RandomNuggets

Question 1

SQL

Too many connections error

Answer 1

ERROR 1040

Question 2

Scale UP

Answer 2

Increase instance size

Question 3

Scale UP

Answer 3

Increase max instances up to Max # of open shards

Question 4

Scale Up

Answer 4

Increase # shards

Question 5

S3

Encrypt all objects uploaded by their app to S3 with

Answer 5

SSE-S3

Question 6

S3

Header used by SSE-S3

Answer 6

x-amz-server-side-encryption

Question 7

Encryption

Encrypt plaintext data with a data key
then
encrypt the data key with a top-level plaintext master key.

Answer 7

Envelope Encryption

Question 8

Requests

2 eventually consistent read requests are equal to

Answer 8

One STRONG read request

Question 9

Deployments

Deploy new version to all EXISTING only

No new EC2

Answer 9

All at once

Question 10

Deployments

New version in batches to Existing - no new resources

Answer 10

Rolling

Question 11

CloudWatch

Collects system metrics and log files from EC2 and on premises servers

Answer 11

CloudWatch Agent

Question 12

X-Ray

Trace and analyze user requests as they travel through API-Gateway to underlying services.

Answer 12

X-Ray

Question 13

DynamoDB streams

Life expectancy is like a fly’s

Answer 13

24 hours

Question 14

Dev Tools

CodeCommit is like

Answer 14

Git

Question 15

Dev Tools

Code Build is like

Answer 15

Jenkins

Question 16

Dev Tools

Automates code deployment to instances - EC2

Answer 16

Code Deploy

Question 17

Authentication

A directory in Amazon Cognito

Answer 17

User pool

Question 18

Shards

Two eventually Consistent

Answer 18

1 Read

Question 19

Role

To assume a role an app calls AWS STS and passes the ARN of the role to use.

Answer 19

AssumeRole

Question 20

Scale

Vertical

Answer 20

Scale Up

Question 21

Scale

Horizontal

Answer 21

Adding More of what you have

Question 22

Security

These are STATEFUL

Answer 22

Security Groups

Question 23

Security

All outbound traffic

Answer 23

permitted

Question 24

File

File system used with EC2

Answer 24

Elastic File System

EFS

Question 25

Networking

Network device attached to EC2 to accelerate learning apps and High Performance Computing (HPC)

Answer 25

Elastic Fabric Adapter

Question 26

Lambda

zipp archives

Distribution mechanism for libraries, custom run times and other dependencies

Answer 26

Layers

Question 27

Lambda

Trigger and executer

Answer 27

Trigger

Question 28

Lambda

Compute model

Answer 28

Serverless

Question 29

Lambda

Stores code in S3 and encrypts it

Answer 29

At rest

Question 30

Lambda

Package code and dependencies in a deployment package

Answer 30

Function

Question 31

Lambda

Log streams are monitored by

Answer 31

CloudWatch

Question 32

Lambda

To create lambda function

Answer 32

Upload deployment package

Question 33

Lambda

Basic function settings

Answer 33

Description

Memory Usage

Execution timeout

Role

Question 34

Lambda

If variables need to reference more than 1 function

Answer 34

Parameter Store

Question 35

Authentication

Rotates keys or variables automatically

Answer 35

Secrets Manager

Question 36

Lambda Edge

Run lambda functions to custom content that is delivered by CloudFront

Answer 36

LambdaEdge

Question 37

Lambda. with *CloudFront

AFTER *
BEFORE. *
AFTER. *
BEFORE. *

Answer 37

Receives Request
Forwards Request
Receives Request
Forwards

Question 38

ECS: Deployment

Service scheduler replacing current running version of container with latest # of tasks and or removed from service is controlled by deployment and config

MiN/MAX

Answer 38

Rolling

Question 39

ECS: Deployment

Verify new deployment of a service before send prod traffic to it and must be configured to use ALB or NLB

Answer 39

Blue Green with AWS Code Deploy

Question 40

Task Placement Strategy

Least available amount of CPU or Memory

Answer 40

Binpack

Question 41

Task Placement Strategy

Place tasks randomly

Answer 41

Random

Question 42

Task Placement Strategy

Evenly based on specified values - default is spread across AZs

Answer 42

Spread

Question 43

Task Placement Strategy

The types can be

Answer 43

Combined

Question 44

S3

For object > 5 GB - 5TB

Answer 44

Use Multi-part upload

Question 45

S3

Pull out ONLY the data that you need from an object

Answer 45

S3 Select

Question 46

CloudWatch

Metrics are by default

Answer 46

5 mins

Question 47

CloudWatch

Can be

Answer 47

1 min

Question 48

S3

Event histories recorded in S3 are recorded in

Answer 48

CloudTrail

Question 49

S3

To make objects publicly readable

Answer 49

Get Object Permission

Question 50

S3

Asynchronous copying of objects across buckets in different AWS regions

Answer 50

Cross Region Replication

Question 51

S3

Cross Region Replication requirement

Answer 51

Source and Destination have versioning enabled

Different regions

S3 must have permission to replace from source to destination.

Question 52

EFS

To access EFS in a VPC you create one or more

Answer 52

Mount targets in VPC

Question 53

EFS

Automatically mount your file system using mount helper

Answer 53

fstab

Question 54

Database

Atomicity/Consistency/Isolation/Durability

Answer 54

ACID

Question 55

Aurora

Minimum storage

Answer 55

10 GB

Question 56

Database

One or more DB instances and cluster volumes that manage data for them

Answer 56

DB Cluster

Question 57

Database

Virtual database storage volume that spans multiple AZs with each AZ have a copy of the DB cluster

Answer 57

Cluster Volume

Question 58

Cluster

Primary read/write ops and performs all data mods to cluster volume

Answer 58

Primary

Question 59

Aurora

Each Aurora DB cluster has

Answer 59

One primary database

Question 60

Aurora

Same storage volume as Primary DB

Answer 60

Aurora Replica

Question 61

Aurora Endpoint

Current primary DB instance for DB cluster

Answer 61

Cluster

Question 62

Aurora Endpoint

One available aurora replica for DB cluster

used for Read-Queries

Answer 62

Reader

Question 63

Aurora Endpoint

Set of DB instances you choose when you connect aurora

Answer 63

Custom

performs load balancing

Question 64

Aurora Endpoint

Specific DB instance within an aurora cluster

Answer 64

Instance

Question 65

Aurora Integrity

Maintains 6 copies of data across

Answer 65

3. AZs

Question 66

Aurora Instance Type

Memory Optimized

Answer 66

xxx

Question 67

Aurora Instance Type

Burstable Performance

Answer 67

xxx

Question 68

Monitoring

When changes occur

Answer 68

RDS Events

Question 69

Monitoring

Metrics in real time for OS

Answer 69

RDS Enhanced Monitoring

Question 70

Monitoring

Monitor RDS DB instances load - for troubleshooting

Answer 70

RDS Performance Insights

Question 71

DynamoDB

Allows you to query data in tables using ALTERNATE KEYS in addition to queries against the primary key

Answer 71

Secondary Index

Question 72

DynamoDB

How many secondary indexes can be created on a table

Answer 72

1 or more

Question 73

DynamoDB

Partition key and sort key different from those on table

Answer 73

Global Secondary Index

Up to 20

Question 74

DynamoDB

Same partition key as table and DIFFERENT sort key

Answer 74

Local Secondary Index

Question 75

DynamoDB

Stream records are organized into

Answer 75

Shards

Question 76

DynamoDB Streams

Use with Lambda to create

Answer 76

Triggers

Question 77

Lambda

Code that executes automatically whenever an event of interest appears in a stream

Answer 77

Trigger

Question 78

DynamoDB Type

1 value - num, string, binary, boolean and null.

Answer 78

Scalar

Primary Keys

Question 79

DynamoDB

Doc type can represent a complex structure with nested attributes like in a JSON doc, list or map

Answer 79

Document Type

Question 80

DynamoDB

Set Type

Answer 80

Multiple scalar values

Question 81

DynamoDB

Returns most up to data information

Answer 81

Strongly Consistent

Question 82

DynamoDB

One Read Capacity unit

Answer 82

2 eventually consistent

up to. 4KB in size

Question 83

DynamoDB

1 write per second up to 1 KB

Answer 83

Write Capacity Unit

Question 84

DynamoDB

Prevents app from consuming too many capacity units

Answer 84

Throttling

Question 85

DynamoDB

HTTP 400 (Bad Request) Provisioned Throughput Exceeded Exception

Answer 85

Throttled Request

Question 86

Expression

Items within query results should be returned (all others are discarded)

Answer 86

Filter Expression

Question 87

Query

Single query operation can return max of

Answer 87

1 MB

Question 88

Query

Limit number of items that it returns

Answer 88

Query Operation

Question 89

Query

Reads every item in a table or secondary index

Answer 89

Scan

Question 90

Policy Element

ARN to identify resource of policy

Answer 90

Resource

Question 91

Policy Element

Allow or Deny keyword

Answer 91

Action

Question 92

Policy Element

Allow or Deny effect

Answer 92

Effect

Question 93

Policy Element

User that policy is attached too

Answer 93

Principle

Question 94

Authentication

Customers can sign into identity provider then obtain temporary security credentials from AWS Security Token Service - STS

Answer 94

Web Identity Federation

Question 95

CloudWatch

An alarm is a

Answer 95

Single metric

Question 96

CloudWatch

Monitor, store and access log files from CloudTrail or other service

Answer 96

CloudWatch Logs

Question 97

CloudWatch

Match events and route them

Answer 97

CloudWatch Events

Question 98

CloudTrail

Share logs between accounts on the trail of apes

Answer 98

CloudTrail Log Monitoring

Question 99

Response

Microsecond response times - eventually consistent data

Answer 99

DAX

Question 100

ELB

7th layer

Answer 100

Application Load Balancer

Question 101

ELB

4th layer

Answer 101

Network Load Balancer

Question 102

ELB

Time out value

Answer 102

60 Seconds

Question 103

Route53

Public Hosted Zones are

Answer 103

Domain Names

Question 104

Route53

Resource record sets that route traffic to resources

Answer 104

Records

Question 105

Route53

Route traffic to S3 buckets, CloudFront distributions and other AWS resources

Answer 105

Alias Records

Question 106

Route53

Info about your domain traffic

NAME: domain name or subdomain

TYPE: traffic route

Value

Answer 106

What records contain

Question 107

Route53

Consecutive times endpoint must fail to respond to requests

Answer 107

Failure Threshold

Question 108

Route53

Container for records information on how to route traffic

Answer 108

Hosted Zones

Question 109

Route53

Translate domain names into IP addresses so that computers can communicate with eachother

Answer 109

Name Servers

Question 110

Route53

Method of routing traffic from unhealthy resources to healthy ones

Answer 110

DNS Failover

Question 111

Route53

Route internet traffic to single resource
you can specify multiple values

Answer 111

Simple Routing Policy

Question 112

Route53

Route based on the LOCATION of users

Answer 112

Geolocation

Question 113

Route53

Route traffic based on the location of resources and can route traffic to areas of bias.

Answer 113

Geoproxiimity

Question 114

Route53

Resources in multiple locations and you want to route traffic that provides best latency.

Answer 114

Latency

Question 115

Route53

Respond with up to 8 records selected at random

Answer 115

Multi-value Answer

Question 116

Route53

Route traffic to multiple

Answer 116

Weighted

Question 117

Route53

Information about the routing configuration you want to create.

Answer 117

Traffic Policy

Question 118

Route53

Resolver

Answer 118

Regional

Question 119

Route53 Resolver

endpoint specified by VPC

Answer 119

Inbound

Question 120

Route53 Resolver

endpoint that forwards queries

Answer 120

Outbound

Question 121

Route53

All records have same

Name
Type
Routing policy

Used when

Answer 121

you want all resources available a majority of the time

Question 122

Route53

Use when you want a primary resource or group available all of the time and you want a secondary resource or group or resources on standby

Answer 122

Active-Passive Failover

Question 123

VPC

Range of IP addresses

Answer 123

Subnet

Question 124

VPC

Subnet connected to internet

Answer 124

Public

Question 125

VPC

Subnet protected with security groups and nacls

Answer 125

Private

Question 126

VPN

Connection requires a concentrator

Answer 126

Virtual Private Gateway

Question 127

VPC

This is located in customers data center

Answer 127

Customer Gateway

Question 128

VPN

Moveable from virtual private gateway to AWS Transit Gateway

Answer 128

AWS Site-to-Site Virtual Private Network (VPN)

Question 129

VPC

Privately connect VPC to supported AWS services - does NOT leave AWS network

Answer 129

Private Link

Question 130

VPC

Connection between YOUR VPC and a VPC in ANOTHER account that enables routing between them with overlapping CIDR blocks

Answer 130

VPC Peering

Question 131

VPC

10.0.0.0/16

Answer 131

Primary CIDR block

Question 132

ACL

Allows all traffic to flow in and out of associated subnets

Answer 132

Default

Question 133

ACL

Captures information about IP traffic going to and from NICS in your VPC - in CloudWatch logs

Answer 133

Flow Logs

Question 134

Security Group

Level

Answer 134

Instance

Question 135

Security Group

Automatically Allowed

Answer 135

Stateful

Question 136

Security Group

What does it do with rules

Answer 136

Evaluate them

Question 137

Security Group

What does this apply to

Answer 137

EC2

Question 138

Security Groups

When applied

Answer 138

When launching or at a later time

Question 139

NACL

Level

Answer 139

Subnet

Question 140

NACL

Rule disposition

Answer 140

Allow or Deny

Question 141

NACL

Explicitly Allowed

Answer 141

Stateless

Question 142

NACL

How are rules processed

Answer 142

In order

Question 143

NACL

Associated with

Answer 143

All instances in the subnets associated with it.

Question 144

IPV

Egress only

Answer 144

IPV6

Question 145

VPC

Enable instances in private subnets to connect to the internet BUT prevent internet from accessing the instances and can support up to 55,000 connections

Answer 145

NAT Gateway

Question 146

VPC

Uses Hub and Spoke

Answer 146

Transit Gateway

Question 147

IAM

If you are the only person who works on an account

Answer 147

Create User

Question 148

IAM

If others need to work in account that you are using that requires no other identity mechanism

Answer 148

Create User

Question 149

IAM

If you use EC2 you should create

Answer 149

A Role

Question 150

IAM

If you have an app on your mobile phone that makes requests to AWS

Answer 150

Create Role

Question 151

IAM

If you have users authenticating in your corporate network and you want to federate then

Answer 151

Creat Role

Question 152

Policies

Attached to multiple users, groups and roles

Answer 152

Managed

Stand-Alone

Question 153

Policies

Imbedded directly into a single user, group or role.

Answer 153

Inline

Question 154

Policies

Permission policies you attach to AWS resources such as S3

Answer 154

Resource Based

Question 155

Policies

Resource based attached to roles that define which principle can assume them

Answer 155

Trust Policy

Question 156

IAM Best Practice

Do not use this for day to day

Answer 156

Root account

Question 157

IAM Best Practice

Create individual ones for each human being

Answer 157

User

Question 158

IAM Best Practice

For permissions use these

Answer 158

Groups