AWS CCP
Which of the following is correct?
# of Edge Locations > # of Availability Zones > # of Regions
Dedicated Instances
(available with Amazon Elastic Compute Cloud (Amazon EC2)) run in a virtual private cloud (VPC) on hardware that's dedicated to a single customer
AWS Directory Service
AWS Directory Service for Microsoft Active Directory (Enterprise Edition), also known as AWS Microsoft AD, enables your directory-aware workloads and AWS resources to use managed Active Directory in the AWS Cloud
Which of the following AWS services is an example of Platform as a Service?
AWS Elastic Beanstalk
Which AWS offering enables customers to find, buy, and immediately start using software solutions in their AWS environment?
AWS Marketplace
Which of the following enables customers to find, test, and buy software from independent vendors to run on AWS?
AWS Marketplace
CodeBuild
Compiles source code, runs test and produces software package
How would a system administrator add an additional layer of login security to a user's AWS Management Console?
Enable Multi-Factor Authentication
Which of the following does Amazon assure will happen when paying for AWS on an as-needed basis?
Enabling the full elasticity of business operations Reducing procurement complexity Redirecting focus to innovation and invention
Which of the following are benefits of Amazon RDS read replicas?
Enhanced performance Designed for security Increased availability
You want to monitor your costs of using your AWS services and receive alerts when the thresholds you defined are met. Which of the following AWS Budget types should you create?
Cost Budget
Which of the following AWS Support levels offers the assistance of a Technical Account Manager?
Enterprise
For which of the following categories does AWS Trusted Advisor provides best practices and/or or checks of your AWS environment?
Cost Optimization, Performance, Security, and Fault Tolerance.
You want to run your application on a PaaS infrastructure, and you need to be able to select both your instance type and your database. Which of the following services should you choose?
Elastic Beanstalk
What does EC2 stand for?
Elastic Compute Cloud
In AWS, you can stop or terminate instances when not in use. Which of the following concepts describes this capability?
Elasticity
Which of the following best describes the ability to scale computing resources up or down easily, while only paying for the resources used?
Elasticity
When talking about AWS security, what does "Authorization" refer to?
Evaluating what permissions a user has
When talking about AWS security, what does "Authentication" refer to?
Identifying who is accessing the system
AWS VPC is a component of which of the following overall services categories?
Networking and Content Delivery
Relational Database
SQL Server Oracle MySQL Server PostgresSQL Aurora MariaDB
Total Cost of Ownership Calculator
calculates cost of doing it yourself vs. doing it in AWS - a. Main components - server, storage, network and IT labor
Database Migration Services (DMS)
can migrate data from one engine type to another
Relational Database Service (RDS)
fully managed service, can launch services for MySQL, Aurora, SQL Server, Oracle, MariaDB
Amazon Workspaces
fully-managed desktop as a service, like VDI
Lumberyard
game development environment
CloudFront
global CDN, securely delivers your content to edge locations, provides protection against DDOS
Predictive
machine-based learning
Amazon WorkMail
mail and calendar service
ElastiCache
makes it easy to set up, manage, and scale distributed in-memory cache environments in the AWS Cloud. It provides a high performance, resizable, and cost-effective in-memory cache, while removing complexity associated with deploying and managing a distributed cache environment. ElastiCache works with both the Redis and Memcached engines; to see which works best for you, see the Comparing Memcached and Redis topic in either user guide.
Identity and Access Management (IAM)
manage user access to AWS service and resources
AWS IoT
managed cloud platform allows embedded devices such as Rasberry Pi to interact w/ cloud apps
On Demand
means you pay for compute or database capacity with no long-term commitments or upfront payments.
Amazon Chime
meeting service, video conf, calls, chat, content sharing
CloudTrail
monitors and logs AWS account activity, API Call ○ Per AWS Account and is enabled per Region ○ Can consolidate logs using S3 bucket ○ Regional Service ○ Classic LB (previous gen, combo of App & Net)
Virtual Private Cloud (VPC)
provision a network within AWS, impenetrable, transitive peering is not allowed, only one peering resource between any two VPCs, intra and inter-region support, use private IPs, can be established between different AWS accounts
OpsWorks
provides managed instance of Chef and Puppet (used to configure and automate deployment of resources)
CloudWatch
provides you with data and actionable insights to monitor your applications, respond to system-wide performance changes, optimize resource utilization, and get a unified view of operational health.
Simple Storage Service (S3)
serverless service - designed to store any type of data (buckets)
AWS Lambda
serverless service, allows you to run code in the cloud sans server
How many elastic IP addresses can you associate with a running EC2 instance with no charge?
1
Free Services
1. Elastic Beanstalk 2. IAM 3. CloudFormation 4. OpsWorks 5. VPC 6. AutoScaling 7. Consolidated Billing
Compliance
1. PCI - credit card 2. SOC 1 - Audit Controls Report 3. SOC 2 - Security, Availability and Confidentiality Report 4. SOC 3 - General Controls Report 5. HIPAA - healthcare 6. Global... US... EU... etc...
What is the maximum number of IAM users you can add to an AWS account at the same time?
10
Generally speaking, what is the minimum number of Availability Zones per AWS Region?
2
Business
24x7 support by phone and chat, 1 hour response for urgent issues, full access to AWS Trusted Advisor (starts at $100/mo)
Upon sign-up of an AWS account, how much Amazon DynamoDB storage will you get?
25 GB
Amazon Simple Storage Service (Amazon S3):
5 GB of Amazon S3 standard storage, 20,000 Get Requests, and 2,000 Put Requests
Amazon CloudFront:
50 GB Data Transfer Out and 2,000,000 HTTP and HTTPS Requests each month
What is the maximum amount of storage that Amazon Aurora offers?
64 TB
Amazon Relational Database Service (Amazon RDS):
750 hours of Amazon RDS Single-AZ db.t2.micro Instances for running MySQL, PostgreSQL, MariaDB, Oracle BYOL, or SQL Server (running SQL Server Express Edition); 20 GB of database storage; 10 million I/Os; and 20 GB of backup storage
Amazon Elastic Compute Cloud (Amazon EC2):
750 hours per month of Linux, RHEL, or SLES t2.micro instance usage or 750 hours per month of Windows t2.micro instance usage
Once you exceed a usage percentage of Free Tier limits for any service, AWS will automatically send you an email notification. What is that percentage?
85%
Which of the following are programmatic access types enabling users to interact with AWS services?
API SDK CLI
Which of the following is classified as an AWS Networking & Content Delivery service?
API Gateway
Where can a customer find information about prohibited actions on AWS infrastructure?
AWS Acceptable Use Policy
Which of the following are part of the AWS storage services category?
AWS Backup Amazon S3 Amazon EFS
Which of the following does AWS use to notify you by email when you exceed 85% of your Free Tier limits for each service?
AWS Budgets
Which service can identify the user that made the API call when an Amazon Elastic Compute Cloud (Amazon EC2) instance is terminated?
AWS CloudTrail
A consulting firm is conducting a Sarbanes-Oxley compliance audit of your IT operations. The auditor requests visibility to logs of event history across your AWS-based employee expense system infrastructure. Which AWS service will record and provide give you the information you need?
AWS Cloudtrail
You are an AWS Enterprise customer with questions about billing and your overall AWS account. Which of the following AWS support personnel should you contact?
AWS Concierge
Which of the following AWS services enable you to continuously monitor and record configuration changes of your resources?
AWS Config
Which of the following AWS services should you use to migrate an existing database to AWS?
AWS DMS
Which AWS service would simplify migration of a database to AWS?
AWS Database Migration Service (AWS DMS)
As an IT support center team member, you begin receiving calls from users about problems they're experiencing with your company's AWS-based point-of-sale system. You want to begin your investigation by checking with AWS for any service alerts they may be communicating. Which AWS tool will you give you the information you seek?
AWS Personal Health Dashboard
Which of the following does AWS use to notify you by email when you exceed 85% of your Free Tier limits for each service?
AWS Personal Health Dashboard
Which service might you use to provide Distributed Denial of Service (DDoS) protection to your applications running on AWS?
AWS Shield
Which tool can help you to compare the cost of hosting resources in AWS vs the cost of hosting in a traditional data centre?
AWS TCO Calculator
Which component of AWS global infrastructure does Amazon CloudFront use to ensure low-latency delivery?
AWS edge locations
Shared Responsibility Model
AWS responsible for security OF the cloud... customer responsible for security IN the cloud
DynamoDB
AWS serverless service, low-latency
Which of the following are key components of Amazon Glacier?
Access Policy Archive Vault
Which of the following are best practices when it comes to securing your AWS account?
Activate MFA on the Root Account Use groups to assign permissions Delete your Root access keys Apply an IAM password policy Create individual IAM users
The Chief Marketing Officer of the hotel chain you work for would like to implement voice recognition capabilities in rooms so customers can request services without picking up the phone. Competitors have already begun rolling out these technologies in an attempt to improve their customers' experience. Which benefit of the AWS cloud would you most emphasize to the CMO in your business case for creating an AWS-based solution?
Agility
Why is AWS more economical than traditional data centers for applications with varying compute workloads?
Amazon EC2 instances can be launched on-demand when needed
Which of the following falls under the AWS database services category?
Amazon ElastiCache
Amazon Lex
Amazon Lex is a service for building conversational interfaces into any application using voice and text
Amazon Polly
Amazon Polly is a service that turns text into lifelike speech.
Your sales operations group would like to perform monthly analyses on large amounts of sales activity. They want to be able to rank the performance of different territories, product categories, and sales channels. They will use visualization tools to generate graphical representations of the data. Which AWS service will provide the best solution for storing the sales data?
Amazon Redshift
Amazon Rekognition
Amazon Rekognition is a service that makes it easy to add image analysis to your applications.108 With Rekognition, you can detect objects, scenes, and faces in images. You can also search and compare faces.
Which service would you use to send alerts based on Amazon CloudWatch alarms?
Amazon Simple Notification Service (Amazon SNS)
According to the Shared Responsibility Model, which of the following is AWS responsible for?
Amazon Virtual Private Cloud Elastic Cloud Compute (EC2) infrastructure
Which AWS networking service enables a company to create a virtual network within AWS?
Amazon Virtual Private Cloud (Amazon VPC)
Which of the following Load Balancers uses Listeners, Targets, and Target Groups?
Application Load Balancer
What are three types of load balancer?
Application Load Balancer Network Load Balancer Classic Load Balancer
You are creating an S3 bucket called company-subsite-logos, and you want to give it the exact same settings that your company-logos bucket has. What would be the quickest way of doing so?
At the Create bucket screen for the company-logos bucket, choose Copy settings from an existing bucket option, and then choose the company-subsite-logos bucket to copy its settings.
Which of the following engines are classified as relational databases on AWS?
Aurora Maria DB
The load on your application fluctuates by day of the week. Wednesdays have the most traffic; Saturdays have the least traffic. Which AWS service allows you to ensure you have the correct amount of compute capacity while also optimizing on a cost basis?
Auto Scaling
AWS Application Discovery Service
Automatically profiles on-premises applications to help plan your application migration to AWS quickly and reliably.
Using Infrastructure as Code is a related of which cloud concept?
Automation
Which of the following are a collection of datacentres within a specific region?
Availability Zones
Which of the following AWS Support levels offers 24x7 support via phone or chat?
Business
QuickSight
BI reporting tool, like Tableau
Which of the below are you responsible for when storing data in S3?
Backing up your data
How does AWS Shield Standard help protect your environment?
By Blocking DDOS attacks
How can Auto Scaling help your resources handle changes in demand?
By adding or removing EC2 instances from your EC2 fleet based on conditions you specify
Which of the below is TRUE when considering subnets in a VPC?
By default, all subnets within a VPC can communicate with each other
CodePipeline
CICD (continuous integration continuous delivery) - can build test and deploy code every time a code change occurs
Which of the following are components of the AWS Assurance Program?
Certifications/Attestations Compliance with Laws and Regulations
Which of the following services helps you to deliver your content to your customers faster?
CloudFront
Which of the following statements is true of AWS CloudTrail?
CloudTrail delivers log files within 15 minutes of account activity. By default, CloudTrail event log files are encrypted using Amazon S3 server-side encryption. With CloudTrail, you can create a trail that either applies to one Region or to all Regions.
Which of the following AWS services should you use if you'd like to be notified when you have crossed a billing threshold?
CloudWatch
What type of placement group should you use to pack EC2 instances together inside an Availability Zone so that applications can benefit from low network latency or high network throughput?
Cluster
Which of the below are you responsible for when running an RDS database on AWS?
Controlling access to the database
Which of the five best practices does AWS Trusted Advisor use to eliminate unused, underutilized, and idle resources in your environment?
Cost optimization
A new System Administrator has started with your organisation and requires a user account so that they can manage you AWS resources. You have AWS resources in multiple regions - what needs to be done to allow the new starter access to manage resources in the regions you operate in?
Create a single IAM user account - this will enable access in all regions
What is the recommended way to give your applications running in EC2 permission to other AWS resources?
Create an IAM Role with appropriate permissions and assign it to the instance.
Route 53
DNS for AWS
Enabling Amazon GuardDuty automatically grants this service the permission to analyze which of the following data sources?
DNS query logs AWS CloudTrail logs VPC Flow Logs
Which of the following types of data transfer concerning Amazon EC2 are free?
Data transfer in to EC2 from the Internet Data transfer out from EC2 to Amazon CloudFront
Which of the following types of data transfer concerning Amazon EC2 are free?
Data transfer out from EC2 to Amazon CloudFront Data transfer in to EC2 from the Internet
ElastiCache is an example of what type of AWS Services?
Database
Which of the following are principles of sound design when it comes to performance efficiency?
Democratize advanced technologies. Deploy into multiple Regions to go global in minutes Use Serverless architectures.
Which of the following are components of the Security Pillar of the AWS Well-Architected Framework?
Detective Controls IAM Infrastructure Protection
Which of the following support plans feature access to AWS support via email only during business hours?
Developer
Your Project Manager needs to know the daily spend of the company's AWS account over the last 60 days to consider creating and implementing cost-effective measures. What should you do?
Direct him to AWS Budgets. Direct him to Daily Spend View in AWS Cost Explorer.
Which of the following best describes Availability Zones?
Distinct locations from within an AWS region that are engineered to be isolated from failures.
Which of the following falls under AWS compute services category?
EC2 Elastic Beanstalk Lightsail
Network Load Balancers
Extreme Performance/Static IP Addresses
Which of the following best describes a system that will remain operational even in the event of a component failure?
Fault-tolerant
You are using your corporate directory to grant your users access to AWS services. What is this called?
Federated Access
CodeCommit
Git repo running in AWS
Which of the following provides the least expensive Amazon S3 storage?
Glacier Deep Archive
AWS AppSync
GraphQL backend for mobile and web apps
Which of the following Compliance guarantees attests to the fact that the AWS Platform has met the standard required for the secure storage of medical records in the US?
HIPAA
A software development team needs to create numerous testing environments each day based on multiple concurrent project activities. Provisioning of these environments needs to happen within minutes to ensure that project deadlines are met. The number of environments needed daily varies depending shifting priorities in business requirements. How can the team best achieve the agility they need for creating the testing environments?
Have AWS CloudFormation provision the stacks and resources needed for the testing environments
Deploying your EC2 instances across multiple AZs will help address which Cloud Concept?
High Availability
Which of the following best describes a system that is always online — without the need for human intervention?
Highly Available
Your company has updated its security policies to include cloud workloads as well as those running on-premises. Your manager would like a report of which technologies will require configuration changes. Which of the following will not be included in the report because they are the responsibility of AWS?
Host operating systems
In AWS' Global Infrastructure, what are Edge Locations responsible for?
Hosting a Content Delivery Network called CloudFront
Which of the following AWS services controls Authentication and Authorization within an AWS account?
IAM
Cloud9
IDE running in AWS, deploy servers directly to AWS from an IDE
When you upload an object to S3 storage - where will AWS keep it?
In multiple Availability Zones within the Region you select.
Which of the following are components of the AWS Risk and Compliance Program?
Information Security Risk Management Control Environment
Which of the following are components of the Security Pillar of the AWS Well-Architected Framework?
Infrastructure Protection IAM Detective Controls
Which of the following are principles of sound cloud design?
Infrastructure as code Assume *everything* will fail Scalability Disposable resources
For a subnet to be public and send non-local traffic to the Internet, we must update the Route Table of the public subnet and attach which of the following to the VPC that contains the subnet?
Internet Gateway
Which of the following statements is true of Amazon Aurora?
It can deliver up to five times the throughput of MySQL. It can auto-scale up to 64 TB of storage space. It is a Relational Database Service (RDS) database engine developed by Amazon.
Which of the following is true of AWS Lambda?
It supports languages like Ruby and Python for writing application code. It lets you run code without provisioning or managing servers. It is a serverless computing platform.
You need to execute code in response to a specific change to your S3 bucket. Which of the following compute services should you choose to execute your code?
Lambda
An online education company has customers on four continents. They need to run software functions to customize offerings for students in various locations around the globe based on parameters that each student enters. Which AWS service will provide this capability with the highest performance efficiency?
Lambda@Edge
Which of the following comprises an Amazon Machine Image (AMI)?
Launch permissions Block device mapping EBS snapshots or root volume template of an EC2 instance
A Web Application Firewall operates at which layer of the OSI model?
Layer 7
Application Load Balancer
Layer 7 - Make Intelligent Decisions
Your project manager (PM) tasked you with launching an instance for a web application to be developed for an NGO. The PM is especially interested in using an AWS service that provides predicable monthly pricing, and he expects the instance to have the ability to burst above the baseline level of CPU performance when needed. What AWS service should you use to launch this instance?
Lightsail
Which of the following is AWS's responsibility under the AWS shared responsibility model?
Maintaining physical hardware
A mobile shopping list app needs to be able to add, delete, and update items on specific lists anytime a user desires. The backend for the app will run on Amazon EC2 instances with Auto Scaling to manage fluctuations in user demand. Many times, a user will perform maintenance on many list items in a single session. What design characteristic must be incorporated into the app for these requirements to be met?
Make sure the app doesn't need knowledge of previous transactions
Which of the following database migrations are classified as heterogenous?
Microsoft SQL Server to Amazon Aurora Oracle to Amazon Aurora
RDS TWO KEY FEATURES
Multi-AZ- For disaster Recovery Read Replicas - For performance
Which following statement is true of newly created security groups with their default rules?
New security groups allow only outbound traffic and block all incoming traffic.
Upon which of these measurements is AWS Lambda pricing based?
Number of requests Duration
Amazon FreeRTOS
OS for micro-controllers
Which of the below are common use cases for S3?
Static web hosting Storing application assets
By default, what can a Private Subnet communicate with?
Other Private Subnets in the same VPC Public Subnets in the same VPC
Which of the following Compliance certifications attests to the security of the AWS platform regarding credit card transactions?
PCI DSS Level 1
Which of the following are payment options for Reserved Instances?
PURI AURI NURI
What type of placement group should you use to spread Amazon EC2 instances across logical partitions so that they don't share the same underlying hardware?
Partition
Which of the following is a Shared Control of the AWS Shared Responsibility Model?
Patch Management
Which of the below are you responsible for when running an EC2 instance on AWS?
Patching the applications Patching the operating system
Which of the following AWS Trusted Advisor best practice checks involves using Amazon CloudFront to accelerate data transfer from S3 buckets?
Performance
You need to re-create an EBS volume that you have used previously. How might you go about doing that?
Recreate volume from snapshot
Which of the following are types of cloud computing deployments?
Public cloud Private cloud Hybrid cloud
Which of the following is AWS' Data Warehousing service?
Redshift
AWS Database Services
RDS and Redshift are classified as database services.
Which of the following statements about AWS Region is true?
Regions are generally specific geographical areas
Instead of relying on a single data center to provide its services across the world, AWS relies on several physical locations, each of which consists of one or more data centers. What are the official names for these physical locations and data centers?
Regions; Availability Zones
Which of the following are valid EC2 pricing options?
Reserved On-Demand
Which of the following are components of the AWS Risk and Compliance Program?
Risk Management Control Environment Information Security
Which of the following are configuratble components of IAM?
Roles Permissions Users Groups
Which of the following AWS services are Global by default?
Route53 IAM CloudFront
Which of the following are criteria affecting your billing for RDS?
Running duration of the RDS instances Additional storage Number of requests
You need to store a collection of objects that can also be accessed from a different AWS Region. Which service should you use to do this?
S3
Which of the following Amazon EC2 pricing models automatically adjusts charges as your usage changes?
Savings Plan
You have an application load balancer for routing traffic from developers to the EC2 instance that contains a web application being put into operation. To prepare for the application going live for public use, you add an Auto Scaling Group and a second application load balancer to route web traffic from customers to the EC2 instance. The addition is an example of which of the following:
Scalability
Which of the following are principles of sound cloud design?
Scalability Infrastructure as code Disposable resources Assume *everything* will fail.
If you have a new application and you are not sure about future demand, which of the below characteristics of cloud make cloud an ideal place to host it?
Scalability No upfront Pay as you go
Which of the following are principles of sound design when it comes to reliability?
Scale horizontally. Stop guessing about your capacity requirements.
Which of the following are AWS EC2 reserved pricing types?
Scheduled Reserved Instances Standard Reserved Instances Convertable Reserved Instances
Inspector
Security Assessment Tool
Which of the following acts like built-in firewalls per instance for your virtual servers?
Security Groups
Which of the following is not part of the AWS Global infrastructure?
Security Groups
Broadly speaking as a customer of AWS you responsible for:
Security IN the cloud
According to the AWS Shared Responsibility Model, which of the following is the customer responsible for? (Choose 3)
Security groups Subnets Virtual Private Clouds (VPCs)
You have been asked to archive some data into Glacier that needs to be encrypted. What is the easiest way to achieve this?
Send the data to Glacier and do nothing more - all data in Glacier is encrypted by default
When setting up the properties of an S3 bucket, which of the following options should you select to get detailed records for the requests made to the bucket?
Server access logging
Your System Administration team lead wants you to subscribe to the RSS feed to be notified of any interruptions to the EC2 service in the N. California and Ohio Regions. Which of the following will enable you to do that?
Service Health Dashboard
Which of the following are Amazon EFS (Elastic File Storage) storage classes?
Standard Infrequent Access
Which of the following statements are true of the AWS Free Tier?
Some AWS services are free for the first 12 months following the initial sign-up date to AWS. Some AWS services come with short-term free trial offers.SELECTED
Upon attempting to create an additional S3 bucket, you realize that you have reached your S3 bucket limit in your AWS account. You anticipate creating even more S3 buckets in the future for your photos and documents. Which of the following is the quickest solution?
Submit a service limit increase.
According to the AWS Shared Responsibility Model, which of the following is the customer responsible for?
Subnets Security Groups Network access control lists (network ACLs)
A telecommunications company has his hired you as a consultant to develop a business case for moving its IT applications and infrastructure to AWS. The company's leadership understands the agility value of the cloud, but the finance group is not interested in shifting capital expense to operating expense due to the company's tax structure. What will you include in the business case to attempt to satisfy everyone at the company?
Suggest that the company make reserved instance purchases and capitalize them
Classic Load Balancers
Test & Dev, Keep Costs Low
Which of the below methods can you use to interact with Glacier?.
The AWS CLI The RESTful Glacier web service Amazon S3 Lifecycle Policies The Java or .NET SDKs
You've been tasked with assessing your AWS infrastructure in terms of cost optimization. Which of the following AWS services would help with this task?
Trusted Advisor
Which of the following statements is true of AWS Regions?
They are composed of Availability Zones They are independent geographical areas
Which of the following AWS services can help you assess the fault-tolerance of your AWS environment?
Trusted Advisor
You want to streamline access management for your AWS administrators by assigning them a pre-defined set of permissions based on their job role - which of the below is the best way to approach this?
Use IAM Groups
Which of the following AWS services are free to use?
VPC Auto-Scaling IAM CloudFormation Elastic Beanstalk
What does WAF stand for?
Web Application Firewall
Redshift
fully managed petabyte-scale services based on Postgres, good for Big Data, data warehousing service
When might Auto Scaling be used?
When you require scalable capacity to maintain service levels in your environment
Billing Alerts/Billing Alarms
Will alert you automatically when a certain level of AWS spend has been reached.
Which of the following is the AWS email and calendaring service?
WorkMail
ElastiCache
in-memory data store solution in the cloud, fast, great for reporting
Is tag editor global?
Yes
Elasticsearch Service
fully managed service for Elastic.co's elasticsearch framework , allows high speed querying and analysis of data
When setting up an Organization in AWS, which of the below is true when selecting which features to enable?
You can select to have just Consolidated Billing enabled You can select to have Consolidated Billing, plus all other features enabled
Amazon Inspector
automated security assessment service, help identify vulnerabilities
AWS Service Migration Service
automates migration of on-premise workloads
CodeDeploy
automates software deployment to compute services such as EC2 and Lambda and on-premise
6 Advantages of Cloud
a. Trade CX for Variable Expense b. Benefit from massive economies of scale c. Stop guessing about capacity d. Increase speed and agility e. Stop spending money running and maintaining DCs f. Go global in minutes
Enterprise
all features of business + TAM & Support Concierge, access to Infra Event Mgmt, 15 minute response to critical cases (starts at $15k/mo)
Amazon Pinpoint
allows SMS, email and mobile push notifications for targeted marketing campaigns as well as direct messages to customers like "confirmation messages"
AWS Greengrass
allows you to run local AWS Lambda functions on AWS IoT connected devices
CloudFormation
allows you to use a text file to define your infrastructure, deploy resources onto the AWS Cloud ○ Provisioning ○ Monitoring and Logging ○ Operations Management ○ Configuration Management
Transcribe
automatic speech recognition service
X-Ray
analyze and debug apps
Athena
analyze data stored in S3 bucket with standard SQL Statements
AWS Device Farm
app-testing service for Android, iOS and web apps - test app against physical devices
Resource Groups
apply automation to resources tagged with specific tags - example - stop all EC2 instances in a specific region
Spot Instances
are an Amazon EC2 pricing mechanism that lets you purchase spare computing capacity with no upfront commitment at discounted hourly rates.
AWS Config
assess, audit and evaluate config of resources - simplifies compliance auditing, change mgmt, operational troubleshooting
Elemental MediaLive
broadcast grade live video processing service
AWS Service Catalog
catalog resources that can be deployed on the cloud, achieves common scenarios and governance
Glacier
cheapest storage options - used for long-term archiving (not as readily usable as S3)
Simple Email Service
cloud based bulk email service
Amazon Cloud Directory
cloud based directory service, hierarchies of data in multiple dimensions
Kinesis
collect, process and analyze real-time streaming data
AWS Mobile Hub
configure AWS services for mobile apps in 1 place, generates cloud config file
Transit Gateway
connects up to 5K VPCs and on-premises environments with a single gateway, acts as a hub for all traffic to flow through, fully managed, HA, flexible routing service, essentially a global route table
Step Functions
coordinate components of applications and micro-services using a visual workflow
Simple Workflow Service (SWF)
coordinates multiple components of applications (similar to Step Functions)
API Gateway
fully managed service for developers to create and develop APIs, serverless service
Basic
cust svc for account and billing questions, access to forums (free)
DeepLens
deep learning enabled video camera, has SDK
Gamelift
deploy game servers in AWS
The auto-scaling group defines:
desired, minimum and maximum capacity
CodeStar
develop and deploy app in AWS, integrated issue tracker
Elastic Load Balancer (ELB)
distributes traffic to multiple EC2 instances and Availability Zones, HA, FT, can bypass unhealthy instances, TLS termination, allows for connection draining -Application LB (Layer 7 - HTTP/S traffic) ○ Network LB (Layer 4 - TCP traffic)
EC2 Autoscaling
dynamically scale capacity up or down based on defined conditions, can also perform health checks
CloudFormation
enables you to create and provision AWS infrastructure deployments predictably and repeatedly. It helps you leverage AWS products such as Amazon EC2, Amazon Elastic Block Store, Amazon SNS, Elastic Load Balancing, and Auto Scaling to build highly reliable, highly scalable, cost-effective applications in the cloud without worrying about creating and configuring the underlying AWS infrastructure. AWS CloudFormation enables you to use a template file to create and delete a collection of resources together as a single unit (a stack).
Key Management Service (KMS)
encryption keys, integrates well w/ S3, Redshift & EBS
Snowmobile
exabyte-scale semi-truck, can hire armed guards, two drivers
Neptune
fast, reliable, fully managed graphing DB
Elemental MediaConvert
file based media converting service
SageMaker
flagship ML product, build and train ML models
Simple Notification Service (SNS)
flexible pub/sub notification service, publish topic and subscribe to topic, push notifications
Fargate
fully managed container service, provisioning and managing clusters, management of runtime environment, scaling
Simple Queue Service (SQS)
fully managed message queuing service, allows messages to build up in a queue until message processing service can catch up with demand
IAM - Identity Access Management
global, not regional AWS can be accessed 3 different ways - console, programatically (command line), SDK Root account is email address used to setup AWS account. Secure root account using MFA. Group is a place to store your users Policies are always in JSON - JavaScript Object Notation (referred to as key value pairs)
Amazon EMR
hadoop framework as a service, helps you process large data sets
AWS CloudHSM
hardware security module - dedicated, achieve corporate and regulatory compliance
AWS Landing Zone
helps customers setup secure multi-account environments based on AWS Best Practices 1. Org Account 2. Security Account 3. Log Archive Account 4. Shared Services Account
Elastic Block Store (EBS)
highly available, low latency storage, specifically for servers using EC2
Elastic Container Service (ECS)
highly scalable high performance container mgmt service for docker containers
Simple Monthly Calculator
hosted on S3 - calculates if you do it in AWS
You visit a clients site and get called into a corridor discussion. You are asked to describe the new (2019) URL structure for objects in S3. Which of these do you use as a description.
https, then the bucket name, then dot, then the AWS S3 regional endpoint, then slash, then the object name
Storage Gateway
hybrid storage between on-premise and cloud, caches more frequently used data on premise and less frequently used data in the cloud, essentially a file system mount on S3
Elemental MediaTailer
insert ads into video streams which are personalized
Shield
intended to stop DDOS attacks - two types - Standard and Advanced
WAF
intended to stop hackers w/ SQL injections or cross-site scripting
AWS Systems Manager
interface for operational data from multiple AWS service and automate tasks across resources
Redshift
is a fast, fully managed, petabyte-scale data warehouse service that makes it simple and cost-effective to efficiently analyze all your data using your existing business intelligence tools. It is optimized for datasets ranging from a few hundred gigabytes to a petabyte or more and costs less than $1,000 per terabyte per year, a tenth the cost of most traditional data warehousing solutions.
Relational Database Service
is a web service that makes it easier to set up, operate, and scale a relational database in the cloud. It provides cost-efficient, resizable capacity for an industry-standard relational database and manages common database administration tasks.
AWS Certificate Manager
issues SSL certs, integrates w/ CloudFront and Route53, free certs
NoSQL
key value pair, documents, graphs, scale horizontally
CloudFront is used to route users to the edge location that provides the lowest amount of time delay in delivering content. Which of the following terms describes this 'time delay'?
latency
Amazon Lightsail
launch VMs running applications, AWS will provision DB, storage, etc..
Elastic File System (EFS)
network attached storage, specifically for EC2
VPC Peering
no IGW or VGW required, highly available connections, not a single point of failure, no bandwidth bottlenecks, traffic always stays on the global AWS backbone
Trusted Advisor
online expert system that can analyze AWS account and resources inside and advise on how to achieve high security and performance
AWS Artifact
online portal that provides access security and compliance documentation
Trusted Advisor
online resource to help reduce cost, increase performance, improve security - looks at entire AWS account - core checks and recommendations (free) and full trusted advisor (for business and enterprise only), global service
AWS Database Migration Services
orchestrates migration of DBS to AWS, can convert DB engine types
Snowball
petabyte-scale storage used to migrate data from local to cloud
AWS Organizations
policy-based management for organization w/ multiple accounts
AWS Snowball
portable petabyte-scale data migration device
Elemental MediaPackage
prepares video content for delivery over the internet, uses DRM
Developer
primary contact can ask tech questions, response 12-24 hours during local business hours (starts at $29/mo)
Direct Connect
private connection to AWS Cloud where standard internet connection isn't adequate
AWS Shield
protection against DDOS attacks, standard version implemented automatically on all AWS accounts
Reservations
provide you with the ability to receive a greater discount, up to 75 percent, by paying for capacity ahead of time. More detail is provided in the section, "Optimizing costs with reservations."
CloudWatch
provides a reliable, scalable, and flexible monitoring solution that you can start using within minutes. You no longer need to set up, manage, and scale your own monitoring systems and infrastructure.
S3 - Simple Storage Service
provides developers and IT teams w/ secure, durable and highly salable object storage
Dynamic
scaling based on CPU
Scheduled
scaling based on time
Amazon WordDocs
secure file collaboration service in AWS for file types such as doc, pdf, etc...
Amazon Connect
self-service contact center, pay-as-you-go pricing model, drag and drop interface
Cognito
sign-in and sign-up capability, use w/ SAML 2.0 providers and others such as Google and Facebook
Web Application Firewall (WEF)
sits in front of website to provide protection against common attacks such as SQL injection or cross-site scripting
Elemental MediaStore
storage service in cloud optimized for media
Amazon AppStream 2.0
stream desktop apps from AWS to HTML5 compatible web-browser
Kinesis Video Streams
streams video from connected devices through AWS for ML
To stay within the AWS Free Tier using Amazon EC2 for the first 12 months of having an AWS account, which of the following instance types should you use?
t2.micro
Comprehend
use DL to analyze text for insights and relationships
Translate
use ML to accurately translate text to other languages
AWS Quick Start
way to deploy environments quickly using CloudFormation templates built by those who are experts in that area
Cloudtrail
you can monitor your AWS deployments in the cloud by getting a history of AWS API calls for your account, including API calls made via the AWS Management Console, the AWS SDKs, the command line tools, and higher-level AWS services. You can also identify which users and accounts called AWS APIs for services that support CloudTrail, the source IP address the calls were made from, and when the calls occurred. You can integrate CloudTrail into applications using the API, automate trail creation for your organization, check the status of your trails, and control how administrators turn CloudTrail logging on and off.
SQS
○ If average demand exceeds processing capacity, queue will grow indefinitely ○ Can provide CloudWatch metrics that can be used with autoscaling ○ If need to decrease cost of SQS - choose long pulling
Storage Classes
○ S3 standard - 11x9's durability ○ S3 infrequently accessed, lower fee but has retrieval fee ○ S3 One Zone infrequently accessed ○ S3 intelligent tiering - designed to optimize costs sans performance impact ○ S3 Glacier - secure and durable low-cost ○ S3 Glacier Deep Archive - retrieval time of 12 hours
CloudFront
○ Web - typically used for websites ○ RTMP - used for media streaming ● Objects are cached for the life of the TTL (usually 48 hours) ● Can clear cached objects, but you will be charged
S3 scales
● Automatically to meet your demand
CloudFront
● Content Delivery Network (CDN) ● Edge Location - location where content is cached ● Origin - origin of all files that the CDN will distribute - can be S3 bucket, EC2 instances, ELB or R53 ● Distribution - name given to the CDN which consists of a collection of Edge Locations
S3
● Safe place to store your files (file size can be 0 bytes to 5TB) ● Object-based storage (allows you to upload files) ● Data is spread across multiple devices and facilities ● Unlimited Storage ● Files are stored in buckets ● S3 is a universal namespace - must be unique across AWS
S3 to host
● Static websites (such as .html)
Bucket Policies
● You can use bucket policies to make entire S3 buckets public
S3
●https://s3-eu-west-1.amazonaws.com/bucketname ● HTTP 200 code if upload is successful ● Key (this is the name of the object) ● Value (data and is made up a sequence of bytes) ● Version ID ● Metadata (data about data) ● Subresources - ACLs, Torrent
