Fundamentals

Question 1

• a network drive you can attach to your instances while they run
• data persists even after termination
• Only mounted to one instances at a time
• Bound to a specific AZ

Answer 1

EBS Volume

Question 2

an EBS volume is bound to one AZ but to be able to move it to another AZ you can ______.

Answer 2

Snapshot it (backup)

Question 2

• a network drive (a virtual USB stick) can be detached from an EC2 instance and attached to another one quickly
• Or left unattached so it is ready to be used on demand to an AZ

Answer 2

EBS Volume

Question 3

True or False one EBS volume cannot attached to multiple EC2 instances but one EC2 instance can have multiple EBS volumes?

Answer 3

True

Question 4

Scenario: After an EC2 instance is terminated that has an EBS volume attached, how you can you preserve the root data stored on EBS?

Answer 4

By default the root EBS volume is deleted and by default the rest of EBS volume is not deleted, so you need to edit EBS in AWS console to change the default settings.

Question 5

How do you transfer one EBS volume to another one in a different AZ?

Answer 5

take an EBS snapshot of the first EBS Volume and restore it onto your second EBS Volume in the other AZ.

Question 6

Scenarios:
1. I want to cost effectively archive a snapshot but need it to be restored within 24-72 hours, what can I do?
2. I want to be able to store my snapshots from 1 day or maybe up to a year and retain them in case I accidentally delete them, what can I do?
3. I need to restore a delete snapshot and it needs to be ready to go and latency free asap even though it will cost me, what can i do?

Answer 6

1. Use EBS Snapshot Archive
2. Use Recycle Bin for EBS Snapshot
3. Use Fast Snapshot Restore (FSR)

Question 7

When launching an EC2 instance, you also need to select this customization _________ which can be built for specific regions and copied across multiple regions that you can add your own software and configurations to.

Answer 7

Amazon Machine Image (AMI)

Question 8

Scenario: if I want to launch an EC2 instance with a high performing hardware disk but has ephemeral storage, what can i use?

Answer 8

EC2 Instance Store

Question 9

3 ways you can launch EC2 instances from?

Answer 9

1. Public AMI
2. Your own custom AMI
3. AWS Marketplace AMI

Question 10

When you see very high performing attached hardware volumes to instances think of? in the read and write IOPS

Answer 10

Local EC2 Instance Store

Question 11

Name the 6 EBS Volume Types

Answer 11

1. GP2 SSD - General Purpose
2. GP3 SSD
3. IO 1 Block Express SSD
4. IO 2 Block Express SSD
5. ST 1 HDD
6. SC 1 HDD

(GGIISS)

Question 12

1. Which EBS volume types can be used as boot volumes?
2. Which 2 EBS volume types are cost effective low latency balances price and performance for a variety of workloads?
3. Which 2 EBS volume types is highest performing for mission control low latency high output workloads?
4. Which EBS volume is designed to be frequently accessed for intensive workloads?
5. Which EBS volume is lowest cost hard disk drive designed for less frequently accessed workloads?
6. Which EBS Volume type links size of the volume with IOPS?
7. Which EBS Volume type you can independently set the IOPS and throughput?

Answer 12

1. GP2/GP3 and IO 1/IO 2 Block Express
2. GP2/GP3
3. IO 1/IO 2 Block Express
4. ST 1 HDD
5. SC 1 HDD
6. GP 2
7. GP 3

Question 13

1. What if I have a database workload that is sensitive to storage perf and consistency?

Answer 13

1. Use a Provisioned IOPS SSD (IO 1 IO2)

Question 14

EBS volume cannot attach to multiple EC2 instances without which feature?

Answer 14

EBS Multi Attach with IO1 or IO2 volume type

Question 15

What is the max amount of EC2 instances an EBS multi attach volume can be attached to at once?

Answer 15

16

Question 16

Name the 4 s3 encryption methods

Answer 16

1. Server side encryption (enabled by default
2. Sever side encryption with KMS
3. Server side with Customer provided keys
4. Client side encryption

Question 17

Which s3 encryption is enabled by default on new buckets and new objects?

Answer 17

SSE-S3

Question 18

Which S3 encryption allows logins tracked through cloudtrail and depending on your application this service could count towards your ___ quota per second?

Answer 18

SSE-KMS

Question 19

Which S3 encryption must use HTTPS and must use this to encrypt your files?

Answer 19

SSE-C

Question 20

Which s3 encryption is fully managed by ___, and they fully manage the keys and encryption cycle?

Answer 20

S3 Client side encryption

Question 21

what is another way to force encrpytion on your S3 buckets before the default Encryption starts with SSE?

Answer 21

Use a bucket policy to force encryption

Question 22

Web browser based mechanism to allow requests to other origins while visiting the main origin, request won’t be fulfilled unless other origin allows for the request using

Answer 22

CORS and CORS headers (Access-Control-Allow-Origin)

Question 23

fully managed service used to decouple services, unlimited throughput and messages in queue. Retains for 4 day and max of 14 days with low latency with a limit of 256KB per message sent. that can have duplicate messages out of order.

Answer 23

Amazon SQS - standard queue (think SQS when you see “decoupling” applications”)

Question 24

What three amazon services could you add to your SQS/SNS to make it more secure?

Answer 24

1. Encryption (using HTTPS API, at-rest KMS keys, client side) 2. Access Controls (IAM policies) 3. SQS/SNS Access Policies

Question 25

User can use a software delivery kit (SendMessage API) to produce messages to this service. Messages are persistent until consumer deletes it

Answer 25

SQS - producing messages

Question 26

When a consumer requests messages from the queue, it can optionally "wait" for messages to arrive if there are none in the queue. Decreases the number of API calls made to SQS while increasing efficiency and reducing latency of your app

Answer 26

SQS - Long polling (preferable to short polling)

Question 27

after a message is polled by a consumer, it becomes invisible to other consumers by default is 30 seconds. and message becomes visible after the 30 seconds. If your consumer needs more time you can then use ___ this API to get more time to process and vice versa if you don't need that much time.

Answer 27

SQS - Message Visibility Timeout ChangeMessageVisibility API

Question 28

This service has limited throughput 300 messages per second without batching and 3000 with and the messages are processed in order by the consumer

Answer 28

FIFO Queues - first in first out

Question 29

If you are handling your messages with ASG but the transactions become to big for your database to handle, what can you do to resolve errors of messages written or lost going into the DBs?

Answer 29

Use SQS as a buffer to dequeue messages before they are written into a database.

Question 30

What service can you use to send one messages to many receivers?

Answer 30

Amazon SNS

Question 31

When setting up your Amazon SNS, the specifics include: 1. the _____ ____ only sends messages to one SNS topic 2. Add as many ____ you want to SNS topic notifications 3. Each sub will receives all the messages up to _____ subscriptions per topic and _______ topics limit

Answer 31

1. "event producer" 2. subscriptions 3. 12,500,000 and 100,000

Question 32

What sqs/sns pattern can you can push only in SNS and receive in all SQS queues that are subscribers and able to deliver messages across different regions? Or if you want to send the same S3 event to many SQS queues?

Answer 32

SNS + SQS Fan Out pattern

Question 33

Collects and stores data in real-time for consumers consuming the data in real time and leveraging it. Data retained for 1 year that cannot be deleted until expired up to 1 MB ordered

Answer 33

Amazon Kinesis Data Streams

Question 34

What are the two Capacity Modes Kinesis data streams provides? 1. _____ choses num of shards that gets 1MBs in and 2MBs out, scales manually to in/descrease num of shards and pay per shard provisioned/per hr 2. _____ No need for provisioning capacity, default capacity is 4MB in, scales auto based on 30 day peaks

Answer 34

1. Provisioned Mode 2. On-demand Mode

Question 35

fully managed serverless service that auto scales Near Real Time data

Answer 35

Amazon Data Firehose

Question 36

Managed message broker service for RabbitMQ and Active MQ, this doesnt scale as much as SQS and SNS that runs on services in multi AZ with failover and has both queue AND topic features

Answer 36

Amazon MQ