AWS Practitioner Notes Flashcards

Question

What is a security group

Answer 1

A set of permissions that allows traffic in or out of an EC2 instance It only has ALLOW rules Acts as firewall to an EC2 instance Regulates access to ports, authorized IP ranges (IPV4 and IPV6) Can be attached to multiple instances Instances can have multiple security groups assigned to them Locked to a Region/VPC combination Lives outside the EC2 instance - if it blocks something, that something never reaches the instance

Answer 2

21 = FTP 22 = SFTP and secure shell 80 = HTTP 443 = HTTPS 3389 = Remote Desktop Protocol

Answer 3

Secure Shell - used to log into Linux, MAC, and Windows (v10+) servers

Answer 4

Used to log into Windows (any version) servers

Answer 5

Good for short workloads Pricing - Windows/Linux - Pay per second after the first minute Pricing - Other - Pay per hour Highest cost, no upfront payment

Answer 6

Good for long workloads Can reserve for 1 or 3 years Save up to 72% Reserve specific instance attributes Can pay upfront, partially upfront, no upfront

Answer 7

Good for long workloads Can be for 1 or 3 year commitment Save up to 72% Commit to specific usage (ex $10/hour) for 100 hours Usage beyond that is at on demand prices

Answer 8

Good for short workloads that can be interrupted Up to 90% discount Can lose instance at any time Use for workloads resistant to failure

Answer 9

Dedicated host - good for when have compliance requirements Have all of a physical server reserved just for your use, control instance placement Payment options are on demand or reserved - is very expensive

Answer 10

No other customer will share your hardware Multiple instances from the same account may share the hardware

Answer 11

Reserve an amount of capacity for a specific AZ for any duration Always have access to the capacity whenever you need it, no time commitment, no billing discounts, can combine with Regional Reserve instances and Savings Plans, charged On Demand prices whether you run instances or not

Answer 12

Elastic Block Storage - network storage Can be attached to a single instance Multiple EBS can be attached to a single instance Has provisioned capacity - can select size and speed when setting up Billed for the provisioned capacity Use limited to an AZ

Answer 13

A backup image of an EBS volume

Answer 14

75% cheaper storage tier 24-72 hours to restore from

Answer 15

Amazon Machine Image A defined configuration for an EC2 instance Public AMI - provided by Amazon Private AMI - make and maintain yourself AWS Marketplace AMI - purchased off the Marketplace

Answer 16

Create EC2 instance and configure it Stop the instance Create the AMI from the stopped instance Launch new instances from the AMI

Answer 17

Physical storage attached to an EC2 instance Data is lost if the EC2 instance is stopped Backup and replication are customer's responsibility

Answer 18

Elastic File System - network storage that can be attached to multiple EC2 - can be used across AZ's

Answer 19

Storage tier up to 92% cheaper than EFS Standard Files automatically moved to this tier and back to Standard

Answer 20

Fully managed file system built on Windows File Server

Answer 21

File system for high performance computing Used for ML, analytics, video processing, and financial modeling

Answer 22

Elastic Load Balancing

Answer 23

Vertical Scalability - increase/decrease the size of an instance - scale up/down Horizontal Scalability - increase/decrease the number of instances - scale out/in

Answer 24

When you are running in multiple AZ's or Regions

Answer 25

The ability to scale in/out to match demand and optimize costs

Answer 26

Auto-Scaling Groups - a service that adds/removes instances automatically Replaces unhealthy instances automatically

Answer 27

ALB - Application Load Balancers - for HTTP/HTTPS traffic (external) NLB - Network Load Balancers - for TLS/TCP traffic (internal)

Answer 28

Simple/Step Scaling - based on Cloudwatch alarms targeting capacity usage Target Tracking Scaling - based on average CPU usage Scheduled Scaling - based on known usage patterns over a period of time Predictive Scaling - uses ML based on past traffic patterns

Answer 29

Simple Storage Service Create buckets to store objects/files Regional Service

Answer 30

Must be UNIQUE across all regions/accounts No uppercase, no underscores 3-36 characters long Not an IP Must start with lowercase letter Can't start with "xn-" Can't end with "-s3alias"

Answer 31

Object key = is full path and file name of object Max size is 5TB, if greater than 5GB must upload in pieces Metadata - key and value pairs Can tag objects

Answer 32

Allows access to objects in a S3 bucket Object Access Control List - Security Policy that details users that can access the object Bucket Access Control List - Security Policy that details users that can access the bucket

Answer 33

As a default, an S3 bucket denies public access to its objects - overrides other specific policies

Answer 34

Where the code for a web site is stored in an S3 bucket Must have public access turned on

Answer 35

Where objects in S3 buckets are assigned file keys Previous versions of objects are retained and can be restored Deleted objects can be restored

Answer 36

Copying a S3 bucket CRR - Cross Region Replication - copying to another Region SRR - Same Region Replication - copying to the same Region Copying is asynchronously

Answer 37

S3 - Standard - 99.99% Availability S3 Infrequent Access - 99.9% Availability S3 Zone Infrequent Access - 99.9% Availability - 1 AZ only S3 Glacier Instant Retrieval - Millisecond retrieval S3 Glacier Flexible Retrieval - Expedited 1-5 min, Standard 3-5 hr, Bulk 5-12 hr S3 Glacier Deep Archive - Standard 12 hour, Bulk 48 hour

Answer 38

Storage method where files are automatically moved from one tier to another Frequent Access Tier (default) Infrequent Access Tier - objects not accessed for 30 days Archive Instant Access Tier - objects not accessed for 90 days Archive Access Tier (optional) - objects not accessed for 90-700 days Deep Archive Access Tier (optional) - objects not accessed for 180-700 days

Answer 39

None Server side - is encrypted after server receives file Client side - file is encrypted before being uploaded

Answer 40

Snowcone Snowball Edge Snowmobile

Answer 41

Small box, up to 8 TB storage Can use up to 15 at a time

Answer 42

Large server, comes in 2 flavors Storage optimized - 80 TB storage Compute optimized - 43 TB storage, has more compute power

Answer 43

Semitruck, 100 PB storage High security, 24/7 video surveillance Temperature controlled

Answer 44

Graphical interface that allows you to use Snow family devices

Answer 45

Using on premises and cloud storage at same time

Answer 46

bridge between on premise storage and AWS S3

Answer 47

Relational Database Service Fully Managed Relational Databases Have to provision the EC2 instances Postgres, MySQL, MariaDB, Oracle, Microsoft SQL Server, Aurora Cannot SSH into database

Answer 48

Proprietary database software Supports Postgres and MySQL Cloud optimized - better than RDS but more expensive

Answer 49

Read only versions of your DBS - can have up to 5

Answer 50

Where you backup your DB to a different AZ If main DB fails, restore from backup

Answer 51

Where you have Read Only versions of your DB in different Regions

Answer 52

In memory database with high performance, low latency Helps reduce load off actual DB

Answer 53

A noSQL DB managed by AWS Is a key-value pair DB Serverless service Highly scalable - autoscaling

Answer 54

In memory cache for Dynamo DB

Answer 55

Tables in multiple Regions Read/write in any Region

Answer 56

A Postgres DB that is used for Online Analytical Processing Has SQL interface

Answer 57

Elastic Map Reduce - creates Hadoop cluster

Answer 58

Serverless query service for objects in S3 buckets

Answer 59

Serverless machine learning-powered business intelligence service to create interactive dashboards

Answer 60

Serverless implementation of MongoDB (noSQL)

Answer 61

Fully managed graph DB

Answer 62

Quantum Ledger DB Records financial transactions Data is immutable once entered

Answer 63

Managed service to either join public blockchain networks or create your own blockchain network

Answer 64

Managed Extract/Transform/Load service

Answer 65

Database Migration Service Source DB remains available during migration Can be to/from same type DB or different type DB

Answer 66

Elastic Container Service - Docker containers Customer must provision/maintain EC2 instances ECS automatically starts/stops containers Integrated with ELB

Answer 67

Elastic Kubernetes Service

Answer 68

Serverless service that launches Docker containers

Answer 69

ECS requires customer to provision/maintain EC2 instances on which to run the containers, Fargate manages that for the client

Answer 70

Elastic Container Registry Where container images are stored and accessed by ECS and Fargate

Answer 71

Serverless compute service Virtual functions Usually execution triggered by event or scheduled Cheap but powerful

Answer 72

Serverless middleman between external clients and Lambda functions

Answer 73

Fully managed batch processing service Can be triggered by event or scheduled Will dynamically launch EC2 instances Batch jobs are defined as Docker images and run on ECS

Answer 74

Lambda functions have limited run time and resources and is serverless Batch has no time limit, can have greater resources, is not serverless but servers are managed by AWS

Answer 75

Virtual servers, storage, databases, and networking Simpler than other AWS services, but is very limited Good for people with little cloud experience

Answer 76

A declarative method of outlining your AWS Infrastructure, for any resources Define the services/infrastructure you want, then Cloud Formation creates them Infrastructure as Code Gives ability to create and destroy infrastructure on the fly Can create templates, get templates from Web Supports most AWS services Uses JSON/YAML files

Answer 77

AWS Cloud Development Kit Use other languages Allows you to deploy runtime code and infrastructure tool

Answer 78

Developer centric view of deploying infrastructure on the internet Uses AWS components Platform as a Service Beanstalk is free, but pay for resources created Fully Managed Service

Answer 79

Hybrid service that deploys code

Answer 80

Equivalent of Github for AWS Fully managed service

Answer 81

A service that compiles source code, runs tests, and produces packages ready to be deployed Hybrid Service Servers/EC2's must have CloudDeploy agent installed

Answer 82

Orchestrates the steps to move Code to production CICD Works with CloudDeploy, CloudCommit, and CodeBuild

Answer 83

System for managing software package dependencies for software development

Answer 84

Unified UI to manage software development activities in one place Uses the Code* services behind the scenes

Answer 85

A Virtual IDE used for collaberation

Answer 86

Systems Manager Hybrid service that works on both EC2 or on-premise server Suite of 10+ programs to manage servers Servers require SSM Agent to be installed

Answer 87

Secure Shell for SSM No SSH access, bastion hosts, or SSH keys needed Doesn't use port 22, so is better security

Answer 88

Managed Chef and Puppet service

Answer 89

AWS DNS service used to route to AWS infrastructure

Answer 90

Simple Routing Policy - No health checks Weighted Routing Policy - Routing based on defined ratios for various servers Latency Routing Policy - Routing based on the lowest latency Failover Routing Policy - Route to main server unless down, then route to backup server

Answer 91

Content Delivery Network Data is cached at Edge Locations Helps against DDoS attacks

Answer 92

Used to distribute files and cache them at the Edge

Answer 93

Connects to: Application Load Balancer, EC2, S3 Website, any HTTP backend

Answer 94

Cloudfront uses Edge Locations to make content available for a short time S3 CRR is set up for specific Regions, works for content only needed in a few Regions

Answer 95

S3 using Edge Locations and high speed internal network to speed up data transfer to/from S3 buckets

Answer 96

AWS's fast private network and Edge Locations used to improve global availability and performance

Answer 97

Both use AWS network and Edge Locations Both integrate with AWS Shield Cloudfront is a CDN, caching files at the Edge Global Accelerator uses Edge Locations, but does not cache files

Answer 98

Hybrid Cloud system where AWS servers are emplaced at a client location in addition to client owned servers AWS sets up and manages the AWS servers Client responsible for physical security of AWS servers

Answer 99

AWS Servers emplaced in telecommunications providers datacenters at the edge of 5G networks Data stays within providers' networks, never reaches AWS Ultra low latency

Answer 100

Special AWS datacenters that place certain services closer to end users to reduce latency

Answer 101

Single Region, Single AZ Single Region, Multiple AZ Multiple Region, Active Passive (only 1 is read & write) Multiple Region, Active Active (all are read & write)

Answer 102

Simple Queue Service Allows asynchronous communication Producers send messages to SQS Consumers read messages from SQS and then delete them Fully managed, serverless Messages retained 4-14 days, unlimited messages

Answer 103

Real time big data streaming service Managed service to collect, process, and analyze real time streaming data

Answer 104

Simple Notification Service Pubsub - Publishers send messages to SNS Topic, Subscribers are then sent those messages

Answer 105

Amazon managed broker service for RabbitMQ and ActiveMQ (which are non-AWS software)

Answer 106

Service that provides metrics for every service in AWS Can create custom metrics

Answer 107

Service that allows you to set up monitoring of CloudWatch Metrics which can trigger various responses: Autoscaling, EC2 actions (stop/restart/etc), SNS notifications

Answer 108

Collects logs from various AWS services, enables real time monitoring

Answer 109

Software that can be installed on EC2's or on-premise servers and feeds logs to CloudWatch Logs

Answer 110

Service that allows you to schedule CRON jobs Can respond to service event triggers

Answer 111

A history of events/API calls made within your AWS account Source: CLI, console, CDK, AWS services Good for compliance, governance, and audit Logs can be sent to CloudWatch Logs

Answer 112

Diagnostic tool that can be used to trace data flow Good for troubleshooting and tracing

Answer 113

Machine learning enabled code reviewer Also makes application performance and cost recommendations

Answer 114

Shows health of all services in all regions Has a RSS feed you can subscribe to

Answer 115

Dashboard that provides alerts and remediation advice for AWS services used by your account that are current having issues or have upcoming scheduled events

Answer 116

Virtual Private Cloud Private network for deploying your AWS resources VPC's are contained within a Region

Answer 117

A way of partitioning your network within a VPC Associated within a single AZ Public subnet - accessible to/from internet Private subnet - not accessible to/from internet

Answer 118

Help VPC's connect to the internet via a public subnet

Answer 119

NAT Gateway (AWS Managed) / NAT Instance (self managed) - allow private subnets to access the internet while remaining private

Answer 120

Network Access Control List Firewall that controls traffic to/from a subnet Can have ALLOW and DENY rules Rules only contain IP addresses Operates at subnet level Stateless: Return traffic must be explicitly allowed

Answer 121

Firewall that controls traffic to/from an ENI (Elastic Network Interface) / an EC2 instance Can only have ALLOW rules Rules include IP addresses and other Security Groups Operates at instance level Stateful: Return traffic automatically allowed

Answer 122

Logs of all IP traffic flowing your into your instances

Answer 123

Connect two VPC's privately, using AWS's network Make them behave as if in the same network Must not have overlapping CIDR (IP network range) Is not Transitive - must be established between each pair individually

Answer 124

Allows you to connect to AWS Services using a private network instead of the public internet

Answer 125

Allows you to connect to S3 or Dynamo DB (only)

Answer 126

Allows you to connect to any AWS service other than S3/Dynamo DB

Answer 127

Most secure and scalable way to expose a service to many VPC's Source VPC creates Network Load Balancer, target VPC creates Elastic Network Interface, then privately link the two

Answer 128

Connect on-premise servers to AWS Uses public internet Fast to set up Customer end - uses Customer Gateway AWS end - uses Virtual Private Gateway

Answer 129

Physical connection between on-premise servers and AWS Expensive and takes long time to set up Private, secure, fast

Answer 130

Connect on-premise servers to AWS using OpenVPN Client Uses public internet

Answer 131

Transitive Peering between multiple AWS VPC's and client VPC in a hub and spoke (star) pattern

Answer 132

Security OF the Cloud Protecting infrastructure that protects AWS services Managed services like S3, Dynamo DB, etc

Answer 133

Security IN the Cloud EC2 OS patching and updates Firewall and Network configurations IAM Encryption of application data

Answer 134

Protection against DDoS attacks: SNY/UPD Floods, Reflection attacks, other layer 3/layer 4 attacks Free

Answer 135

Optional DDoS protection $3000/month Protects against more sophisticated attacks on EC2, ELB, CloudFront, Global Accelerator, and Route 53 24/7 access to AWS DDoS response team during the attack Protection against higher fees during usages spikes from DDoS

Answer 136

Web Application Firewall Protects your web applications from common web exploits (Layer 7 = HTTP) Deploy on Application Load Balancer, API Gateway, CloudFront Define Web ACL (Access Control List) - can include IP Addresses, HTTP Headers, HTTP Body, or URI Strings Web ACL protects against common attack - SQL Injection, Cross site scripting, block geographies (countries) Can limit the number of requests per user per time period

Answer 137

EC2 Instances/NAT Gateways/ELB, RDS, CloudFront, Aurora, API Gateways, Lambda/Lambda Edge functions, Lightsail, Elastic Beanstalk

Answer 138

DNS Zone Walking, DDoS, simulated DDoS, Port Flooding, Protocol Flooding, Request Flooding

Answer 139

Key Management Service Manages encryption keys

Answer 140

Dedicated hardware security module attached to FIPS validated hardware Manage your encryption keys

Answer 141

Keys created, managed, used by the customer Can bring your own keys

Answer 142

Keys managed by AWS and used on customers behalf by AWS Used by AWS services

Answer 143

Collections of CMK's that an AWS service owns and manages in mulitple accounts Used to protect customer resources, but customer doesn't have access to them

Answer 144

AWS Certification Manager Allows customer to provision, manage, and deploy SSL/TLS Certificates Used to provide inflight encryption for websites (HTTPS) Supports both public and private TLS certificates (public are free) Automatic TLS certificate renewal

Answer 145

Store secrets, force rotation of secrets Integrated with RDS Secrets encrypted using KMS

Answer 146

Portal that gives you access to AWS Compliance documentation and AWS agreements Used to support internal audit or compliance

Answer 147

Uses machine learning algorithms, anomaly detection, 3rd party data to protect your account Input data used - CloudTrail Event Logs, VPC Flow Logs, DNS Logs, Kubernetes Audit Logs Can protect against CryptoCurrency attacks

Answer 148

Run automated security assessments For EC2 instances, container images, Lambda Functions Reporting and integration is with AWS Security Hub Send findings into Amazon EventBridge

Answer 149

Fully managed data security and data privacy service Uses machine learning and pattern matching to discover and protect your sensitive data in AWS

Answer 150

Analyzes, investigates, and identifies the root cause of security issues or suspicious activity (using machine learning and graphs) Automatically collects and processes events from VPC Flow Logs, CloudTrail, GuardDuty, and creates a unified view

Answer 151

Spam, port scanning, DDoS, Intrusion Attempts, Hosting objectional/copyrighted content, distributing malware Contact the AWS Abuse Team if discovered

Answer 152

Change account settings Close the account Change or cancel support plans Register as a seller on the AWS Marketplace

Answer 153

Service that finds people, objects or scenes in video

Answer 154

Converts speech to text Uses deep learning process: Automatic Speech Recognition

Answer 155

Converts text to speech

Answer 156

Converts text in one language to text in another language

Answer 157

Lex is Automatic Speech Recognition Used for Alexa

Answer 158

Virtual Call Center

Answer 159

Natural Language Processing

Answer 160

Fully managed service for developers / data scientists to build ML models

Answer 161

Fully managed service that uses ML to delivery highly accurate forecasts

Answer 162

Fully managed document search service Extract answers from within a document

Answer 163

Fully manage ML service to build apps with real time personalized recommendations

Answer 164

Automatically extracts text, handwriting, data from any scanned documents using AI and ML

Answer 165

Global service that allows you to create and manage all your accounts from a master account Allows consolidated billing Allows sharing Reserved Instances Gives pricing benefits from aggregated usage

Answer 166

Service that whitelists or blacklists IAM actions for accounts

Answer 167

Service that runs on top of AWS Organizations It applies preventive and detective controls (guardrails) to help keep your organizations and accounts from divergence from best practices

Answer 168

Pay As You Go Save When You Reserve Save When You Use More Pay Less as AWS Grows (economies of scale)

Answer 169

IAM, VPC, Consolidated Billing, Elastic Beanstalk, CloudFormation, Auto Scaling Groups

Answer 170

Data transferred into AWS is free Data transferred out of AWS is not free Data transferred within AWS Region is free if using private IP Data transferred between Regions is not free

Answer 171

Service that uses ML and CloudWatch Metrics to recommend optimal AWS resources for your workload to reduce costs and improve performance

Answer 172

Tool that estimates costs for your solution architecture

Answer 173

Tool that shows you costs to date, forecasts for rest of month Breaks down the costs

Answer 174

Tags attached to services and resources that allow you to track costs at a detailed level

Answer 175

Tool that contains most the comprehensive set of AWS cost and usage data available, including additional metadata about AWS services, pricing, reservations

Answer 176

Tool to visualize, understand, and manage your AWS costs Forecast up to 12 months based on previous usage

Answer 177

Triggers that track your AWS spending and sends notifications Billing data is stored in CloudWatch in us-east-1 only, aggregated for all Regions

Answer 178

Tool that allows you to set up a budget for AWS services Can trigger Billing Alarms Types: Usage, Cost, Reservations

Answer 179

An assessment tool that analyzes resources in your account based on these categories: Cost Optimization, Performance, Security, Fault Tolerance, Service Limits

Answer 180

S3 Bucket Permissions Security Groups - Ports check IAM Use MFA on root account Presence of EBS public snapshots Presence of RDS public snapshots Service Limits

Answer 181

It is free Access to 24/7 customer service Access to documentation, whitepapers, and support forums Access to 7 core checks for Trusted Advisor Access to Personal Health Dashboard

Answer 182

Costs greater of $29 or 3% of monthly charges Same as Basic Support plan Business hours email access to Cloud Support Associates Unlimited cases, 1 primary contact General Guidance < 24 hours System Impaired < 12 hours

Answer 183

Costs greater of $100 or sliding % of monthly costs Same as Developer Support plan Full Trusted Advisor checks 24/7 phone/email/chat access to Cloud Support Engineers Unlimited Cases, Unlimited Contacts Access to Infrastructure Event Management for additional fee Production system impaired < 4 hours Production System Down < 1 hour

Answer 184

Costs greater of $5,500 or 10% of monthly charges Same as Business Support plan Access to a pool of Technical Account Managers (TAM) Concierge Support Team (for account and billing best practices) Infrastructure Event Management, Well Architected and Operations Review Business-critical system down < 30 minutes

Answer 185

Costs greater of $15,000 or sliding % of monthly costs Same as Enterprise Onramp Support plan Access to a designated TAM Business-critical system down < 15 minutes

Answer 186

Security Token Service Enables you to create temporary limited-privileges credentials to access your AWS resources

Answer 187

Identity for Web/Mobile application users Don't create individual IAM users, create users in Cognito instead

Answer 188

AWS's version of Microsoft Active Directory

Answer 189

Virtual Desktop as a Service (DaaS) Windows or Linux desktops

Answer 190

Desktop Application Streaming Service delivered via web browser

Answer 191

Service that allows you to create and run VR, AR, and 3D applications

Answer 192

Internet of Things Allows you to easily connect IoT devices to the AWS Cloud

Answer 193

Convert media files stored in S3 into media file formats required by consumer playback devices

Answer 194

Store and sync data across mobile and web applications in real time Uses GraphQL (Facebook mobile technology)

Answer 195

Set of tools and services that allow you to develop and deploy scalable full stack web and mobile applications Like Elastic Beanstalk for mobile and web applications

Answer 196

Fully managed service that tests your web and mobile apps against desktop browsers, real mobile devices, and tablets Real devices, not emulators

Answer 197

Fully managed service to centrally manage and automate backups across AWS services

Answer 198

Backup and Restore (Cheapest) Pilot Light (Core Functions of the App, ready to scale) Warm Standby (Full version of the app, but at minimum size) Multi-site/Hot Site (Full version of the app, full size)

Answer 199

Move large amount of data from on-premise to AWS Replication tasks can be scheduled Incremental backup after initial backup

Answer 200

Scan on-premise servers to get information for migration Agentless Discovery (AWS Agentless Discovery Connector) Agent Based Discovery (AWS Application Discovery Agent)

Answer 201

Lift and shift (rehost) data/applications Then at some point cut over

Answer 202

Fault Injector Service Fully managed service to run fault injection experiments on AWS workloads Based on Chaos Engineering

Answer 203

Build a serverless visual workflow to orchestrate your Lambda functions Can integrate with EC2, ECS, on-premise servers, API Gateway, SQS Queues Features: sequence, parallel, conditions, timeouts, error handling

Answer 204

Fully managed service that allows you to control satellite communications, process data, and scale your satellite operations

Answer 205

Scalable 2-way outbound/inbound marketing communications service Supports email, SMS, push, voice, and in-app messaging Is the next evolution of SNS or SES

Answer 206

Stop guessing your capacity needs Test systems at production scale Automate to make architectural experimentation easier Allow for evolutionary architectures Drive architectures using data Improve through game days (peak usage)

Answer 207

Operational Excellence Security Reliability Performance Efficiency Cost Optimization Sustainability

Answer 208

Ability to run and monitor systems to deliver business value and to continually improve supporting processes and procedures

Answer 209

Ability to protect information, systems, and assets, while delivering business value, through risk assessments and mitigation strategies

Answer 210

Ability of a system to recover from infrastructure or service disruptions, dynamically acquiring computing resources to meet demand, and mitigate disruptions such as misconfigurations or transient network issues

Answer 211

Ability to use computing resources efficiently to meet system requirements, and to maintain that efficiency as demand changes and technologies evolve

Answer 212

Ability to run systems to deliver business value at the lowest price point

Answer 213

Focuses on minimizing environmental impact of running cloud workloads

Answer 214

Free tool to review your architectures against the 6 pillars You select your workload and answer questions, then get advice

Answer 215

Right sizing is process of matching instance types/sizes to your workload performance and capacity requirements at the lowest possible price

Answer 216

Independent software vendors - buy/sell custom AMI, CloudFormation templates, Software as a Service, Containers

Answer 217

Digital or classroom training, private training, training/certification for US government, training/certification for enterprises, AWS Academy for universities

Answer 218

Global team of networks - APN (AWS Partner Network)

Answer 219

Third parties that provide hardware, connectivity, and software

Answer 220

Third parties that provide consulting services to help you build in AWS

Answer 221

Third parties that provide AWS training

Answer 222

Certification for APN Partners who have demonstrated technical proficiency and proven customer success in specialized solution areas

Answer 223

Service that helps AWS Partners become better partners

Answer 224

Knowledge base of more frequent and common questions and requests

Answer 225

Tool to find AWS Certified professional help (contractors) for AWS projects

Answer 226

AWS Managed Q&A service - offers cloud sourced, expert reviewed answers to your technical questions about AWS Free unless purchase Premium Support (customers that don't get a response from the community are passed on to AWS Support Engineers)