Brainscape's Knowledge GenomeTM


Top Flashcards (Certified)
All Flashcards

Cloud Practioner > CCP > Flashcards

CCP Flashcards

1
Q

Define Availability Zone

A

Global Infrastructure composed of one or more discrete data centers with redundant power, networking, and connectivity, and are used to deploy infrastructure.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Types of Cloud Computing

A

Infrastructure, platform and software as a service.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What is Infrastructure as a service

A
  • Provide building blocks for cloud IT
  • Provides networking, computers, data storage space
  • Highest level of flexibility
  • Easy parallel with traditional on-premises IT
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What is Platform as a Service

A
  • Removes the need for your organization to manage the underlying infrastructure
  • Focus on the deployment and management of your applications
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What is Software as a Service

A
  • Completed product that is run and managed by the service provider
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What are the five characteristics of cloud computing?

A
  • On-demand self service:
  • Users can provision resources and use them without human interaction from the service
    provider
  • Broad network access:
  • Resources available over the network, and can be accessed by diverse client platforms
  • Multi-tenancy and resource pooling:
  • Multiple customers can share the same infrastructure and applications with security and privacy * Multiple customers are serviced from the same physical resources
  • Rapid elasticity and scalability:
  • Automatically and quickly acquire and dispose resources when needed * Quickly and easily scale based on demand
  • Measured service:
  • Usage is measured, users pay correctly for what they have used
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What are the 3 Pricing Fundamentals of AWS Cloud?

A
  • Compute:
  • Pay for compute time
  • Storage:
  • Pay for data stored in the Cloud
  • Data transfer OUT of the Cloud: * Data transfer IN is free
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What are the 4 points of consideration when choosing an AWS Region?

A
  1. Compliance with data and governance and legal requirements.
  2. Proximity to customers (latency)
  3. Available services and features within a Region
  4. Pricing.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Define Cloud Computing

A

On-demand availability of computer system resources, especially data storage (cloud storage), and computing power, without direct active management by the user.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Define IAM Roles

A

IAM entity that defines a set of permissions for making AWS service requests, that will be used by AWS services.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What is an IAM credential report?

A

IAM Credentials report lists all your account’s users and the status of their various credentials. The other IAM Security Tool is IAM Access Advisor. It shows the service permissions granted to a user and when those services were last accessed.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What are IAM Policies?

A

An IAM policy is an entity that, when attached to an identity or resource, defines their permissions.

Json documents to define users, groups, permissions.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What are EC2 Capabilities?

A
  • Renting virtual machines (EC2)
  • Storing data on virtual drives (EBS)
  • Distributing load across machines (ELB)
  • Scaling the services using an auto-scaling group (ASG)
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

What is EC2 On Demand?

A
  • Pay for what you use:
  • Linux or Windows - billing per second, after the first minute * All other operating systems - billing per hour
  • Has the highest cost but no upfront payment
  • No long-term commitment
  • Recommended for short-term and un-interrupted workloads, where you can’t predict how the application will behave
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

What is EC2 Reserved?

A
  • Up to 72% discount compared to On-demand
  • You reserve a specific instance attributes (Instance Type, Region,Tenancy, OS) * Reservation Period – 1 year (+discount) or 3 years (+++discount)
  • Payment Options – No Upfront (+), Partial Upfront (++), All Upfront (+++) * Reserved Instance’s Scope – Regional or Zonal (reserve capacity in an AZ)
  • Recommended for steady-state usage applications (think database)
  • You can buy and sell in the Reserved Instance Marketplace
  • Convertible Reserved Instance
  • Can change the EC2 instance type, instance family, OS, scope and tenancy * Up to 66% discount
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

What is EC2 Savings Plan?

A
  • Get a discount based on long-term usage (up to 72% - same as RIs) * Commit to a certain type of usage ($10/hour for 1 or 3 years)
  • Usage beyond EC2 Savings Plans is billed at the On-Demand price
  • Locked to a specific instance family & AWS region (e.g., M5 in us-east-1)
  • Flexible across:
  • Instance Size (e.g., m5.xlarge, m5.2xlarge) * OS (e.g., Linux, Windows)
  • Tenancy (Host, Dedicated, Default)

one- or three-year hourly spend commitment

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

What is EC2 Spot?

A
  • Can get a discount of up to 90% compared to On-demand
  • Instances that you can “lose” at any point of time if your max price is less than the current spot price
  • The MOST cost-efficient instances in AWS
  • Useful for workloads that are resilient to failure * Batch jobs
  • Data analysis
  • Image processing
  • Any distributed workloads
  • Workloads with a flexible start and end time
  • Not suitable for critical jobs or databases
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

What are EC2 dedicated host?

A
  • A physical server with EC2 instance capacity fully dedicated to your use
  • Allows you address compliance requirements and use your existing server- bound software licenses (per-socket, per-core, pe—VM software licenses)
  • Purchasing Options:
  • On-demand – pay per second for active Dedicated Host
  • Reserved - 1 or 3 years (No Upfront,Partial Upfront,All Upfront)
  • The most expensive option
  • Useful for software that have complicated licensing model (BYOL – Bring Your
    Own License)
  • Or for companies that have strong regulatory or compliance needs
    NOT FOR DISTRIBUTION © Stephane Maarek www.datacumulus.com
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

What are EC2 dedicated instances?

A
  • Instances run on hardware that’s dedicated to you
  • May share hardware with other instances in same account
  • No control over instance placement (can move hardware after Stop / Start)
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

What are EC2 Security Groups?

A

security tool can you use to control traffic in and out of EC2 Instances

  • Security groups are acting as a “firewall” on EC2 instances
  • They regulate:
  • Access to Ports
  • Authorised IP ranges – IPv4 and IPv6
  • Control of inbound network (from other to the instance)
  • Control of outbound network (from the instance to other)
  • Can be attached to multiple instances
  • Locked down to a region / VPC combination
  • Does live “outside” the EC2 – if traffic is blocked the EC2 instance won’t see it
  • It’s good to maintain one separate security group for SSH access
  • If your application is not accessible (time out), then it’s a security group issue
  • If your application gives a “connection refused“ error, then it’s an application error or it’s not launched
  • All inbound traffic is blocked by default
  • All outbound traffic is authorised by default
  • 22 = SSH (Secure Shell) - log into a Linux instance
  • 21 = FTP (File Transfer Protocol) – upload files into a file share
  • 22 = SFTP (Secure File Transfer Protocol) – upload files using SSH
  • 80 = HTTP – access unsecured websites
  • 443 = HTTPS – access secured websites
  • 3389 = RDP (Remote Desktop Protocol) – log into a Windows instance
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

What is EC2 Compute Optimized?

A

Compute Optimized EC2 instances are great for compute-intensive workloads requiring high performance processors, such as batch processing, media transcoding, high performance web servers, high performance computing, scientific modeling & machine learning, and dedicated gaming servers.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

What is EFS?

A

Amazon EFS is a fully managed service that makes it easy to set up, scale, and cost-optimize file storage in the Amazon Cloud.

EFS is ideal for storing dynamic files, such as code, configuration, logs, and databases, that require frequent updates or complex operations.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

What is EC2 Image Builder?

A

EC2 Image Builder is an automated pipeline for the creation, maintenance, validation, sharing, and deployment of Linux or Windows images for use on AWS and on-premises.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

What is EFS?

A

Elastic File System.
* Managed NFS (network file system) that can be mounted on 100s of EC2
* EFS works with Linux EC2 instances in multi-AZ
* Highly available, scalable, expensive (3x gp2), pay per use, no capacity planning

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
What is EBS
Elastic Block Storage. * An EBS (Elastic Block Store) Volume is a network drive you can attach to your instances while they run * It allows your instances to persist data, even after their termination * They can only be mounted to one instance at a time (at the CCP level) * They are bound to a specific availability zone * Analogy: Think of them as a “network USB stick” * Free tier: 30 GB of free EBS storage of type General Purpose (SSD) or Magnetic per month
26
What is FSx?
Amazon FSx makes it easy and cost effective to launch and run popular 3P file systems that are fully managed by AWS. It comes in two offerings: FSx for Windows File Server (used for business applications), and FSx for Lustre (used for high-performance computing).
27
What is AMI?
An Amazon Machine Image (AMI) is a supported and maintained image provided by AWS that provides the information required to launch an instance. You must specify an AMI when you launch an instance. You can launch multiple instances from a single AMI when you require multiple instances with the same configuration. You can use different AMIs to launch instances when you require instances with different configurations. An AMI includes the following: One or more Amazon Elastic Block Store (Amazon EBS) snapshots, or, for instance-store-backed AMIs, a template for the root volume of the instance (for example, an operating system, an application server, and applications). Launch permissions that control which AWS accounts can use the AMI to launch instances. A block device mapping that specifies the volumes to attach to the instance when it's launched.
28
What is AMI? Tutorial Definition.
* AMI = Amazon Machine Image * AMI are a customization of an EC2 instance * You add your own software, configuration, operating system, monitoring… * Faster boot / configuration time because all your software is pre-packaged * AMI are built for a specific region (and can be copied across regions) * You can launch EC2 instances from: * A Public AMI: AWS provided * Your own AMI: you make and maintain them yourself * An AWS Marketplace AMI: an AMI someone else made (and potentially sells)
29
EBS Volumes can be attached to how many instances?
EBS Volumes can be attached to only one EC2 Instance, but EC2 Instances can have multiple EBS Volumes attached to them.
30
What is EC2 Instance Store?
An instance store provides temporary block-level storage for your instance. This storage is located on disks that are physically attached to the host computer. Instance store is ideal for temporary storage of information that changes frequently, such as buffers, caches, scratch data, and other temporary content. It can also be used to store temporary data that you replicate across a fleet of instances, such as a load-balanced pool of web servers. EC2 Instance Store has a better I/O performance, but data is lost if: the EC2 instance is stopped or terminated, or when the underlying disk drive fails.
31
What is An EBS Snapshot?
EBS Snapshots are used to backup data on your EBS Volumes at a point in time.
32
Define High Availability?
High Availability means applications running at least in two AZs to survive a data center loss.
33
What is a network load balancer?
A Network Load Balancer can handle millions of requests per second with low-latency. It operates at Layer 4, and is best-suited for load-balancing TCP, UDP, and TLS traffic with ultra high-performance.
34
What is Vertical Scaling?
Vertical scaling means increasing the size of the instance. Changing from a t3a.medium to a t3a.2xlarge is an example of size increase.
35
What is an ASG?
An Auto Scaling Group (ASG) can automatically and quickly scale-in and scale-out to match the changing load on your applications and websites.
36
What are the 4 kinds of Load Balancers?
Application Load Balancer (HTTP / HTTPS only) – Layer 7 * Network Load Balancer (ultra-high performance, allows for TCP) – Layer 4 * Gateway Load Balancer – Layer 3 * Classic Load Balancer (retired in 2023) – Layer 4 & 7
37
The goal of an Auto Scaling Group (ASG) is to:
* Scale out (add EC2 instances) to match an increased load * Scale in (remove EC2 instances) to match a decreased load * Ensure we have a minimum and a maximum number of machines running * Automatically register new instances to a load balancer * Replace unhealthy instances * Cost Savings: only run at an optimal capacity (principle of the cloud)
38
Auto Scaling Groups – Scaling Strategies
* Manual Scaling: Update the size of an ASG manually * Dynamic Scaling: Respond to changing demand * Simple / Step Scaling * When a CloudWatch alarm is triggered (example CPU > 70%), then add 2 units * When a CloudWatch alarm is triggered (example CPU < 30%), then remove 1 * Target Tracking Scaling * Example: I want the average ASG CPU to stay at around 40% * Scheduled Scaling * Anticipate a scaling based on known usage patterns * Example: increase the min. capacity to 10 at 5 pm on Fridays * Predictive Scaling * Uses Machine Learning to predict future traffic ahead of time * Automatically provisions the right number of EC2 instances in advance
39
What does an Elastic Load Balancers (ELB) do?
* Distribute traffic across backend EC2 instances, can be Multi-AZ * Supports health checks * 4 types: Classic (old), Application (HTTP – L7), Network (TCP – L4), Gateway (L3) spreads load across multiple downstream instances handles failure of downstream instances.
40
What are the S3 storage classes?
* Amazon S3 Standard - General Purpose * Amazon S3 Standard-Infrequent Access (IA) * Amazon S3 One Zone-Infrequent Access * Amazon S3 Glacier Instant Retrieval * Amazon S3 Glacier Flexible Retrieval * Amazon S3 Glacier Deep Archive * Amazon S3 Intelligent Tiering
41
What is Aws Storage Gateway?
AWS Storage Gateway is a hybrid cloud storage service that gives you on-premises access to virtually unlimited cloud storage.
42
What is the AWS Snow Family?
* Highly-secure, portable devices to collect and process data at the edge, and migrate data into and out of AWS
43
What is Snowball Edge
* Physical data transport solution: move TBs or PBs of data in or out of AWS * Alternative to moving data over the network (and paying network fees) * Pay per data transfer job * Provide block storage and Amazon S3-compatible object storage * Snowball Edge Storage Optimized * 80 TB of HDD capacity for block volume and S3 compatible object storage * Snowball Edge Compute Optimized * 42 TB of HDD or 28TB NVMe capacity for block volume and S3 compatible object storage * Use cases: large data cloud migrations, DC decommission, disaster
44
What is Snowcone/Snowcone SSD
AWS Snowcone & Snowcone SSD * Small, portable computing, anywhere, rugged & secure, withstands harsh environments * Light (4.5 pounds, 2.1 kg) * Device used for edge computing, storage, and data transfer * Snowcone – 8 TB of HDD Storage * Snowcone SSD – 14 TB of SSD Storage * Use Snowcone where Snowball does not fit (spaceconstrained environment) * Must provide your own battery / cables * Can be sent back to AWS offline, or connect it to internet and use AWS DataSync to send data
45
AWS Snowmobile
* Transfer exabytes of data (1 EB = 1,000 PB = 1,000,000 TBs) * Each Snowmobile has 100 PB of capacity (use multiple in parallel) * High security: temperature controlled, GPS, 24/7 video surveillance * Better than Snowball if you transfer more than 10 PB
46
What are Access Keys used for?
Access Keys are used to sign programmatic requests to the AWS CLI or AWS API.
47
Where are objects stored in Amazon S3?
Buckets
48
What is Storage Gateway?
S3 hybrid solution to extend on-premises storage to S3
49
What do you use a S3 bucket policy for?
* Grant public access to the bucket * Force objects to be encrypted at upload * Grant access to another account (Cross Account)
50
What are Lifecycle Rules?
Lifecycle Rules can be used to define when S3 objects should be transitioned to another storage class or when objects should be deleted after some time.
51
what is snowball edge storage optimized?
Snowball Edge Storage Optimized devices are well suited for large-scale data migrations and recurring transfer workflows, as well as local computing with higher capacity needs.
52
What is snowball edge compute optimized?
smaller than storage optimized: * 104 vCPUs, 416 GiB of RAM * Optional GPU (useful for video processing or machine learning) * 28 TB NVMe or 42TB HDD usable storage * Up to 40 vCPUs, 80 GiB of RAM, 80 TB storage * Object storage clustering available
53
What are the S3 Storage Classes?
* Amazon S3 Standard - General Purpose * Amazon S3 Standard-Infrequent Access (IA) * Amazon S3 One Zone-Infrequent Access * Amazon S3 Glacier Instant Retrieval * Amazon S3 Glacier Flexible Retrieval * Amazon S3 Glacier Deep Archive * Amazon S3 Intelligent Tiering * Can move between classes manually or using S3 Lifecycle configurations
54
What is S3 Standard – General Purpose?
* 99.99% Availability * Used for frequently accessed data * Low latency and high throughput * Sustain 2 concurrent facility failures * Use Cases: Big Data analytics, mobile & gaming applications, content distribution…
55
What is S3 Storage Classes – Infrequent Access?
* For data that is less frequently accessed, but requires rapid access when needed * Lower cost than S3 Standard * Amazon S3 Standard-Infrequent Access (S3 Standard-IA) * 99.9% Availability *suitable for less frequently accessed data, but with rapid access when needed, while keeping a high durability and allowing an Availability Zone failure * Use cases: Disaster Recovery, backups * Amazon S3 One Zone-Infrequent Access (S3 One Zone-IA) * High durability (99.999999999%) in a single AZ; data lost when AZ is destroyed * 99.5% Availability * Use Cases: Storing secondary backup copies of on-premise data, or data you can recreate
56
What is Managed Blockchain?
Amazon Managed Blockchain is a fully managed service that makes it easy to create and manage scalable blockchain networks using the popular open source frameworks Hyperledger Fabric and Ethereum.
57
What is Redshift?
Amazon Redshift is a fully managed, petabyte-scale data warehouse service in the cloud. * Redshift is based on PostgreSQL, but it’s not used for OLTP * It’s OLAP – online analytical processing (analytics and data warehousing) * Load data once every hour, not every second * 10x better performance than other data warehouses, scale to PBs of data * Columnar storage of data (instead of row based) * Massively Parallel Query Execution (MPP), highly available * Pay as you go based on the instances provisioned * Has a SQL interface for performing the queries * BI tools such as AWS Quicksight or Tableau integrate with it
58
What is Amazon Athena?
* Serverless query service to analyze data stored in Amazon S3 * Uses standard SQL language to query the files * Supports CSV, JSON, ORC, Avro, and Parquet (built on Presto) * Pricing: $5.00 per TB of data scanned * Use compressed or columnar data for cost-savings (less scan) * Use cases: Business intelligence / analytics / reporting, analyze & query VPC Flow Logs, ELB Logs, CloudTrail trails, etc... * Exam Tip: analyze data in S3 using serverless SQL, use Athena
59
What is AWS Glue?
AWS Glue is a fully managed extract, transform, and load (ETL) service that makes it easy for customers to prepare and load their data for analytics.
60
What is Amazon Aurora?
Amazon Aurora is a MySQL and PostgreSQL-compatible relational database built for the cloud, that combines the performance and availability of traditional enterprise databases with the simplicity and cost-effectiveness of open source databases. It is a proprietary technology from AWS.
61
What is AWS Database Migration?
AWS Database Migration Service helps you migrate databases to AWS quickly and securely. The source database remains fully operational during the migration, minimizing downtime to applications that rely on the database.
62
What is Amazon EMR?
* EMR stands for “Elastic MapReduce” * EMR helps creating Hadoop clusters (Big Data) to analyze and process vast amount of data * The clusters can be made of hundreds of EC2 instances * Also supports Apache Spark, HBase, Presto, Flink… * EMR takes care of all the provisioning and configuration * Auto-scaling and integrated with Spot instances * Use cases: data processing, machine learning, web indexing, big data…
63
What is Elasticache?
Amazon ElastiCache is a web service that makes it easy to deploy and run Memcached or Redis protocol-compliant server nodes in the cloud. ElastiCache caches are in-memory databases with high performance, low latency. They help reduce load off databases for read intensive workloads.
64
What is a Glue Data Catalog?
A central repository to store structural and operational metadata for data assets in AWS Glue?
65
What is RDS?
Amazon Relational Database Service (Amazon RDS) is a SQL managed service that makes it easy to set up, operate, and scale a relational database in the cloud. It is suited for OLTP workloads
66
What is DynamoDB?
Amazon DynamoDB is a fully managed, serverless, key-value NoSQL database designed to run high-performance applications at any scale. DynamoDB offers built-in security, continuous backups, automated multi-Region replication, in-memory caching, and data import and export tools. * Fully Managed Highly available with replication across 3 AZ * NoSQL database - not a relational database * Scales to massive workloads, distributed “serverless” database * Millions of requests per seconds, trillions of row, 100s of TB of storage * Fast and consistent in performance * Single-digit millisecond latency – low latency retrieval * Integrated with IAM for security, authorization and administration * Low cost and auto scaling capabilities * Standard & Infrequent Access (IA) Table Class
67
What QLDB?
Amazon QLDB is a fully managed ledger database that provides a transparent, immutable, and cryptographically verifiable transaction log owned by a central trusted authority. Amazon QLDB tracks each and every application data change and maintains a complete and verifiable history of changes over time.
68
What is Neptune?
Amazon Neptune is a fast, reliable, fully-managed graph database service that makes it easy to build and run applications that work with highly connected datasets. It can be used for knowledge graphs, fraud detection, recommendations engines, social networking, etc.
69
What is quicksight?
Amazon QuickSight is a fast, cloud-powered business intelligence (BI) service that makes it easy for you to deliver insights to everyone in your organization. You can create and publish interactive dashboards.
70
What is Document DB?
Amazon DocumentDB (with MongoDB compatibility) is a fast, calable, highly available, and fully managed document database service that supports MongoDB workloads.
71
What is Dynamo DB Accelerator?
Amazon DynamoDB Accelerator (DAX) is a fully managed, highly available, in-memory cache for Amazon DynamoDB that delivers up to a 10 times performance improvement—from milliseconds to microseconds—even at millions of requests per second.
72
What is AWS Lambda?
AWS Lambda is a compute service that lets you run code without provisioning or managing servers.
73
What is Fargate?
Fargate: * Run Docker containers without provisioning the infrastructure * Serverless offering (no EC2 instances)
74
What is ECR?
* ECR: Private Docker Images Repository
75
What is ECS?
* ECS: run Docker containers on EC2 instances but you must provision and manage instances Elastic container service
76
What is lightsail?
Amazon Lightsail is designed to be the easiest way to launch and manage a virtual private server with AWS. Lightsail plans include everything you need to jumpstart your project – a virtual machine, SSD- based storage, data transfer, DNS management, and a static IP address – for a low, predictable price. It can be used to create a simple web application, a website or a dev/test environment.
77
What is Docker?
Docker is a software development platform that allows you to run applications the same way, regardless of where they are run. It can scale containers up and down within seconds.
78
How would you best describe "event-driven" in AWS Lambda?
Happens when needed
79
What is AWS batch?
AWS Batch enables developers, scientists, and engineers to easily and efficiently run hundreds of thousands of batch computing jobs on AWS. AWS Batch dynamically provisions the optimal quantity and type of compute resources (e.g., CPU or memory-optimized instances) based on the volume and specific resource requirements of the batch jobs submitted.
80
What is Code Star?
CodeStar is used to quickly develop, build, and deploy applications on AWS. Deployments & Managing Infrastructure at Scale
81
What is Elastic Bean Stalk?
Elastic Beanstalk can be used to monitor and to check the health of an environment.
81
What is Elastic Bean Stalk?
Elastic Beanstalk can be used to monitor and to check the health of an environment. Deployments & Managing Infrastructure at Scale
82
What is Elastic Bean Stalk?
Elastic Beanstalk can be used to monitor and to check the health of an environment.
83
What is Code Deploy?
AWS CodeDeploy is a service that automates code deployments to any instance, including Amazon EC2 instances and instances running on-premises. Deployments & Managing Infrastructure at Scale
84
What is Code Deploy?
AWS CodeDeploy is a service that automates code deployments to any instance, including Amazon EC2 instances and instances running on-premises.
85
What is Code Pipeline?
AWS CodePipeline is a fully managed continuous delivery service that helps you automate your release pipelines for fast and reliable application and infrastructure updates. It is not used to store or collaborate on code. Orchestrates the different steps to have code automatically pushed to production. Deployments & Managing Infrastructure at Scale
86
What is Code Commit?
AWS CodeCommit is a secure, highly scalable, managed source control service that makes it easier for teams to collaborate on code. It also provides software version control. Deployments & Managing Infrastructure at Scale
87
What is AWS Systems Manager (SSM)
* Helps you manage your EC2 and On-Premises systems at scale * Another Hybrid AWS service * Get operational insights about the state of your infrastructure * Suite of 10+ products * Most important features are: * Patching automation for enhanced compliance * Run commands across an entire fleet of servers (patching systems at scale) * Store parameter configuration with the SSM Parameter Store * Works for Linux, Windows, MacOS, and Raspberry Pi OS (Raspbian) Deployments & Managing Infrastructure at Scale
88
What is AWS Opsworks?
* Chef & Puppet help you perform server configuration automatically, or repetitive actions * They work great with EC2 & On-Premises VM * AWS OpsWorks = Managed Chef & Puppet * It’s an alternative to AWS SSM * Only provision standard AWS resources: * EC2 Instances, Databases, Load Balancers, EBS volumes… * In the exam: Chef or Puppet needed => AWS OpsWorks AWS OpsWorks is a configuration management service that provides managed instances of Chef and Puppet. Chef and Puppet are automation platforms that allow you to use code to automate the configurations of your servers. Deployments & Managing Infrastructure at Scale
89
What is AWS Cloud Development Kit (CDK)?
* Define your cloud infrastructure using a familiar language: * JavaScript/TypeScript, Python, Java, and .NET * The code is “compiled” into a CloudFormation template (JSON/YAML) * You can therefore deploy infrastructure and application runtime code together * Great for Lambda functions * Great for Docker containers in ECS / EKS Deployments & Managing Infrastructure at Scale
90
What is CloudFormation?
AWS CloudFormation provides a common language for you to model and provision AWS and third party application resources in your cloud environment. It allows you to deploy Infrastructure as a Code. Deployments & Managing Infrastructure at Scale
91
What is Cloud 9?
AWS Cloud9 is a cloud-based integrated development environment (IDE) that lets you write, run, and debug your code with just a browser. Deployments & Managing Infrastructure at Scale
92
What is Elastic Beanstalk?
* Elastic Beanstalk is a developer centric view of deploying an application on AWS * It uses all the component’s we’ve seen before: EC2, ASG, ELB, RDS, etc… * But it’s all in one view that’s easy to make sense of! * We still have full control over the configuration * Beanstalk = Platform as a Service (PaaS) * Beanstalk is free but you pay for the underlying instances Deployments & Managing Infrastructure at Scale?
93
What are AWS Cloud Formation Templates?
AWS CloudFormation templates are JSON or YAML-formatted text files. They are declarations of the AWS resources that make up a stack. Deployments & Managing Infrastructure at Scale?
94
What is Codestar?
CodeStar is used to quickly develop, build, and deploy applications on AWS with a unified user interface. * Unified UI to easily manage software development activities in one place * “Quick way” to get started to correctly set-up CodeCommit, CodePipeline, CodeBuild, CodeDeploy, Elastic Beanstalk, EC2, etc… * Can edit the code ”in-the-cloud” using AWS Cloud9 Deployments & Managing Infrastructure at Scale?
95
What is codebuild?
AWS CodeBuild is a fully managed continuous integration service that compiles source code, runs tests, and produces software packages that are ready to deploy. With CodeBuild, you don’t need to provision, manage, and scale your own build servers, it is serverless.
95
What is codebuild?
AWS CodeBuild is a fully managed continuous integration service that compiles source code, runs tests, and produces software packages that are ready to deploy. With CodeBuild, you don’t need to provision, manage, and scale your own build servers, it is serverless. Deployments & Managing Infrastructure at Scale?
96
What is Amazon MQ?
* SQS, SNS are “cloud-native” services: proprietary protocols from AWS * Traditional applications running from on-premises may use open protocols such as: MQTT, AMQP, STOMP, Openwire, WSS * When migrating to the cloud, instead of re-engineering the application to use SQS and SNS, we can use Amazon MQ * Amazon MQ is a managed message broker service for rabbit MQ and Active MQ Cloud Integrations.
97
What is Amazon SQS?
* Oldest AWS offering (over 10 years old) * Fully managed service (~serverless), use to decouple applications * Scales from 1 message per second to 10,000s per second * Default retention of messages: 4 days, maximum of 14 days * No limit to how many messages can be in the queue * Messages are deleted after they’re read by consumers * Low latency (<10 ms on publish and receive) * Consumers share the work to read messages & scale horizontally Amazon Simple Queue Service (Amazon SQS) is a fully managed message queuing service that makes it easy to decouple and scale microservices, distributed systems, and serverless applications. Amazon SQS moves data between distributed application components and helps you decouple these components. Cloud Integrations
98
What is Amazon SNS?
a fully managed pub/sub messaging service that makes it easy to set up, operate, and send notifications from the cloud, using a push-based system? * The “event publishers” only sends message to one SNS topic * As many “event subscribers” as we want to listen to the SNS topic notifications * Each subscriber to the topic will get all the messages * Up to 12,500,000 subscriptions per topic, 100,000 topics limit Cloud Integrations
99
What is Amazon Kinesis?
Amazon Kinesis makes it easy to collect, process, and analyze real-time, streaming data so you can get timely insights and react quickly to new information. Kinesis offers four services: Data Firehose, Data Analytics, Data Streams, Video Streams. Cloud Integrations
100
What are Amazon CloudWatch Alarms?
* Alarms are used to trigger notifications for any metric * Alarms actions… * Auto Scaling: increase or decrease EC2 instances “desired” count * EC2 Actions: stop, terminate, reboot or recover an EC2 instance * SNS notifications: send a notification into an SNS topic * Various options (sampling, %, max, min, etc…) * Can choose the period on which to evaluate an alarm * Example: create a billing alarm on the CloudWatch Billing metric * Alarm States: OK. INSUFFICIENT_DATA, ALARM Cloud Monitoring
101
What is AWS X-Ray?
AWS X-Ray is a service that collects data about requests that your application serves, and provides tools that you can use to view, filter, and gain insights into that data to identify issues and opportunities for optimization. AWS X-Ray helps developers analyze and debug production, distributed applications, such as those built using a microservices architecture. Cloud Monitoring
102
What is AWS Health Dashboard?
AWS Health Dashboard provides alerts and remediation guidance when AWS is experiencing events that may impact you. Cloud Monitoring.
103
What is Cloudwatch?
Amazon CloudWatch is a monitoring service for AWS cloud resources and the applications you run on AWS. You can use Amazon CloudWatch to collect and track metrics, collect and monitor log files, and set alarms. Cloud Monitoring
104
What is AWS Cloudtrail?
AWS CloudTrail is a web service that records activity made on your account and delivers log files to your Amazon S3 bucket. AWS CloudTrail is a service that enables governance, compliance, operational auditing, and risk auditing of your AWS account. Cloud Monitoring
105
What is AWS Cloudguru?
Amazon CodeGuru is a developer tool that provides intelligent recommendations to improve code quality and identify an application’s most expensive lines of code. Cloud Monitoring
106
What are AWS Cloudwatch logs?
A single, highly scalable service that centralizes the logs from all of your systems, applications, and AWS services that you use. Cloud Monitoring
107
What is a NAT Gateway?
AWS managed service that allows your instances in your private subnets to access the internet while remaining private. VPC and Networking
108
What is NACL
Network access control list. a firewall which controls traffic from and to subnet. can have allow and deny rules. are attached at subnet level. rules only include ip addresses. VPC and Networking
109
What is Transit Gateway?
Transit Gateway connects thousands of VPC and on-premises networks together in a single gateway. AWS Transit Gateway connects your Amazon Virtual Private Clouds (VPCs) and on-premises networks through a central hub. This connection simplifies your network and puts an end to complex peering relationships. Transit Gateway acts as a highly scalable cloud router—each new connection is made only once. VPC and Networking
110
What is VPC Peering?
VPC Peering connection is a networking connection between two VPCs using AWS' network. VPC and Networking
111
What is a VPC?
A virtual private cloud (VPC) is a virtual network dedicated to your AWS account. It is logically isolated from other virtual networks in the AWS Cloud. You can launch your AWS resources, such as Amazon EC2 instances, into your VPC. VPC and Networking
112
What is AWS Direct Connect?
AWS Direct Connect is a cloud service solution that makes it easy to establish a dedicated private network connection from your premises to AWS. VPC and Networking
113
What is an internet gateway?
An internet gateway is a horizontally scaled, redundant, and highly available VPC component that allows communication between your VPC and the internet. VPC and Networking
114
What type of data is on RDS?
Data at rest means data stored or archived on a device. Security and Compliance
115
What is Amazon Macie?
Amazon Macie is a security service that uses machine learning to automatically discover, classify, and protect sensitive data in AWS, such as personally identifiable information (PII) or intellectual property. Security and Compliance
116
What is AWS detective?
Amazon Detective makes it easy to analyze, investigate, and quickly identify the root cause of potential security issues or suspicious activities. Security and Compliance
117
What is WAF?
AWS WAF is a web application firewall that helps protect your web applications or APIs against common web exploits that may affect availability, compromise security, or consume excessive resources. Security and Compliance
118
What is AWS Artifact?
AWS Artifact is your go-to, central resource for compliance-related information that matters to you. Security and Compliance?
119
What is Config?
AWS Config is a service that enables you to assess, audit, and evaluate the configurations of your AWS resources. Security and Compliance
120
What is ACM?
AWS Certificate Manager is a service that lets you easily provision, manage, and deploy public and private Secure Sockets Layer/Transport Layer Security (SSL/TLS) certificates for use with AWS services and your internal connected resources. SSL/TLS stands for secure sockets layer and transport layer security. It is a protocol or communication rule that allows computer systems to talk to each other on the internet safely Security and Compliance
121
What is AWS Security Hub?
AWS Security Hub provides you with a comprehensive view of your security state within AWS and your compliance with security standards and best practices. Security and Compliance
122
What is KMS?
AWS KMS is a managed service that enables you to easily create and control the keys used for cryptographic operations. It is managed by AWS. Use AWS KMS to encrypt data across your AWS workloads, digitally sign data, encrypt within your applications using AWS Encryption SDK, and generate and verify message authentication codes (MACs). Security and Compliance
123
What is Inspector?
Amazon Inspector is an automated security assessment service that helps improve the security and compliance of applications deployed on AWS. It helps you test the network accessibility of your Amazon EC2 instances and the security state of your applications running on the instances. Security and Compliance
124
What is AWS shield?
Shield is only used to safeguard running applications from DDoS attacks. Security and Compliance.
125
What is AWS Guard Duty?
Amazon GuardDuty is a threat detection service that continuously monitors for malicious activity and unauthorized behavior to protect your AWS accounts and workloads. Security and Compliance
126
What is Amazon Lex?
Amazon Lex is a service for building conversational interfaces into any application using voice and text. Lex provides the advanced deep learning functionalities of automatic speech recognition (ASR) for converting speech to text, and natural language understanding (NLU) to recognize the intent of the text, to enable you to build applications with highly engaging user experiences and lifelike conversational interactions. Machine Learning
127
What is Amazon Forecast?
Amazon Forecast is a fully managed service that uses machine learning to deliver highly accurate forecasts. Machine Learning
128
What is Amazon Recognition?
Amazon Rekognition makes it easy to add image and video analysis to your applications using proven, highly scalable, deep learning technology that requires no machine learning expertise to use. Machine Learning
129
What is Amazon Personalize?
Amazon Personalize is a machine learning service that makes it easy for developers to create individualized recommendations for customers using their applications. Machine Learning
130
What is Amazon Comprehend?
Amazon Comprehend is a natural language processing (NLP) service that uses machine learning to find meaning and insights in text. Machine Learning
131
What is Amazon Translate?
Amazon Translate is a neural machine translation service that delivers fast, high-quality, and affordable language translation. Machine Learning
132
What is Amazon Sagemaker?
Amazon SageMaker is a fully managed service that provides every developer and data scientist with the ability to build, train, and deploy machine learning (ML) models quickly. SageMaker removes the heavy lifting from each step of the machine learning process to make it easier to develop high quality models. Machine Learning
133
What is Amazon Transcribe?
Amazon Transcribe is an AWS service that makes it easy for customers to convert speech-to-text. Machine Learning
134
What is Amazon Kendra?
Amazon Kendra is a highly accurate and easy to use enterprise search service that’s powered by machine learning. Machine Learning
135
What is Amazon Polly?
Amazon Polly is a service that turns text into lifelike speech. Machine Learning
136
What are EBS pricing factors?
Volume type, Provisioned storage volume, IOPS, etc. added storage is added cost in GB/month Pricing
137
What is Compute Optimizer?
recommends resource configurations to reduce cost Pricing
138
What is Pricing Calculator?
Allows you to estimate cost of services on AWS Pricing
139
What are Cost Allocation Tags?
tag resources to create detailed reports Pricing
140
What is the Billing Dashboard?
High level overview + free tier dashboard Pricing
141
What are Cost and usage reports?
Most comprehensive billing dataset Pricing
142
What is Cost explorer?
view current usage and forecast usage Pricing
143
What are Billing Alarms?
track overall and per service billing Only shows what you’ve been charged Vs budget that can show forecast Budgets allow you to create filtered alarms Pricing
144
What are Budgets?
Track usage, RI, costs and get alerts. more advanced than billing alarms. With AWS Budgets, set custom budgets to track your costs and usage, and respond quickly to alerts received from email or SNS notifications if you exceed your threshold. Pricing
144
What are Budgets
Track usage, RI, costs and get alerts. more advanced than billing alarms. Pricing
145
What is a Savings Plan?
easy way to save based on long term usage of AWS by committing a specific dollar amount
146
What is a Cost Anomaly Detection?
detect unusual spends based on machine learning
147
What is a Service Quota?
notify you once you're close to a service quota threshold? maximum number of service resources or operations that apply to an AWS account or an AWS Region. The number of AWS Identity and Access Management (IAM) roles per account is an example of an account-based quota. Pricing
148
What are the 4 payment models of AWS?
1. Pay as you go 2. Save when you reserve: minimize risks, predictable manage budgets, comply with long term requirements 3. Pay less by using more: volume based discounts 4. Pay less as AWS grows: Pricing
149
What are the computing payment models?
1. On Demand instances. pay per second (linux/windows) or per hour 2. Reserved Instance. up to 75% discount 1 or 3 year commitment. higher discount more that you pay upfront. 3. Spot Instances. up to 90% discount compared to on demand hourly rate. bid for unused capacity. 4. Dedicated host:on-demand or reserved 1 or 3 years. 5. Savings Plan: Pricing
150
Lambda Pricing Model?
pay per call and duration. Pricing
150
Lambda Pricing Model?
pay per call and duration. Pricing
151
ECS Pricing Model?
EC2 launch type model, no additional fees, you pay for AWS resources stored and created in your application. Pricing
152
Fargate Pricing Model?
Pay gor Vcpu and memory resources allocated to your applications in your containers. Pricing
153
Storage Pricing S3?
* Storage class: S3 Standard, S3 Infrequent Access, S3 One-Zone IA, S3 Intelligent Tiering, S3 Glacier and S3 Glacier Deep Archive * Number and size of objects: Price can be tiered (based on volume) * Number and type of requests * Data transfer OUT of the S3 region * S3 Transfer Acceleration * Lifecycle transitions
154
Storage pricing EBS?
* Volume type (based on performance) * Storage volume in GB per month provisionned * IOPS: * General Purpose SSD: Included * Provisioned IOPS SSD: Provisionned amount in IOPS * Magnetic: Number of requests * Snapshots: * Added data cost per GB per month * Data transfer: * Outbound data transfer are tiered for volume discounts * Inbound is free
155
Storage pricing RDS?
* Per hour billing * Database characteristics: * Engine * Size * Memory class * Purchase type: * On-demand * Reserved instances (1 or 3 years) with required up-front * Backup Storage:There is no additional charge for backup storage up to 100% of your total database storage for a region. * Additional storage (per GB per month) * Number of input and output requests per month * Deployment type (storage and I/O are variable): * Single AZ * Multiple AZs * Data transfer: * Outbound data transfer are tiered for volume discounts * Inbound is free NOT FOR DISTRIBUTION © Stephane Maarek w
156
Content Delivery – CloudFront
Amazon CloudFront is a content delivery network (CDN) service built for high performance, security, and developer convenience. * Pricing is different across different geographic regions * Aggregated for each edge location, then applied to your bill * Data Transfer Out (volume discount) * Number of HTTP/HTTPS requests
157
What is AWS Savings Plan?
* Commit a certain $ amount per hour for 1 or 3 years * Easiest way to setup long-term commitments on AWS * EC2 Savings Plan * Up to 72% discount compared to On-Demand * Commit to usage of individual instance families in a region (e.g. C5 or M5) * Regardless of AZ, size (m5.xl to m5.4xl), OS (Linux/Windows) or tenancy * All upfront, par tial upfront, no upfront * Compute Savings Plan * Up to 66% discount compared to On-Demand * RegardlessofFamily,Region,size,OS,tenancy,computeoptions * ComputeOptions:EC2,Fargate,Lambda * Machine Learning Savings Plan: SageMaker... * Setup from the AWS Cost Explorer console * Estimate pricing at https://aws.amazon.com/savingsplans/pricing/
158
What is AWS Direct Connect
AWS Direct Connect is a cloud service solution that makes it easy to establish a dedicated network connection from your premises to AWS. It does not allow you to use your on-premises directory to connect to your AWS resources. Advanced Identity
159
What is AWS Directory Service?
AWS Directory Service makes it easy for you to setup and run directories in the AWS cloud, or connect your AWS resources with an existing on-premises Microsoft Active Directory. Advanced Identity
160
What is AWS IAM Identity center?
AWS IAM Identity Center is an AWS service that enables you to makes it easy to centrally manage access to multiple AWS accounts and business applications and provide users with single sign-on access to all their assigned accounts and applications from one place. Advanced Identity
161
What is Amazon Security Token Service (STS)?
AWS Security Token Service (AWS STS) is a web service that enables you to request temporary, limited-privilege credentials for AWS Identity and Access Management (IAM) users or for users that you authenticate (federated users). Advanced Identity
162
What is Amazon Cognito?
Amazon Cognito lets you add user sign-up, sign-in, and access control to your web and mobile apps quickly and easily. Advanced Identity
163
What is the AWS Well Architected Tool?
The AWS Well-Architected Tool helps you review the state of your workloads and compares them to the latest AWS architectural best practices. It is based on the 6 pillars of the Well-Architected Framework (Operational Excellence, Security, Reliability, Performance Efficiency, Cost Optimization, and Sustainability) Architecting and eco-system
164
What is AWS Trusted Advisor?
AWS Trusted Advisor is an online tool that provides you real time guidance to help you provision your resources following AWS best practices (Cost Optimization, Performance, Security, Fault Tolerance, and Service Limits). Architecting and eco-system
165
What are performance efficiency design principles?
Performance Efficiency design principles include: democratize advanced technologies, go global in minutes, use serverless architecture, experiment more often, mechanical sympathy. Architecting and eco-system
166
What does the Amazon Partner Network (APN) Consist of?
1. Technology Partners 2. Consulting Partners 3. Training Partners Architecting and eco system
167
What are principles of Reliability?
Testing recovery procedures, stopping guessing capacity, and managing changes in automation are design principles of Reliability. Architecting and eco-system
168
What are principles of Reliability?
Testing recovery procedures, stopping guessing capacity, and managing changes in automation are design principles of Reliability. Architecting and eco-system
169
What are the 6 pillars of a well architected framework?
* 1) Operational Excellence: cloud formation, config * 2) Security: * 3) Reliability:auto scaling, cloud watch, config * 4) Performance Efficiency: autoscaling, lambda, ebs, 5) Cost Optimization * 6) Sustainability

Cloud Practioner (1 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2025 Bold Learning Solutions. Terms and Conditions