific workloads
She is wondering if there is a way to have a persistent connection to AWS
What service from AWS would you recommend her company implement?
Solution: AWS Direct Connect
37
Tim’s company serves content through their site to users around the globe
They are looking to optimize performance to users around the world
They want to leverage a Content Delivery Network (CDN)
Which service would enable optimized performance globally for their content?
Solution: Amazon CloudFront
38
Ellen’s company has an internal application that runs on an EC2 server
Currently there is downtime as demand is greater than capacity for the server
Ellen is trying to decide if she should use bigger servers or more servers
Which scaling approach would you recommend and what services should they use?
Solution: Horizontal Scaling using Elastic Load Balancing
39
Amazon Simple Storage Service (S3)
Stores files as objects in buckets
Provides different storage classes for different use cases
Stores data across multiple availability zones
Enables URL access for files
Offers configurable rules for data lifecycle
Can serve as a static website host
40
What are the Four S3 Non-archival storage classes?
```
S3 Standard is the default storage class and is for
frequently accessed data
```
```
S3 Intelligent-Tiering will move your data to the correct
storage class based on usage
```
S3 Standard-Infrequent-Access(IA) is for infrequently accessed data with the standard resilience
S3 One Zone-IA is for infrequently access data that
is only stored in one AZ
41
S3 Intelligent Tiering Storage Class
Automatically moves files based on access
Moves between frequent and infrequent access
Same performance as S3-Standard
42
S3 Lifecycle Policies
Objects in a bucket can transition or expire based on your criteria
Transitions can enable objects to move to another storage class based on time
Expiration can delete objects based on age
Policies can also factor in versions of a specific object in the bucket
43
S3 Transfer Acceleration
Feature that can be enabled per bucket that allows for optimized uploading of data using the AWS Edge Locations as a part of Amazon CloudFront.
44
What are the two S3 Archival storage classes?
S3 Glacier
S3 Glacier Deep Archive
45
S3 Glacier
Designed for archival data
90 day minimum storage duration change
Can be retrieved in either minutes or hours
You pay a retrieval fee per GB retrieved
Over 5 times less expensive than S3 Standard storage class
46
S3 Glacier Deep Archive
Designed for archival data
180 day minimum storage duration change
Can be retrieved in hours
You pay a retrieval fee per GB retrieved Over 23 times less expensive than S3 Standard storage class
47
What are the two Amazon EC2 File Storage Services?
Amazon EBS
Persistent block storage for use with Amazon EC2
Amazon EFS
Elastic file system for use with Linux-based workloads
48
Amazon Elastic Block Store (EBS)
Block storage designed to be connected to a single EC2 instance that can scale to support petabytes of data and supports multiple volume types based on need.
Enables redundancy within an AZ
Allows users to take snapshots of its data
Offers encryption of its volumes
49
What are the EBS Volume Types?
General Purpose SSD is a cost effective type designed
for general workloads
Provisioned IOPS SSD high performance volume for low
latency applications
Throughput Optimized HDD is designed for frequently
accessed data
Cold HDD is designed for less frequently accessed
workloads
50
Amazon Elastic File System (EFS)
Fully managed NFS file system
Designed for Linux workloads
Supports up to petabyte scale
Stores data across multiple AZ’s
Provides two different storage classes
- Standard
- Infrequent access
Provides configurable lifecycle data rules
51
Amazon FSx for Windows File Server
Fully managed native Windows file system
Includes native Windows features including
- SMB support
- Active Directory integration
- Windows NTFS
Utilizes SSD drives for low latency
52
AWS Large Scale Data Transfer Services
AWS Snowball
Service to physically migrate petabyte scale data to AWS
AWS Snowmobile
Service to physically migrate exabyte scale data onto AWS
53
AWS Snowball
Designed for large-scale data transfer
Supports petabyte scale transfer
Physical device is delivered by AWS
You connect the Snowball to your network and upload your data
Device is returned by local carrier
AWS receives device and loads your data into S3
54
AWS Snowmobile
Designed for large-scale data transfer
Supports exabyte scale transfer
Ruggedized shipping container is delivered to your location
AWS sets up a connection to your network
You load your data on the Snowmobile
AWS will load data into S3 when the container is received at an AWS location
55
Elaine launched a site that offers daily tutorials for developers
She uses S3 to store the assets needed per tutorial
These assets are very popular within the week the tutorial is launched
After this initial week, these assets are rarely accessed
How could Elaine reduce her S3 costs while maintaining durability?
Solution: S3 lifecycle rules with S3-Standard IA storage class
56
Esteban works for a social networking company and they are moving to AWS
They have 2 PB of user-generated content that they need to migrate
Esteban is trying to determine if there is a faster than uploading over the internet
Would there be another approach you would recommend for Esteban’s company?
Solution: AWS Snowball
57
Emily works for a company that produces a messaging app
She is looking for a shared file system between 8 different Linux EC2 instances
The file system would need to support roughly 1 PB of data
What approach would you recommend for Emily?
Solution: Amazon Elastic File System
58
S3 Transfer Acceleration
Feature that can be enabled per bucket that allows for
| optimized uploading of data using the AWS Edge Locations as a part of Amazon CloudFront
59
Amazon Relational Database Service (RDS)
Fully managed service for relational databases
Handles provisioning, patching, backup, and recovery of your database
Supports deployment across multiple availability zones (multi-AZ)
Some platforms support read replicas
Launches into a VPC
Provides both general purpose SSD and provisioned IOPS SSD drive options
60
Amazon RDS Platforms
```
MySQL
PostgresSQL
MariaDB
Oracle Database
SQL Server
Amazon Aurora
```
61
Amazon Aurora
a MySQL and PostgreSQL-compatible relational
database built for the cloud, that combines the performance and availability of traditional enterprise databases with the simplicity and cost-effectiveness of open source databases
62
Amazon Database Migration Service (DMS)
Enables you to move data into AWS from existing databases
Supports both one time and continual migration of data
Supports many popular commercial and open source databases
Only pay for compute leveraged in the migration process
63
Amazon DynamoDB
Fully managed NoSQL database service
Provides both key-value and document database
Enables extremely low latency at virtually any scale
Supports automated scaling based on configuration
Offers in-memory cache with the DynamoDB Accelerator (DAX)
Supports over 10 Trillion requests per day
Supports peaks of more than 20 Million requests per second.
64
DynamoDB Use Cases
Scale without excessive maintenance
Serverless applications
Implementations where low latency is key
Data models without BLOB storage
65
Amazon Elasticache
Fully managed in-memory data stores
Supports both Memcached and Redis
Provides low latency in response times
Enables scaling and replicas to meet application demand
Handles common use cases including
- Database layer caching
- Session storage
66
Amazon Redshift
Scalable data warehouse service
Supports PETABYTE scale warehousing of data
Leverages high performance disks and columnar storage
Offers the ability to fully encrypt contents
Provides isolation with a VPC
67
Jennifer is an IT executive in a financial services company
They are transitioning their data warehouse to AWS for analysis
The data warehouse would need to support up to 2 PB of data
Which approach would you recommend for Jennifer?
Solution: Amazon Redshift
68
Sam is a DevOps engineer at a tech company
Sam needs to launch a MySQL database for a new web application
They need to have direct access to the virtual server that MySQL is running on
What approach would you recommend for Sam’s company?
Solution: EC2 (this is a tricky question) - he's looking for IaaS capabilities, not PaaS capabilities or SaaS
69
Frank is the CTO at a gaming company
They are trying to determine how to store realtime user analytics
They need low latency and the ability to scale to handle up to 1 million players
Frank wants to minimize the amount of time it takes to maintain the DB
Which AWS approach would you recommend for Frank?
Solution: DynamoDB
70
What are the 3 Cloud Computing Models?
Infrastructure as a Service (IaaS) - allowing for maximum control with all of the maintenance. Example of this would be running a DB on an EC2 instance.
Platform as a Service (PaaS) - Allowing for some control while reducing maintenance. An example of this would be Relational Database Service (RDS).
Software as a Service (SaaS) - Leveraging the low maintenance aspect. an example would be DynamoDB, Elasticache or Redshift
71
Redshift Spectrum
Scalable data warehouse service
Supports EXABYTE scale warehousing of data
Leverages high performance disks and columnar storage
Offers the ability to fully encrypt contents
Provides isolation with a VPC
72
Amazon Simple Notification Service (SNS)
Fully managed pub/sub messaging service
Enables you to create decoupled applications
Organized according to topics
Integrates with multiple AWS services
Provides end user notifications across SMS, email, and push notifications
73
Amazon Simple Queue Service (SQS)
Fully managed message queue service
Enables you to build decoupled and fault tolerant applications
Supports up to 256 KB data payload
Allows messages to be stored up to 14 days
Provides two types of queues
- Standard queue
- FIFO queue (first in first out)
74
AWS Step Functions
Enables orchestration of workflows through a fully managed service
Supports serverless architectures
Can support complex workflows including error handling
Charged per state transition along with the other AWS services leveraged
Workflows are defined using Amazon States Language
75
AWS Step Function Integrations
- Compute services
- Database services
- Messaging services
- Data processing services
- Machine learning services
76
Ruth started a non-profit that assigns volunteers to opportunities
Recently their database server went down and users were unable to signup
While the situation is better, there is still some downtime expected in the future
She wants to explore an AWS service that could prevent lost user signups
What service would you recommend to Ruth?
Solution: Simple Queue Service (SQS)
77
Jessi created a list of onboarding steps for new customers for their new app
These steps detail integrations with their CRM, emails to the user, and analytics
Jessi is worried about the time it will take to build all of this from scratch
Is there an AWS service that can help with this approach?
Solution: AWS Step Functions
78
Roger’s company is an eCommerce company building a custom platform
They are still adding new functionality
He wants aspects of the platform to listen for events like orders and refunds
They don’t yet know all of the elements that would need to respond to events
Is there a service that would allow current and future parts of the platform to listen for these events?
Solution: Simple Notification Service (SNS)
79
With AWS Step Functions, how is it charged?
You are charged per state transition
80
AWS Step Functions, workflows are defined using what language?
Amazon States Language
81
AWS CloudTrail
Inserts audit trail in an S3 bucket or into CloudWatch Logs
Logs events in the regions in which they occur
Meets many compliance requirements for infrastructure auditing
As a best practice, it should be enabled on every AWS account
Can be consolidated into an Organizational trail using AWS Organizations
82
AWS CloudTrail Use Cases
Compliance requirement
Forensic analysis
Operational analysis
Troubleshooting
83
Amazon CloudWatch
Monitoring and management service
Collects logs, metrics, and events from most AWS services
Enables alarms based on metrics
Provides visualization capabilities for metrics
Allows for custom dashboards based on collected metrics
84
AWS Config
AWS Config is a fully managed service that provides you with an AWS resource inventory, configuration history, and configuration change notifications to enable security and governance. With AWS Config you can discover existing AWS resources, export a complete inventory of your AWS resources with all configuration details, and determine how a resource was configured at any point in time. These capabilities enable compliance auditing, security analysis, resource change tracking, and troubleshooting.
Provides configuration history for infrastructure
Works against rules that you can customize or even create custom validations
Includes conformance packs for compliance standards including PCI-DSS
Can work with AWS Organizations for both cross-region and cross-account setup
Provides remediation steps for infrastructure not meeting criteria
85
AWS Systems Manager
Provides multiple tools that make it easier to manage your AWS infrastructure
Enables automation tasks for common maintenance actions
Gives a secure way to access servers using only AWS credentials
Stores commonly used parameters securely for operational use
86
AWS CloudFormation
Managed service for provisioning infrastructure based on templates
No additional charge
Templates can be YAML or JSON
Enables infrastructure as code
Manages dependencies between resources
Provides drift detection to find changes in your infrastructure
87
AWS Organizations
Allows organizations to manage multiple accounts under a single master account
Provides organizations with the ability to leverage Consolidated Billing for all accounts
Enables organizations to centralize logging and security standards across accounts
88
AWS Control Tower
A service to create a multi-account environment on AWS that follows the recommended best practices in operational efficiency, security, and governance.
Centralizes users across all AWS accounts
Provides a way to create new AWS accounts based on templates
Integrates Guardrails for accounts
Includes a dashboard to gain operational insights from a single view
89
Can I use Control Tower to meet industry compliance standards (such as HIPAA, PCI, SOC-1, SOC-2)?
Out-of-the-box guardrails offered by AWS Control Tower are not intended to meet regulatory compliance standards (such as HIPAA, PCI, SOC-1, SOC-2).
90
Elliott is an operations engineer at a financial services company
He recently discovered that someone had disabled a security setting on a server
He is concerned that events like this might go unnoticed until a breach
Which service would allow the organization to continually track configuration of infrastructure?
Solution: AWS Config
91
James is the lead architect at a SaaS company
They will be launching a new application that includes several components
He is looking to minimize manual work required when creating infrastructure
What service would enable James to automate much of this effort?
Solution: AWS CloudFormation
92
Candace is the CTO at a manufacturing company
A cloud server needed to support their manufacturing process was deleted
They want to make sure the follow up with the person who deleted this instance
Which service could show the individual that deleted this specific server?
Solution: AWS CloudTrail
93
Where does CloudTrail store the audit trails?
S3 bucket or into CloudWatch Logs
