AWS Cloud Practitioner Essentials

Lakukan tugas rumah & ujian kamu dengan baik sekarang menggunakan Quizwiz!

What are the database engines that Amazon RDS provides

- Amazon Aurora - PostgreSQL - MySQL - MariaDB - Oracle Database - Microsoft SQL Server

What are the use cases for AWS DMS

- Development and test database migrations - Database consolidation - Continuous replication

The two key features about DynamoDB

- DynamoDB is serverless, which means that you do not have to provision, patch, or manage servers. - DynamoDB automatically scales to adjust for changes in capacity while maintaining consistent performance.

Several EC2 instance families are

- General Purpose - Compute Optimized - Memory Optimized - Accelerated Computing - Storage Optimized

What different tasks can you perform with CloudHSM

- Generate, store, import, export, and manage cryptographic keys, including symmetric keys and asymmetric key pairs. - Use symmetric and asymmetric algorithms to encrypt and decrypt data. - Use cryptographic hash functions to compute message digests and hash-based message authentication codes (HMACs). - Cryptographically sign data (including code signing) and verify signatures. - Generate cryptographically secure random data.

What are the different types of Cloud Computing

- Infrastructure as a Service (IaaS) - Platform as a Service (PaaS) - Software as a Service (SaaS)

Two types of Subnets

- Public Subnet - Private Subnet

What are the different types of Amazon S3 storage classes

- S3 Standard - S3 Standard-Infrequent Access (S3 Standard-IA) - S3 One Zone-Infrequent Access (S3 One Zone-IA) - S3 Intelligent-Tiering - S3 Glacier - S3 Glacier Deep Archive

Benefits of Cloud Computing

- Trade capital expense for variable expense - Benefit from massive economies of scale - Stop guessing capacity - Increase speed and agility - Stop spending money running and maintaining data centers - Go global in minutes

How do you determine the right region for your application

- compliance with data governance, and legal requirements - proximity to your customers - available services within a region - pricing

Stateful packet filtering

A firewall technology that keeps a record of the state of a connection between an internal computer and an external server and then makes decisions based on the connection as well as the rule base.

Amazon Route 53

A highly available and scalable cloud Domain Name System (DNS) web service.

A company plans to deploy a relational database on AWS. The IT department will perform database administration. Which service should the company use?

A self-managed relational database can be installed on Amazon EC2. When using this deployment you can choose the operating system and instance type that suits your needs and then install and manage any database software you require

TCO calculator

A service that calculates the various costs associated with migrating, hosting, running, and maintaining applications, workloads, and data on the AWS public cloud

AWS CloudHSM

AWS CloudHSM provides customers with hardware security modules (HSMs) in the AWS Cloud. A hardware security module is a computing device that processes cryptographic operations and provides secure storage for cryptographic keys.

A company is deploying an application on Amazon EC2 that requires low-latency access to application components in an on-premises data center. Which AWS service or resource can the company use to extend their existing VPC to the on-premises data center?

AWS Outposts is a fully managed service that offers the same AWS infrastructure, AWS services, APIs, and tools to virtually any datacenter, co-location space, or on-premises facility for a truly consistent hybrid experience. With AWS Outposts you can extend your VPC into the on-premises data center

AWS Shared Responsibility Model

AWS is responsible for some parts of your environment and you (the customer) are responsible for other parts. This model divides into customer responsibilities (commonly referred to as "security in the cloud") and AWS responsibilities (commonly referred to as "security of the cloud").

What are AWS Identity and Access Management (IAM) access keys used for?

Access keys are long-term credentials for an IAM user or the AWS account root user. You can use access keys to sign programmatic requests to the AWS CLI or AWS API (directly or using the AWS SDK).

Which of the following is a sole responsibility of AWS?

According to the shared responsibility model, AWS is responsible to the management of all AWS global infrastructure components including Regions, Availability Zones, Edge locations, Regional Edge Caches, and Local Zones.

A Cloud Practitioner needs to monitor a new Amazon EC2 instances CPU and network utilization. Which AWS service should be used?

Amazon CloudWatch is a performance monitoring service. AWS services send metrics about their utilization to CloudWatch which collects the metrics. You can then view the results in CloudWatch and configure alarms.

Which AWS service can a company use to discover and protect sensitive data that is stored in Amazon S3 buckets.

Amazon Macie is a fully managed data security and data privacy service that uses machine learning and pattern matching to discover and protect your sensitive data in AWS. Amazon Macie automates the discovery of sensitive data at scale and lowers the cost of protecting your data.

What are the different tasks Amazon RDS automates

Amazon RDS is a managed service that automates tasks such as hardware provisioning, database setup, patching, and backups

How many database engines are available on Amazon RDS

Amazon RDS is available on six database engines

Difference between Amazon EBS and Amazon EFS

An Amazon EBS volume stores data in a single Availability Zone. Whereas , Amazon EFS is a regional service. It stores data in and across multiple Availability Zones.

Which of the following deployments involves the reliability pillar of the AWS Well-Architected Framework?

An Amazon Relational Database Service (RDS) deployment across multiple availability zones is a good example of using the reliability pillar of the AWS Well-Architected Framework. The specific design principle being followed here is "Automatically recover from failure

AWS are able to continually reduce their pricing due to

By using cloud computing, you can achieve a lower variable cost than you can get on your own. Because usage from hundreds of thousands of customers is aggregated in the cloud, providers such as AWS can achieve higher economies of scale, which translates into lower pay as-you-go prices.

What are the three cloud computing deployment models

Cloud based deployment, on-premises deployment, and hybrid deployment

S3 One Zone-Infrequent Access (S3 One Zone-IA)

Compared to S3 Standard and S3 Standard-IA, which store data in a minimum of three Availability Zones, this S3 stores data in a single Availability Zone. This makes it a good storage class to consider if the following conditions apply: - You want to save costs on storage. - You can easily reproduce your data in the event of an Availability Zone failure.

What are IAM roles ideal for

IAM roles are ideal for situations in which access to services or resources needs to be granted temporarily, instead of long-term.

What is "undifferentiated heavy lifting of IT"

IT tasks that are common, often repetitive and ultimately time-consuming

S3 Standard-Infrequent Access (S3 Standard-IA)

Ideal for infrequently accessed data Similar to S3 Standard but has a lower storage price and higher retrieval price

Who can you apply service control policies to

In AWS Organizations, you can apply service control policies (SCPs) to the organization root, an individual member account, or an OU. An SCP affects all IAM users, groups, and roles within an account, including the AWS account root user.

service control policies (SCPs)

In AWS Organizations, you can centrally control permissions for the accounts in your organization by using this service. The service enables you to place restrictions on the AWS services, resources, and individual API actions that users and roles in each account can access.'

Which of the following statements best describes the concept of agility in relation to cloud computing on AWS?

In a cloud computing environment, new IT resources are only a click away, which means that you reduce the time to make those resources available to your developers from weeks to just minutes. This results in a dramatic increase in agility for the organization, since the cost and time it takes to experiment and develop is significantly lower.

S3 Intelligent-Tiering

In this storage class, Amazon S3 monitors objects' access patterns. If you haven't accessed an object for 30 consecutive days, Amazon S3 automatically moves it to the infrequent access tier, S3 Standard-IA. If you access an object in the infrequent access tier, Amazon S3 automatically moves it to the frequent access tier, S3 Standard.

What does an object storage contain

In this storage structure, each object consists of data, metadata, and a key. The data might be an image, video, text document, or any other type of file. Metadata contains information about what the data is, how it is used, the object size, and so on. An object's key is its unique identifier.

Domain Name System (DNS)

Internet service that translates domain names into IP addresses.

AWS Web Services Concierge

Is a support plan feature in which a senior customer service agent is assigned to your account when you subscribe to an Enterprise or qualified Reseller Support plan. This agent is your primary point of contact for billing or account inquiries; when you don't know whom to call, they will find the right people to help

How fast is Amazon Aurora compared to MySQL and PostgreSQL

It is up to five times faster than standard MySQL databases and up to three times faster than standard PostgreSQL databases.

S3 Glacier Deep Archive

Lowest-cost object storage class ideal for archiving Able to retrieve objects within 12 hours

What is Stateless Packet Filtering

Packet filtering in which the NACL remembers nothing and check packets that cross the subnet border each way: inbound and outbound.

A Cloud Practitioner anticipates an increase in application traffic at a future date and time when a sales event will take place. How can the Cloud Practitioner configure Amazon EC2 Auto Scaling to ensure the right number of Amazon EC2 instances are available ahead of the event?

Scheduled scaling helps you to set up your own scaling schedule according to predictable load changes. For example, let's say that every week the traffic to your web application starts to increase on Wednesday, remains high on Thursday, and starts to decrease on Friday. You can configure a schedule for Amazon EC2 Auto Scaling to increase capacity on Wednesday and decrease capacity on Friday

What is Multitenancy

Sharing underlying hardware between virtual machines

Which tasks can a user complete using the AWS Cost Management tools?

The AWS Cost Management tools includes services, tools, and resources to organize and track cost and usage data, enhance control through consolidated billing and access permissions, enable better planning through budgeting and forecasts, and further lower costs with resources and pricing optimizations.

An individual IAM user must be granted access to an Amazon S3 bucket using a bucket policy. Which element in the S3 bucket policy should be updated to define the user account for which access will be granted?

The Principal element specifies the user, account, service, or other entity that is allowed or denied access to a resource. The bucket policy below has a Principal element set to * which is a wildcard meaning any user. To grant access to a specific IAM user the following format can be used:

A company is planning to deploy an application with a relational database on AWS. The application layer requires access to the database instance's operating system in order to run scripts. The company prefer to keep management overhead to a minimum. Which deployment should be used for the database?

The company would like to keep management overhead to a minimum so RDS would be good to meet that requirement. However, with RDS you cannot access the operating system so the requirement for running scripts on the OS rules RDS out. Therefore, the next best solution is to deploy on an Amazon EC2 instances as the other options presented are unsuitable for a relational database.

A company is planning to move a number of legacy applications to the AWS Cloud. The solution must be cost-effective. Which approach should the company take?

The most cost-effective solution that works is to use Amazon EC2 instances that are right-sized with the most optimum instance types. Right-sizing is the process of ensuring that the instance type selected for each application provides the right amount of resources for the application.

Amazon Inspector

The service creates a finding when it discovers a software vulnerability or network configuration issue. A finding describes the vulnerability, identifies the affected resource, rates the severity of the vulnerability, and provides remediation guidance. You can analyze findings using the service's console, or view and process your findings through other AWS services.

What is serverless computing

The term "serverless" means that your code runs on servers, but you do not need to provision or manage these servers. With serverless computing, you can focus more on innovating new products and features instead of maintaining servers. Another benefit of serverless computing is the flexibility to scale serverless applications automatically. Serverless computing can adjust the applications' capacity by modifying the units of consumptions, such as throughput and memory. An AWS service for serverless computing is AWS Lambda.

A company must provide access to AWS resources for their employees. Which security practices should they follow?

There are a several security best practices for AWS IAM that are listed in the document shared below. Enabling multi-factor authentication is a best practice to require a second factor of authentication when logging in. Another best practice is to grant least privilege access when configuring users and password policies.

Which of the following can an AWS customer use to launch a new ElastiCache cluster?

There are several ways to launch resources in AWS. You can use the AWS Management Console or Command Line Interface (CLI) or you can automate the process by using tools such as AWS CloudFormation.

Storage optimized instance

These instances are designed for workloads that require high, sequential read and write access to large datasets on local storage. Examples of workloads suitable for this type of instance include distributed file systems, data warehousing applications, and high-frequency online transaction processing (OLTP) systems.

Memory optimized Instance

These instances are designed to deliver fast performance for workloads that process large datasets in memory. In computing, memory is a temporary storage area. It holds all the data and instructions that a central processing unit (CPU) needs to be able to complete actions. Before a computer program or application is able to run, it is loaded from storage into memory. This preloading process gives the CPU direct access to the computer program.

Accelerated Computing Instance

These instances use hardware accelerators, or coprocessors, to perform some functions more efficiently than is possible in software running on CPUs. Examples of these functions include floating-point number calculations, graphics processing, and data pattern matching. In computing, a hardware accelerator is a component that can expedite data processing. This instance is ideal for workloads such as graphics applications, game streaming, and application streaming.

AWS Systems Manager Parameter Store

This feature of a service provides a centralized store to manage your configuration data, whether plain-text data such as database strings or secrets such as passwords. This allows you to separate your secrets and configuration data from your code. Parameters can be tagged and organized into hierarchies, helping you manage parameters more easily.

Compute Optimized Instance

This instance is ideal for compute-bound applications that benefit from high-performance processors. Like general purpose instances, you can use this instance for workloads such as web, application, and gaming servers. However, the difference is this optimized applications are ideal for high-performance web servers, compute-intensive applications servers, and dedicated gaming servers. You can also use this optimized instance for batch processing workloads that require processing many transactions in a single group.

Amazon ElastiCache

This is a service that adds caching layers on top of your databases to help improve the read times of common requests. It supports two types of data stores: Redis and Memcached.

Amazon Managed Blockchain

This is a service that you can use to create and manage blockchain networks with open-source frameworks. This service is a distributed ledger system that lets multiple parties run transactions and share data without a central authority.

AWS Organizations

This service allows you to consolidate and manage multiple AWS accounts within a central location.

AWS Identity and Access Management (IAM)

This service enables you to manage access to AWS services and resources securely.

Amazon WorkSpaces

This service enables you to provision virtual, cloud-based Microsoft Windows, Amazon Linux, or Ubuntu Linux desktops for your users, known as ___. This service eliminates the need to procure and deploy hardware or install complex software. You can quickly add or remove users as your needs change. Users can access their virtual desktops from multiple devices or web browsers.

AWS Certificate Manager(ACM)

This service handles the complexity of creating, storing, and renewing public and private SSL/TLS X.509 certificates and keys that protect your AWS websites and applications. You can provide certificates for your integrated AWS services either by issuing them directly with this service or by importing third-party certificates into the service's management system. This service certificates can secure singular domain names, multiple specific domain names, wildcard domains, or combinations of these. This service's wildcard certificates can protect an unlimited number of subdomains. You can also export this service's certificates signed by AWS Private CA for use anywhere in your internal PKI.

Amazon Detective

This service helps you analyze, investigate, and quickly identify the root cause of security findings or suspicious activities. Detective automatically collects log data from your AWS resources. It then uses machine learning, statistical analysis, and graph theory to generate visualizations that help you to conduct faster and more efficient security investigations. The service prebuilt data aggregations, summaries, and context help you to quickly analyze and determine the nature and extent of possible security issues.

AWS Batch

This service helps you to run batch computing workloads on the AWS Cloud. Batch computing is a common way for developers, scientists, and engineers to access large amounts of compute resources. This service removes the undifferentiated heavy lifting of configuring and managing the required infrastructure, similar to traditional batch computing software. This service can efficiently provision resources in response to jobs submitted in order to eliminate capacity constraints, reduce compute costs, and deliver results quickly.

Amazon DynamoDB Accelerator

This service is an in-memory cache for DynamoDB. It helps improve response times from single-digit milliseconds to microseconds.

AWS Systems Manager

This service is the operations hub for your AWS applications and resources and a secure end-to-end management solution for hybrid cloud environments that enables secure operations at scale.

Amazon Cognito

This service provides authentication, authorization, and user management for your web and mobile apps. Your users can sign in directly with a user name and password, or through a third party such as Facebook, Amazon, Google or Apple. The two main components of this service are user pools and identity pools. User pools are user directories that provide sign-up and sign-in options for your app users. Identity pools enable you to grant your users access to other AWS services. You can use identity pools and user pools separately or together.

AWS Trusted Advisor

This service provides recommendations that help you follow AWS best practices. It evaluates your account by using checks. These checks identify ways to optimize your AWS infrastructure, improve security and performance, reduce costs, and monitor service quotas. You can then follow the recommendations to optimize your services and resources.

What is an instance store

This storage provides temporary block-level storage for an Amazon EC2 instance. This type of storage is a disk storage that is physically attached to the host computer for an EC2 instance, and therefore has the same lifespan as the instance. When the instance is terminated, you lose any data in this type of storage.

IAM groups

This type of group holds a collection of IAM users. When you assign an IAM policy to a group, all users in the group are granted permissions specified by the policy

What happens when you create an AWS organization

When you create an organization, AWS Organizations automatically creates a root, which is the parent container for all the accounts in your organization.

Which service can you automate to deploy an ElastiCache cluster

With AWS CloudFormation you can deploy infrastructure such as Amazon ElastiCache clusters by defining your desired configuration state in code using a template file written in JSON or YAML. CloudFormation will then deploy the resources by creating a Stack according to the template file.

What service allows you to look up a year of historical event data

With Detective, you can access up to a year of historical event data. This data is available through a set of visualizations that show changes in the type and volume of activity over a selected time window. Detective links these changes to GuardDuty findings.

Amazon VPC

With this service, you can launch AWS resources in a logically isolated virtual network that you've defined. This virtual network closely resembles a traditional network that you'd operate in your own data center, with the benefits of using the scalable infrastructure of AWS.

File Storage

With this type of storage, multiple clients (such as users, applications, servers, and so on) can access data that is stored in shared file folders. In this approach, a storage server uses block storage with a local file system to organize files. Clients access data through file paths.

Nonrelational databases

You create tables in a key-value data structure as opposed to create rows and columns in relational databases

Multi-factor authentication

You might have needed to provide your password and then a second form of authentication, such as a random code sent to your phone. This is an example of this type of authentication.

What is a "pay as you go" model

You only pay for the servers that you need depending on the volume of requests or traffic you get at a certain time

When should you consider using Amazon Aurora

You should this database if your workloads require high availability. It replicates six copies of your data across three Availability Zones and continuously backs up your data to Amazon S3.

AWS Fargate

a compute engine for Amazon ECS that allows you to run containers without having to manage servers or clusters.

Amazon Elastic Container Service (Amazon ECS)

a highly scalable, high-performance container orchestration service that supports Docker containers and allows you to easily run and scale containerized applications on AWS

Reserved Instances

are a billing discount applied to the use of On-Demand Instances in your account. You can purchase Standard Reserved and Convertible Reserved Instances for a 1-year or 3-year term, and Scheduled Reserved Instances for a 1-year term. You realize greater cost savings with the 3-year option.

On-Demand Instances

are ideal for short-term, irregular workloads that cannot be interrupted. No upfront costs or minimum contracts apply. The instances run continuously until you stop them, and you pay for only the compute time you use.

Spot Instances

are ideal for workloads with flexible start and end times, or that can withstand interruptions. This instance use unused Amazon EC2 computing capacity and offer you cost savings at up to 90% off of On-Demand prices.

Dedicated Hosts

are physical servers with Amazon EC2 instance capacity that is fully dedicated to your use.

What is a hypervisor

are software, specialized firmware, or both which allow physical hardware to be shared across multiple virtual machines.

What is "cloud based" deployment

can migrate existing applications to the cloud, or you can design and build new applications in the cloud. You can build those applications on low-level infrastructure that requires your IT staff to manage them. Alternatively, you can build them using higher-level services that reduce the management, architecting, and scaling requirements of the core infrastructure.

What is "hybrid" deployment

cloud-based resources are connected to on-premises infrastructure. You might want to use this approach in a number of situations. For example, you have legacy applications that are better maintained on premises, or government regulations require your business to keep certain records on premises.

Public Subnet

contain resources that need to be accessible by the public, such as an online store's website.

Private Subnet

contain resources that should be accessible only through your private network, such as a database that contains customers' personal information and order histories.

Infrastructure as a Service (IaaS)

contains the basic building blocks for cloud IT and typically provide access to networking features, computers (virtual or on dedicated hardware), and data storage space. This cloud computing service provides you with the highest level of flexibility and management control over your IT resources and is most similar to existing IT resources that many IT departments and developers are familiar with today.

Amazon Kinesis

cost-effectively processes and analyzes streaming data at any scale as a fully managed service. With this service, you can ingest real-time data, such as video, audio, application logs, website clickstreams, and IoT telemetry data, for machine learning (ML), analytics, and other applications.

Relational databases

data is stored in a way that relates it to other pieces of data.

Amazon EC2 Auto Scaling

enables you to automatically add or remove Amazon EC2 instances in response to changing application demand. By automatically scaling your instances in and out as needed, you are able to maintain a greater sense of application availability.

Amazon QuickSight

is a cloud-scale business intelligence (BI) service that you can use to deliver easy-to-understand insights to the people who you work with, wherever they are. This service connects to your data in the cloud and combines data from many different sources. In a single data dashboard, this service can include AWS data, third-party data, big data, spreadsheet data, SaaS data, B2B data, and more. As a fully managed cloud-based service, this service provides enterprise-grade security, global availability, and built-in redundancy. It also provides the user-management tools that you need to scale from 10 users to 10,000, all with no infrastructure to deploy or manage.

AWS CodeStar

is a cloud‑based development service that provides the tools you need to quickly develop, build, and deploy applications on AWS. With this service, you can set up your entire continuous delivery toolchain in minutes, allowing you to start releasing code faster.

AWS CodePipeline

is a continuous delivery service you can use to model, visualize, and automate the steps required to release your software. You can quickly model and configure the different stages of a software release process. This service automates the steps required to release your software changes continuously

Amazon Macie

is a data security service that discovers sensitive data by using machine learning and pattern matching, provides visibility into data security risks, and enables automated protection against those risks.

Amazon Redshift

is a data warehousing service that you can use for big data analytics. It offers the ability to collect data from many sources and helps you to understand relationships and trends across your data.

What is a microservice

is a distinctive method of developing software systems that tries to focus on building single-function modules with well-defined interfaces and operations. The trend has grown popular in recent years as Enterprises look to become more Agile and move towards a DevOps and continuous testing.

Amazon DocumentDB

is a document database service that supports MongoDB workloads. (MongoDB is a document database program.

IAM policy

is a document that allows or denies permissions to AWS services and resources.

AWS Outposts

is a fully managed service that offers the same AWS infrastructure, AWS services, APIs, and tools to virtually any datacenter, co-location space, or on-premises facility for a truly consistent hybrid experience. It is ideal for workloads that require low latency access to on-premises systems, local data processing, data residency, and migration of applications with local system interdependencies.

Amazon Redshift

is a fully managed, petabyte-scale data warehouse service in the cloud. This service while serverless lets you access and analyze data without all of the configurations of a provisioned data warehouse. Resources are automatically provisioned and data warehouse capacity is intelligently scaled to deliver fast performance for even the most demanding and unpredictable workloads. You don't incur charges when the data warehouse is idle, so you only pay for what you use. You can load data and start querying right away in this service's query editor v2 or in your favorite business intelligence (BI) tool. Enjoy the best price performance and familiar SQL features in an easy-to-use, zero administration environment.

Amazon Neptune

is a graph database service. You can use this service to build and run applications that work with highly connected datasets, such as recommendation engines, fraud detection, and knowledge graphs.

Internet Gateway

is a horizontally scaled, redundant, and highly available VPC component that allows communication between your VPC and the internet. This gateway serves two purposes: to provide a target in your VPC route tables for internet-routable traffic, and to perform network address translation (NAT) for instances that have been assigned public IPv4 addresses.

Amazon DynamoDB

is a key-value database service. It delivers single-digit millisecond performance at any scale.

Amazon Quantum Ledger Database (Amazon QLDB)

is a ledger database service. You can use this service to review a complete history of all the changes that have been made to your application data.

S3 Glacier

is a low-cost storage class that is ideal for data archiving. For example, you might use this storage class to store archived customer records or older photos and video files.

Amazon Simple Queue Service (Amazon SQS)

is a message queuing service from Amazon.

Amazon Simple Notification Service (Amazon SNS)

is a publish/subscribe service. Using this Amazon Service topics, a publisher publishes messages to subscribers. This is similar to the coffee shop; the cashier provides coffee orders to the barista who makes the drinks.

Amazon Elastic File System (Amazon EFS)

is a scalable file system used with AWS Cloud services and on-premises resources. As you add and remove files, this file system grows and shrinks automatically. It can scale on demand to petabytes without disrupting applications.

Subnet

is a section of a VPC in which you can group resources based on security or operational needs. Subnets can be public or private.

Amazon EventBridge

is a serverless service that uses events to connect application components together, making it easier for you to build scalable event-driven applications. Use it to route events from sources such as home-grown applications, AWS services, and third- party software to consumer applications across your organization. This service provides a simple and consistent way to ingest, filter, transform, and deliver events so you can build new applications quickly.

AWS Global Accelerator

is a service in which you create accelerators to improve the performance of your applications for local and global users. Depending on the type of accelerator you choose, you can gain additional benefits: With a standard accelerator, you can improve availability of your internet applications that are used by a global audience. With a standard accelerator, Global Accelerator directs traffic over the AWS global network to endpoints in the nearest Region to the client. With a custom routing accelerator, you can map one or more users to a specific destination among many destinations.

AWS Storage Gateway

is a service that connects an on-premises software appliance with cloud-based storage to provide seamless and secure integration between your on-premises IT environment and the AWS storage infrastructure in the AWS Cloud.

AWS Direct Connect

is a service that enables you to establish a dedicated private connection between your data center and a VPC.

AWS Database Migration Service (AWS DMS)

is a service that enables you to migrate relational databases, nonrelational databases, and other types of data stores.

Amazon Relational Database Service (Amazon RDS)

is a service that enables you to run relational databases in the AWS Cloud.

Virtual Private Cloud (VPC)

is a service that lets you launch AWS resources in a logically isolated virtual network that you define. You have complete control over your virtual networking environment, including selection of your own IP address range, creation of subnets, and configuration of route tables and network gateways. You can use both IPv4 and IPv6 for most resources in your cloud, helping to ensure secure and easy access to resources and applications.

AWS Lambda

is a service that lets you run code without needing to provision or manage servers.

AWS License Manager

is a service that makes it easier for you to manage your software licenses from software vendors (for example, Microsoft, SAP, Oracle, and IBM) centrally across AWS and your on-premises environments. This provides control and visibility into the usage of your licenses, enabling you to limit licensing overages and reduce the risk of non-compliance and misreporting.

Amazon Elastic Block Store (Amazon EBS)

is a service that provides block-level storage volumes that you can use with Amazon EC2 instances. If you stop or terminate an Amazon EC2 instance, all the data on the attached to this storage remains available.

Amazon Simple Storage Service (Amazon S3)

is a service that provides object-level storage, and stores data as objects in buckets.

Availability Zone

is a single data center or a group of data centers within a Region. This service is located tens of miles apart from each other. This is close enough to have low latency (the time between when content requested and received) between these areas. However, if a disaster occurs in one part of the Region, they are distant enough to reduce the chance that multiple areas are affected.

Edge location

is a site that Amazon CloudFront uses to store cached copies of your content closer to your customers for faster delivery.

What is firmware

is a specific class of computer software that provides the low-level control for a device's specific hardware. It can either provide a standardized operating environment for more complex device software (allowing more hardware-independence), or, for less complex devices, act as the device's complete operating system, performing all control, monitoring and data manipulation functions.

packet

is a unit of data sent over the internet or a network.

Network access control lists (ACLs)

is a virtual firewall that controls inbound and outbound traffic at the subnet level.

Security Group

is a virtual firewall that controls inbound and outbound traffic for an Amazon EC2 instance. If you have multiple Amazon EC2 instances within a subnet, you can associate them with the same firewall or use different firewalls for each instance.

Amazon Inspector

is a vulnerability management service that continuously scans your AWS workloads for software vulnerabilities and unintended network exposure. This service automatically discovers and scans running Amazon EC2 instances, container images in Amazon Elastic Container Registry (Amazon ECR), and AWS Lambda functions for known software vulnerabilities and unintended network exposure.

AWS Management Console

is a web-based interface for accessing and managing AWS services. You can quickly access recently used services and search for other services by name, keyword, or acronym. The console includes wizards and automated workflows that can simplify the process of completing tasks.

What is "on-premise" deployment

is also known as a private cloud deployment. In this model, resources are deployed on premises by using virtualization and resource management tools. For example, you might have applications that run on technology that is fully kept in your on-premises data center. Though this model is much like legacy IT infrastructure, its incorporation of application management and virtualization technologies helps to increase resource utilization.

What is Amazon Aurora

is an enterprise-class relational database. It is compatible with MySQL and PostgreSQL relational databases.

IAM roles

is an identity that you can assume to gain temporary access to permissions.

IAM user

is an identity that you create in AWS. It represents the person or application that interacts with AWS services and resources. It consists of a name and credentials.

EBS Snapshot

is an incremental backup. This means that the first backup taken of a volume copies all the data. For subsequent backups, only the blocks of data that have changed since the most recent snapshot are saved.

Amazon Athena

is an interactive query service that makes it easy to analyze data directly in Amazon Simple Storage Service (Amazon S3) using standard SQL. With a few actions in the AWS Management Console, you can point Athena at your data stored in Amazon S3 and begin using standard SQL to run ad-hoc queries and get results in seconds.

Amazon Connect

is an omnichannel cloud contact center. You can set up a contact center in a few steps, add agents who are located anywhere, and start engaging with your customers.

Elastic Load Balancing

is the AWS service that automatically distributes incoming application traffic across multiple resources, such as Amazon EC2 instances.

What is cloud computing

is the on-demand delivery of IT resources over the internet with pay-as-you-go pricing

Compute as a Service (CaaS)

is when computing resources are supplied on demand via virtual or physical resources as a service. It is usually priced by way of a consumption-based model.

AWS Command Line Interface (AWS CLI)

it enables you to control multiple AWS services directly from the command line within one tool. This service is available for users on Windows, macOS, and Linux.

What is scalability?

it involves beginning with only the resources you need and designing your architecture to automatically respond to changing demand by scaling out or in. As a result, you pay for only the resources you use. You don't have to worry about a lack of computing capacity to meet your customers' needs.

Amazon Elastic Kubernetes Service (Amazon EKS)

makes it easy to deploy, manage, and scale containerized applications that use Kubernetes on AWS.

What is vertical scaling

means that you scale by adding more power (CPU, RAM) to an existing machine. AWS provides instances up to 488 GB of RAM or 128 virtual cores.

General Purpose Instance

provide a balance of compute, memory, and networking resources. You can use them for a variety of workloads, such as: - application servers - gaming servers - backend servers for enterprise applications - small and medium databases Suppose that you have an application in which the resource needs for compute, memory, and networking are roughly equivalent. You might consider running it on on this type of instance because the application does not require optimization in any single resource area.

What are containers

provide you with a standard way to package your application's code and dependencies into a single object.

S3 Standard

provides high availability for objects. This makes it a good choice for a wide range of use cases, such as websites, content distribution, and data analytics. S3 Standard has a higher cost than other storage classes intended for infrequently accessed data and archival storage.

AWS Artifact

provides on-demand downloads of AWS security and compliance documents, such as AWS ISO certifications, Payment Card Industry (PCI) reports, and Service Organization Control (SOC) reports.

AWS Managed Services

provides ongoing management of your AWS infrastructure so you can focus on your applications.

Software as a Service (SaaS)

provides you with a completed product that is run and managed by the service provider. In most cases, people referring to this service are referring to end-user applications. With this service offering, you do not have to think about how the service is maintained or how the underlying infrastructure is managed; you only need to think about how you will use that particular piece of software. A common example of this type of service application is web-based email where you can send and receive email without having to manage feature additions to the email product or maintaining the servers and operating systems that the email program is running on.

AWS CloudFormation

provisions your resources in a safe, repeatable manner, enabling you to frequently build your infrastructure and applications without having to perform manual actions. It determines the right operations to perform when managing your stack and rolls back changes automatically if it detects errors.

Platform as a Service (PaaS)

remove the need for organizations to manage the underlying infrastructure (usually hardware and operating systems) and allow you to focus on the deployment and management of your applications. This helps you be more efficient as you don't need to worry about resource procurement, capacity planning, software maintenance, patching, or any of the other undifferentiated heavy lifting involved in running your application.

Auto Scaling Group

this feature can set the minimum number of Amazon EC2 instances. The minimum capacity is the number of Amazon EC2 instances that launch immediately after you have created this service.

Amazon API Gateway

this gateway is an AWS service for creating, publishing, maintaining, monitoring, and securing REST, HTTP, and WebSocket APIs at any scale. API developers can create APIs that access AWS or other web services, as well as data stored in the AWS Cloud.

What does AWS EC2 Saving Plans enables

this plan enables you to reduce your compute costs by committing to a consistent amount of compute usage for a 1-year or 3-year term. This term commitment results in savings of up to 72% over On-Demand costs.

AWS Elastic Beanstalk

you provide code and configuration settings, and it deploys the resources necessary to perform the following tasks: - Adjust capacity - Load balancing - Automatic scaling - Application health monitoring


Set pelajaran terkait

Origins and Insertions (Levator Scapulae)

View Set

Stoic Psychological Terms and Techniques.

View Set

Corporate Social Responsibility - Rutgers - Test 1

View Set