Flash Cards

Question 1

What is the most basic essential AWS service?

Answer 1

EC2

Question 2

What do Serverless services provide?

Answer 2

abstracts away the reality of operating systems, groups and users and permissions, and configuration details to simply perform some service in response to requests. ● They are associated with scalability and elasticity. ● They tend to charge by the individual request. ● They are harder to attack and compromise. ● They have specialized purposes rather than general purpose computing.

Question 3

Which is preferred serverless or server full services?

Answer 3

Serverless services

Question 4

What are three ways to buy services?

Answer 4

On-demand, Reserved, Spot

Question 5

What is on demand buying option?

Answer 5

● With On-Demand you pay for the amount of time that your server is running. (If the server is stopped/off you do not pay.) ● It is expressed in a cost per hour. For example, as of the time of writing these slides, a c4.large costs 3.8¢ per hour to run. ● Costs can be reduced by running the minimal elastic servers needed to meet demand at any particular time, and by turning servers off when they are not needed (for instance, the development environment at the end of the workday).

Question 6

What is the reserved buying option?

Answer 6

● Pay a larger fee up front to commit to pre-buying an instance for a term of one or three years, at a savings of roughly 40%. ● Costs cannot be reduced after the commitment. ● A wise strategy is to reserve the servers you know will always be on. For example, if you are running an Elastic Beanstalk pool that can scale down to two servers but under periods of high load is allowed to scale as high as 16, purchase two reserved instances since at least two servers will always be running to serve the bare minimum of requests. ● They do not need to consistently be the same two servers.

Question 7

What is the spot buying option?

Answer 7

● A live bidding auction that asks for your service to only run when the price of computing falls below a certain threshold. ● E.g. I am not interested in paying 3.8¢ per hour for my c4.large to run. Instead I will bid at 3.6¢ per hour. I am willing to wait and possibly have my service not run if computing remains expensive, but if AWS has extra capacity to spare at any given moment, they will auction it off to those who bid highest, and those spot instances will run.

Question 8

What are some on-demand use cases?

Answer 8

● “I am playing with a new server pool. I don’t know how big it needs to be yet.” ● “I am spinning up a new database from a snapshot so I can run some historical reports on it, then I’ll be deleting it later.” ● “My Elastic Beanstalk server pool can oscillate from two to eight servers in size. It will rarely need the full eight. I’ll buy some of those on-demand so I only pay when they’re necessary.”

Question 9

What are some reserved use cases?

Answer 9

● “My Elastic Beanstalk pool can oscillate from two to eight servers depending on load. At a minimum, though, there needs to be two servers running to redundantly serve traffic even if demand is low. Since I will always have at least two servers running, I will reserve two instances.” ● “The database server RDS is central to our application and is always on and there is no reason for it to ever turn off or go away. I will reserve one database instance for one year.”

Question 10

What is a spot use case?

Answer 10

I have a large neural network ML model to train. It is going to cost me approximately $160,000 in computing costs to process the entire training data set. It is not important to me when it gets done but even a slight savings on computing time will be significant. I will ask for servers that only run when the price of compute falls below 2¢ per hour and if it takes months for me to get my turn so be it.”

Question 11

How many tiers of support are available?

Answer 11

5 tiers

Question 12

What are the three support interaction methods?

Answer 12

Phone call ○ Email ○ Live Chat with a representative (my favorite) 6

Question 13

What is trusted Advisor Support?

Answer 13

Automated service that identifies common mistakes or warning signals in your AWS account

Question 14

What comes with the basic support option?

Answer 14

● Support only covers Customer Service
● Access to basic Trusted Advisor
● Free
● In my experience they can’t help with very much aside from very basic billing.

Question 15

What is Developer Support?

Answer 15

● $29/mo or 3% of bill, whichever is greater
● 24-hr SLA for general guidance, 12-hour SLA for system impairment
● General Architectural Guidance
● I use this at most of my startups

Question 16

What is business tier support?

Answer 16

● $100/month or 10% of bill (0-10K) + 7% of bill (10K-80K) + 5% of bill (80K-250K) + 3% of bill (over 250K), whichever is greater ● Full suite of Trusted Advisor checks ● Architectural guidance: Unique to your use-cases ● General guidance: < 24 hours ● System impaired: < 12 hours ● Production system impaired: < 4 hours ● Production system down: < 1 hour

Question 17

Enterprise On Ramp Tier Support

Answer 17

Pg 71

Question 18

Enterprise Tier Support

Answer 18

Pg 72

Question 19

What do all tiers include?

Answer 19

● Some level of Trusted Advisor ● Customer-service-level help via the three communication mediums ● Personal Health Dashboard: it’s an instantiated status.aws.amazon.com that reports specifically on outages that are relevant to the services you use ● Communities ● Documentation ● White Papers

Question 20

What is the shared responsibility model.

Answer 20

Security and compliance is a shared responsibility between AWS and the customer.

Question 21

What is AWS Responsibility in shared responsibility model?

Answer 21

● Facility Management ● Personnel Management ● Physical Security of the Datacenter ● Separating compute assets and network traffic so that even on shared hardware, no customers’ data ever crosses lines ● Accurately enforcing those rules which you do specify

Question 22

What is my responsibility in the shared model?

Answer 22

● Accurately specifying the rules you wish to be enforced ● Patching the operating systems and software of servers you run ● Protecting and safeguarding customer data

Question 23

What happens as you move from generalized computing to specialized services

Answer 23

● When you are using general purpose computing (EC2’s which run their own operating systems) you have to keep their OS and software patches and updates; you have to administer users and groups; and manage security groups. ● When you move one level more specialized to a service like RDS (databases-as-a-service) AWS takes over some of this and reduces your exposure.

Question 24

Where can you find Amazon’s documentation about its half of the Shared Responsibility Model?

Answer 24

Lives in AWS Artifact

Question 25

What is at-rest encryption?

Answer 25

● Means the data is stored in an encrypted state when it is being left alone on a hard disk or in storage of some kind. ● EBS (Elastic Block Store): enabled via a checkbox ● RDS (Relational Database Service): enabled via a checkbox ● DynamoDB (NoSQL Document Database): enabled via a checkbox

Question 26

What is in transit encryption?

Answer 26

● Data is automatically encrypted as it leaves any AWS facility ● Data is automatically encrypted when it travels between Availability Zones ● Data sent between certain types of EC2s can be encrypted in transit as it travels through the network within a single availability zone ● Many services such as Lambda and DynamoDB already operate off HTTPS endpoints as it is so they are encrypted in transit too.

Question 27

Where are all logs generated by the operation of individual AWS services?

Answer 27

Cloud watch ● Logs generated on specific servers need to be collected via Cloudwatch Logs Agent ● Metrics ● Alarms

Question 28

What three states can alarms be in?

Answer 28

● OK: the metric is below the threshold ● ALARM: the metric is above the threshold ● INSUFFICIENT_DATA: the metric is not being reported (for instance, an AVG metric when there are no events)

Question 29

What is the difference between cloud watch and Cloud trail?

Answer 29

● CloudTrail logs all configuration changes to AWS resources along with the IAM information of who took the operation. ● CloudTrail needs to be enabled, unlike CloudWatch, which collects logs by default ● CloudWatch would log what happens ON your server; CloudTrail would log what happens TO your server.

Question 30

What is AWS config?

Answer 30

● AWS Config stores historical data about server configurations and can go back in time to see what a server looked like on a given day. ● It can also track compliance across server

Question 31

What are reasons not to log in as root?

Answer 31

● Change core account settings like account info ● Delegate the IAM permission to view Billing information ● Changing your root password ● To enable MFA on the root account ● Initially, to create a different IAM user you can use going forward ● Ask for access to restricted regions (GovCloud) ● Close your account

Question 32

Should root account have mfa enabled?

Answer 32

Yes

Question 33

What happens with conflicting IAM policies?

Answer 33

Deny takes precedence

Question 34

IAM Roles

Answer 34

● SUPERCEDE user and group policies ● You become acting “as” the role for as long as it’s assumed ● Preferred in complex setups and for Organizations ● Can be directly attached to servers and services ○ “This EC2 has the right to upload images to S3” ○ “This CodePipeline has the right to deploy CloudFormations”

Question 35

What are the four tiers AWS services exist at?

Answer 35

● Global ● Regionally Based ● Availability Zone Based ● Edge Based

Question 36

What is a global service?

Answer 36

one that is effective worldwide, because it would not make sense for the “computing” to happen in a specific place. ● Route 53: the entire point of DNS is to be worldwide ● Cloudfront: it distributes content to edge locations across the globe ● IAM: saying a user does or doesn’t have these rights or can log into the console or is a member of groups is not a region-specific thing

Question 37

What is a region service?

Answer 37

● A region is a set of datacenters in one area of the globe comprised of several individual availability zones. ● Most abstract and serverless services are regional. ● Sample regions include us-east-1 (Virginia), us-east-2 (Ohio), ap-southeast-2 (Sydney), eu-west2 (London). ● There are two special regions you need to be granted special allowance to: China (which requires its own account and cannot coexist with a non-China account) and US GovCloud.

Question 38

What are availability zones?

Answer 38

● One or more redundantly connected individual datacenters where things actually run. The specific locations are not disclosed. ● Most services that are serverful (think: devices that have IP addresses) are instantiated on the availability-zone level. ● As an example, us-east-2 (Ohio) has three availability zones: ○ us-east-2a ○ us-east-2b ○ us-east-2c

Question 39

What is a route table?

Answer 39

● Each subnet has an associated Route Table. A Route Table says where traffic routes to. ● For instance: ○ Route all traffic matching 10.10.1.0/16 locally ○ Route all traffic matching 0.0.0.0/0 to the NAT Gateway

Question 40

What is a Internet Gateway?

Answer 40

● A two-way configuration that allows traffic in from the public internet and out from the VPC. ● Use with a route table to create publicly accessible resources.

Question 41

What is a NAT Gateway?

Answer 41

● A one-way virtual appliance that allows traffic from inside the VPC out to the public internet but does not route traffic from the public internet back in. ● Is secretly an EC2 instance.

Question 42

What is an elastic IP?

Answer 42

A free-standing public IP address that can be associated with different devices without needing to relinquish the IP address should the server change.

Question 43

What are security groups?

Answer 43

Abstract classifications of servers that can be used in conjunction with EC2s and RDSs to allow some kinds of connections and deny others

Question 44

What is virtual Computing?

Answer 44

● A virtual machine is a hardware (real) server pretending to be another server. ● One real server can host hundreds of virtual servers. ● They have Virtual CPUs for processing instructions and Virtual RAM for memory. ● Virtual servers can also change which machines are currently servicing them. They could be running off of one piece of real hardware, then smoothly transfer to another, different real machine.

Question 45

What is EC2?

Answer 45

Most important AWS service. Creates virtual servers with Amazon Machine images and allocate them to computing resources You can do virtually anything with an EC2. By installing specific software on it, you can make it into any kind of server. ● Remember that if AWS offers “Thing As A Service”, it is more correct to use that specific service than to recreate the service by building from the ground up on an EC2.

Question 46

What is an AMI (Amazon Machine Image)

Answer 46

● The pre-installed operating system as well as pre-installed software packages that the server will be “born with.” ● Amazon Linux ● Microsoft Windows (license fees included in server costs) ● Mac OS ● Other Linux distributions (Ubuntu, Red Hat, SUSE, more) ● Marketplace: vetted by Amazon ● Community: use at your own risk

Question 47

Class-generation-size

Answer 47

For example, r5.large or t2.nano ● The first letter is the class: the family of servers it belongs to ● The number is the generation: how recent it is- higher numbers are newer ● The third word is the size: how much of it you’re getting- each size tends to be double the allocated resources of the previous size

Question 48

What are commonly used classes?

Answer 48

M (stands for Medium): an even distribution of resources ● R (stands for RAM): allocates larger amounts of RAM with less focus on CPUs ● C (stands for CPU): allocates more virtual processors with less focus on RAM ● G (stands for Graphics Card): machines will have access to a real NVIDIA or AMD graphics processor ● I (stands for Input output focused) allocates strong disk performance ● T -doesnt stand for anything: saves up unused CPU cycles in a credit balance that can be borrowed against when server comes under heavier load - ideal for web servers

Question 49

What is an RDS

Answer 49

Relational Database Service ● SQL, relational databases as a service ● In the Shared Responsibility Model, you no longer need to administer the servers, let AWS do it, you still need to protect customer data and choose encryption responsibly ● MariaDB, MySQL, PostgresQL ● Microsoft SQL Server and Oracle (license feeds included in cost of server) ● Instantiates redundantly across multiple availability zones

Question 50

What is ElastiCache

Answer 50

● Redis or memached as a service ● Key-value store ● Often scales extremely well despite not technically being serverless

Question 51

What is DynamoDB

Answer 51

● Serverless document database-as-a-service ● Calls tables “Tables” and rows “Items” ● Rows are secretly JSON ● Do NOT just leap in without understanding indexing first

Question 52

What is redshift?

Answer 52

● Data Warehouse ● Offers serverless option ● Use any SQL client to query ● Built-in Machine Learning

Question 53

Auto Scaling

Answer 53

● Auto Scaling creates “pools” of interchangeable servers based off of a template. ● Configure one server to behave as expected, save it as an AMI, and then new ones can be spun up. ● An Auto Scaling group has configuration parameters: ○ In each of several availability zones: ■ A minimum number of servers that can be running at any given time ■ A maximum number of servers that can be running at any given time ○ A “scaling policy” that tracks a metric (eg CPU usage over time) that determines when it is time to make more servers or remove servers

Question 54

What are the benefits of Auto Scaling?

Answer 54

● Resilience/Redundancy/Fault Tolerance ○ If one AZ suffers failures other AZs can cover ○ Each server is individually unremarkable so there is no single point of failure ● Pay-as-you-go pricing at its finest ○ More servers when load demands that you need them, fewer servers when things are quiet

Question 55

Load Balancer

Answer 55

● A Load Balancer is a configuration with one IP address that can farm out traffic that reaches it to any number of individual instances. It’s how you make an Auto Scaling Group pool of 10 servers all effectively function behind one facade, e.g. MyApp.com. ● When a request arrives at a Load Balancer, it selects one of the devices in the target group and forwards the request to that server, receives a response, and forwards the response back to the original requester.

Question 56

Three types of load balancers

Answer 56

Classic: these are disfavored and only exist for Legacy reasons. Do not use Application: exists at layer 7 of the OSI model. Can inspect and route based on HTTPS traffic and its properties such as headers and content. Network: exists at layer 4 of the OSI model. Cannot inspect or route based on HTTP properties but can route low level traffic packets like UDP and other protocols.

Question 57

Elastic Beanstalk

Answer 57

● Elastic Beanstalk bundles together EC2’s, Auto Scaling Groups, and Load Balancers into one service that makes web application serving easy. ● It doesn’t do anything you couldn’t do manually by configuring all these services yourself, but it does so seamlessly and manages deploys of new versions of the app elegantly.

Question 58

What is S3- Simple.Storage Service

Answer 58

● Unlimited storage (usually of files) with 99.999999999% durability (the files are intact and their contents match what was originally written). ● Supports multiple tiers of availability (called Storage Classes). ● The basic unit is called a Bucket and the things in Buckets (usually files) are called Objects that have Keys (usually filenames). ● You PUT Objects into Buckets and then GET them later by their Key.

Question 59

What is Standard class?

Answer 59

● As of the time of writing this presentation, about 2.4 cents per gigabyte per month ● 99.99% availability

Question 60

What is infrequent access class?

Answer 60

● Half the price as Standard storage ● 99.9% availability ● Mildly slower

Question 61

What is glacier class?

Answer 61

● As of the time of making this presentation, about .4 cents per gigabyte per month ● Files are not on-demand accessible ● First you have to put in a request to retrieve the key you want from deep storage ● Then within four hours you will receive a notification that the files are ready to be accessed ● Ideal for “forever storage”, log files, legacy files

Question 62

What are lifecycles and replication?

Answer 62

● Lifecycles change an Object’s storage class N days into its life ● Replication automatically copies Objects from one bucket into another

Question 63

What is EBS(Elastic Block Store)

Answer 63

● Disk space-as-a-service ● Can be attached to EC2 Instances ● SDD or HDD based ● 99.999% Availability ● Can’t be easily scaled later (I had a 100 GB hard drive and now need 200 GB)

Question 64

What is EFS (Elastic File Store)

Answer 64

● Instead of just abstract disk space it’s specifically file storage ● Attach to EC2s or Lambdas or ECS (containers) ● 99.99% availability, 11 9’s of durability ● Pay-as-you-go for storage space consumed

Question 65

What is Snowball?

Answer 65

● For one-time massive data uploads as part of a transformation from on-prem to cloud ● Order one to your datacenter and it arrives in 4-6 days ● Upload all your on-premises data onto the Snowball’s disks ● Holds petabytes of data ● Ship it back to AWS ● They transform its contents into an S3 bucket and give you access

Question 66

What is Snowmobile?

Answer 66

● An armored truck full of Snowballs ● Exabytes of data ● For truly massive one-time on-prem-tocloud transformations

Question 67

What is AWS storage gateway?

Answer 67

● A bridge between an on-prem data center and cloud storage ● Still run your application locally but keep your files in the cloud ● Supports on-prem caching ● Encryption in transit, it’s like your on-prem network extends to the cloud

Question 68

What is Lambda

Answer 68

Lambda ● Code execution as a service. ● Upload code and it runs, and you’re billed by the amount of RAM and computation time it consumed. ● Serverless and endlessly scalable.

Question 69

What is ECS (Elastic Container Service)

Answer 69

Run secure and scalable containers, for container-based applications

Question 70

What is EKS (Elastic Kubernetes Service)

Answer 70

Same as ECS but specifically uses the popular Kubernetes framework to orchestrate the containers

Question 71

What is Fargate

Answer 71

Containers, completely serverless, no need to orchestrate

Question 72

What is Athena?

Answer 72

Analyze unstructured data that is stored in S3 with SQL

Question 73

What is Kinesis

Answer 73

Pipelines that process streaming data. Also Kinesis Firehose which is scalable and serverless. Good way to load data into data warehouses.

Question 74

What is SNS (Simple Notification Service)

Answer 74

● PUSH notification management as a service. ● You create Topics that any number of Publishers can publish Messages to and any number of Subscribers are immediately notified/triggered of the contents of the Message. ● Sample subscribers: ○ Email addresses ○ SMS numbers ○ Mobile push notifications ○ An HTTP endpoint ○ A Lambda

Question 75

What is SQS (Simple Queue Service)

Answer 75

● PULL/POLLING based notifications as a service. ● You create a Queue and any number of Publishers publish Messages to that Queue, then those messages sit there in single-file line while some sort of consumer or worker periodically asks for the item at the front of the line. ● Supports Visibility Timeouts and Long Polling.

Question 76

What is Lightsail?

Answer 76

● EC2s in a greatly specific and simplified interface. ● Just choose how big of a server you want and you’re done. ● Commonly used for wordpress servers.

Question 77

What are workspaces?

Answer 77

Virtual desktops as a service. They’re VMs just like EC2s are but the purpose is not to serve an application, but to be remoted into for performing work on.

Question 78

What is Amazon Aurora?

Answer 78

A special RDS that exposes the same interface as Postgres or MySQL but optimized to run at Amazon well. Available in a serverless flavor.

Question 79

What is CodeCommit

Answer 79

Hosted Git source code version control. Very much like a less-featureful GitHub.

Question 80

What is CodeBuild?

Answer 80

Watches a Git repository for commits and then runs an automated script (called buildspec.yml) on a short-lived EC2 instance to compile, test, or otherwise build the code.

Question 81

What is CodeDeploy?

Answer 81

An agent that deploys the results of a CodeBuild to servers or containers or Lambdas. Supports advanced deploy scripts and manages rollbacks.

Question 82

What is CodePipeline?

Answer 82

Marries a CodeCommit, CodeBuild, and CodeDeploy under one roof to create a complete CI/CD pipeline (Continuous Integration Continuous Deployment).

Question 83

What is CodeStar

Answer 83

Marries CodeCommit, CodeDeploy, and CodePipeline together with Cloud9, an in-browser code editor, to create a truly cloud-based application development platform.

Question 84

What is Amazon Connect

Answer 84

Customer support as a service. Combine phone numbers or online chatbots with business logic.

Question 85

What is an API Gateway?

Answer 85

An API “facade” that provides a unified RESTful interface that can use Lambdas or EC2s or proxies to serve the requests behind the scene.

Question 86

What is route 53?

Answer 86

a highly available and scalable Domain Name System (DNS) web service that allows users to register domain names, manage DNS records, and route traffic to their applications, with features like health checks and flexible routing policies.

Question 87

What is AWS cognito?

Answer 87

Consumer identity as a service. Manages usernames, passwords, and social logins so you don’t have to. Like Auth0.

Question 88

What is AWS WAF (Web Application Firewall)

Answer 88

A global firewall that can be imposed on Cloudfront, Application Load Balancer, and API Gateway

Question 89

What is AWS Data Exchange

Answer 89

Two-sided marketplace for complete third-party data sets of health, retail, finance, government, and more information

Question 90

What is AWS Glue?

Answer 90

A pipeline that helps prepare many data sources for transformation and ingestion into a data lake

Question 91

What is OpenSearch

Answer 91

Essentially a managed ElasticSearch - compare to elastic.co

Question 92

What are Step Functions

Answer 92

A workflow system of Lambdas glued together. You can stitch little Lambdas together in distinct sequences and steps to create workflows, like Zapier, Fiorano, Mule, etc.

Question 93

What is Simple Email Service (SES)

Answer 93

Transactional email service, for sending individual emails at scale. Absolutely comparable to Sendgrid or Mandrill. Don’t think of it as a substitute for MailChimp or ConstantContact, though一it’s not a marketing tool.

Question 94

What is a batch?

Answer 94

● Kind of a bridge between S3 Storage and ECS/EKS/Fargate/EC2 Spot Instances ● You can upload massive amounts of records to S3 and then introduce an individual “job” that uses one of the above compute services to “process” that record. ● Batch orchestrates the whole thing and makes sure every record gets its turn.

Question 95

What are AWS Local Zones?

Answer 95

“Local Zones” are a new “mini region.” They are like tiny regions that are very specifically in one specific urban center. They don’t offer all services or all instance types in all locations, though! Furthermore, they haven’t been launched in the burgeoning urban metropolis of Buffalo, NY yet, so how serious can they really be? :)

Question 96

What are AWS Outposts

Answer 96

An AWS Outpost is a server rack you order and install in your own datacenter, and it runs “AWS services,” except locally. Why? It’s a little odd, but maybe you want the interface or API that you are used to from AWS services, but for the CPU and Storage to literally happen inside your own building. In functioning they are indistinguishable from the cloud!

Question 97

What is AWS Activate?

Answer 97

Tens of thousands of dollars in credits for your startup if you launch it on AWS! Can say firsthand: I use this at every single startup I launch. :)

Question 98

What is AWS IQ

Answer 98

Two sided marketplace for seeking and providing AWS help. Pretty straightforward. I haven’t used it, although maybe I should! ?

Question 99

What is Amazon Appstream?

Answer 99

Install desktop software in the cloud, but end-users can interact with it in their browsers as though it was browser-native SaaS software. Including appropriate encryption and VPN. I ~think~ (?) this is similar to what some applications like Citrix do, but I haven’t used Citrix in a decade.

Question 100

What is AWS Amplify?

Answer 100

● Sort of an all-in-one for launching lean new startup codebases. ● Stitches together some automagical React, some automagical Cognito, some automagical DynamoDB, and some Lambdas and deployment scripts, all in an attempt to fulfill a promise: that you could run a command “amplify this that deploy” and boom, you have a working app. ● Very much an answer to Firebase. I have had EXTREMELY mixed results, across many attempts. Use at your own risk as far as I am concerned.

Question 101

What is AWS AppSync?

Answer 101

A GraphQL server that directly competes with Apollo, but is at present far, far inferior to Apollo.

Question 102

What is AWS Device Farm?

Answer 102

Farms of thousands of distinct mobile devices, in real hardware, that you can rent screen time on, to test your mobile apps on actual varied hardware. Not simulated一these are actual IRL mobile phones in giant arrays that you are fractionally reserving! 2

Question 103

What is AWS Detective?

Answer 103

Analyzes observability services and security logs to try to automatically triage and detect potential security violations.

Question 104

What is AWS Directory Service?

Answer 104

This is straight up just Microsoft Active Directory, but as-a-service.

Question 105

What is AWS Secrets Manager?

Answer 105

Very robust, IAM-integrated encrypted secret storage. You won’t need to put API keys and other such sensitive data in source code anymore!

Question 106

What is the name of an AWS service where Domain Names can be purchased?

Answer 106

Route 53

Question 107

I need to connect an on-premises datacenter with S3 storage securely. What do I use?

Answer 107

Storage Gateway

Question 108

What AWS service lets me run Kubernetes in the cloud?

Answer 108

EKS

Question 109

What service can track how AWS systems were configured in the past?

Answer 109

CloudTrail

Question 110

What are cloud containers?

Answer 110

Software packages that contain all the files needed to run an application in the cloud. They are portable, lightweight, and can be scaled up or down to meet demand