Compute Service

Question 1

what can you use as a firewall?

Answer 1

security group

Question 2

what kind of service is EC2?

Answer 2

infrastructure as a service

Question 3

which instance types do you know?

Answer 3

general purpose, compute optimized, memory optimized, storage optimized

Question 4

name a few examples for compute optimized instances

Answer 4

• batch processing workloads
• media transcoding
• high performance web servers
• high performance computing (HPC)
• scientific modeling & machine learning
• dedicated gaming servers

Question 5

name a few examples for memory optimized instances

Answer 5

• floating point number calculations
• graphic processing
• data pattern matching

Question 6

name a few examples for storage optimized instances

Answer 6

• high frequency online transaction processing (OLTP) systems
• relational and NoSQL databases
• cache for in-memory databases (redis)
• data warehousing applications
• distributed file systems

Question 7

what can you use to customize the software installation when the instance is launched?

Answer 7

apply an AMI to an instance

Question 8

what can you use to balance the traffic to several instances?

Answer 8

Elastic Load Balancing

Question 9

what can you use to automatically add or remove instances (scale horizontaly)?

Answer 9

EC2 Auto Scaling

Question 10

What service runs code in response to an event (trigger), without you needing to provide (or manage) a server?

Answer 10

AWS Lambda

Question 11

Name a few examples of triggers for AWS Lambda

Answer 11

click on a website, an api-call, an image upload, output from a connected device

Question 12

Is IAM a global service?

Answer 12

Yes

Question 13

What can you say about the root user?

Answer 13

• is created by default

- shouldn’t be used or shared!

Question 14

What are user?

Answer 14

Users are people within your organization and can be grouped

Question 15

Can groups contain other groups?

Answer 15

No, groups can only contain users

Question 16

What are the two rules for groups regarding users?

Answer 16

Users don’t have to belong to a group and user can belong to multiple groups

Question 17

What are policies?

Answer 17

Policies are JSON documents, which can be assigned to users or groups and define the permissions of the users

Question 18

What is the principle you should use regarding policies?

Answer 18

Least privilege principle

Question 19

What password policy can you set up?

Answer 19

• minimum password length
• lowercase letters, numbers, non-alphanumeric characters
• prevent password re-use

Question 20

What can you use to make your account more safe?

Answer 20

multifactor autorization (MFA)

Question 21

Name the three options to access AWS and how they are protected:

Answer 21

• AWS Management Console (protected by password + MFA)
• AWS Command Line Interface (CLI) (protected by access key)
• AWS Software Developer Kit (SDK) - for code: protected by access keys

Question 22

Where can you get access keys and who manages the access keys?

Answer 22

Access Keys are generated through the AWS Console and users manage their own access keys

Question 23

Can you share your access keys with others?

Answer 23

No! Like passwords you should keep them secret!

Question 24

With what can you compare Access Key ID and Secret Access Key?

Answer 24

Access Key ID is like username and Secret Access Key is like password

Question 25

Can you assign IAM Roles to Services?

Answer 25

Yes, because some services need to perform actions on your behalf and you have to assign permissions to these services with IAM Roles

Question 26

Who provides (or can provide) AMIs?

Answer 26

- AWS (public AMI) - AWS marketplace (made and maintained by a user) - your own AMI (made and maintained by yourself)

Question 27

What stand AMI for?

Answer 27

Amazon Machine Image

Question 28

Can EC2 Auto Scaling scale across zones?

Answer 28

Yes

Question 29

What are the keywords for EC2 Auto Scaling?

Answer 29

dynamic scaling -> responds to changing demands | predictive scaling -> automatically schedules the right number of instances based on predicted demands

Question 30

What is the usage of ELB health check?

Answer 30

The health check is used to only send requests to healthy instances

Question 31

What are the three types of ELBs and what are they used for?

Answer 31

- Application Load Balancer -> specially designed for web applications with http and https traffic and operates at the application layer - Network Load Balancer -> operate at the network layer and are more resilient to sudden traffic spikes - Classic Load Balancer -> are the previous generation of Load Balancers designed for Amazon EC2 Classic instances

Question 32

name six reasons for ELB

Answer 32

- spread load across multiple downstream instances - expose a single point of access (DNS) to your application - seamlessly handle failure of downstreams instances - do regular health checks to your instances - provide SSL termination (HTTPS) for your websites - high availability across zones

Question 33

What is Amazon Machine Image?

Answer 33

AMI is a customization of an EC2 instances

Question 34

What can you do with AMI?

Answer 34

You can add own software, configuration, operating system, monitoring etc.

Question 35

Are AMIs built for a specific region?

Answer 35

Yes, but they can be copied across regions

Question 36

What is the EC2 Image Builder for?

Answer 36

- automate the creation of Virtual Machines or container images - automate the creation, maintain, validate and test EC2 AMIs - can be run on a schedule (for example weekly or whenever packages are updated etc.)

Question 37

What are the prices for EC2 Image Builder?

Answer 37

This service is free (only pay for underlying services)