Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
129 Cards in this Set
- Front
- Back
- 3rd side (hint)
|
What is a lifecycle policy?
|
Within S3, a lifecycle policy is a set of rules that automate the migration of an object's storage class to a different storage class (or deletion) at specified time intervals.
|
|
|
|
How much data does Kinesis store?
|
Kinesis automatically stores 24 hours of data, but may store up to 7 days
|
|
|
|
True or False: Snapshots are only for EBS volumes.
|
TRUE!!! Instance Store cannot be backed up with a snapshot
|
|
|
|
DynamoDB: Eventually consistent reads (definition)
|
1) Consistently across all copies of data is usually reached within a second2) Repeating a read after as shoot time should return the updated data (best read performance)
|
|
|
|
S3-IA (definition)
|
1) For data that is accessed less frequently2) But requires rapid access when needed3) Lower fee than S3 tier, but you are charged a retrieval fee
|
|
|
|
Lambda (use case)
|
1) As an event-driven compute service where AWS Lambda runs your code in response to events2) There could be:-Changes to data in a S3 bucket OR a DynamoDB table-As a compute service to run code in response to HTTP request
|
|
|
|
EC2 Placement Groups (definition)
|
1) A placement group is a logical grouping of instances within a single availability zone2) Using placement groups enables applications to participate in a low latency, 10 Gbps network3) Placement Groups are recommended for applications that benefit from low network latency, high network throughput, or both
|
|
|
|
Route53 weighted Routing (definition)
|
1) Used to distribute traffic between instances, ELB, or on-premise data2) Great for load testing or when migrating applications
|
|
|
|
S3 Bucket Policies Elements: Principal
|
1) The AWS account or IAM user that the policy applies to.
|
|
|
|
Audits/Shared Model (managed by the customer)
|
1) Customer Data2) Users & Roles3) Account Management4) Applications5) Firewalls6) Network configuration7) Guest Operating Systems
|
|
|
|
IAM Root Account (Definition)
|
1) The initial sing-up email address2) AWS account has Admin Access
|
|
|
|
S3 Buckets |
1) Files/Objects are stored in "buckets" 2) Name Must be unique globally |
Name |
|
|
AWS Lambda (definition)
|
1) Lambda is a compute service where you can upload your code and create a Lambda function2) AWS Lambda takes core of provisioning and managing the servers that you are use to run the code3) You don't have worry about O.S. patching/scaling
|
|
|
|
S3 Glacier (definition)
|
1) Very cheap2) used for archival only3) It takes 3-5 hours to restore data from Glacier4) Only $0.01 per GB/per month
|
|
|
|
VPC: Benefits |
1) Launch instances into a subnet of your choosing 2) Assign custom IP address range in each subnet 3) Configure route tables between subnets 4) Create internet gateways and attach them to subnets (or not) 5) Much better security control over your AWS resources-Instance security groups-Subnet network access control list (ACLs) |
|
|
|
EC2: T2 (speciality & use case)
|
1) Speciality: Low cost, general purpose2) Use case: Web server/small databases
|
|
|
|
VPC ACL (abbrev & definition)
|
ACL = Access Control List1) Act's almost like a firewall2) Allows you to put down networks rules across entire subnets (rather than doing it through security groups)3) Overrules Roles in security groups4) Numbered list of rules that are evaluated in order, starting with the lowest # rule first
|
|
|
|
S3 Bucket Policies Elements: Resources |
1) A bucket or an object is a resource that you are creating allow/deny permissions for *NOTE: An explicit DENY always overrides an explicit ALLOW |
|
|
|
EC2 Reserved Instances (when to use)
|
1) Applications have steady state or predictable usage2) Applications that require reserved capacity3) Users able to make upfront payments to reduce their total computing cost even further*NOTE: When you know what you will need for the next 12+ months
|
|
|
|
Route53 Latency based routing (definition) |
1) Used to send traffic (users) to the "closest" region based off of latency 2) Acts like a "load balancer" between regions |
Region |
|
|
VPC Peering |
1) Allows you to connect on VPC with another via a direct network route using private IP Address 2) Instances behave as if they were on the same network 3) You can peer VPCs with other AWS accounts as well as with other VPCs in the same account 4) Peering is in a star configuration, i.e. one central VPC peers with four other |
|
|
|
EC2 Intance Payment Options (list)
|
1) On-demand2) Reserved3) Spot
|
|
|
|
EC2: RAID 5 (definition)
|
1) Good for reads2) Bad for writes3) AWS does NOT recommend EVER putting RAID 5's on EBS volumes
|
|
|
|
VPC (use case)
|
1) You can easily customize the network config for you VPC2) For example, you can create a public-facing subnet for your web servers that has access to the internet, and place your backend system such as database or application servers in a private-facing subnet with NO internet access3) You can leverage multiple layers of security, including security groups, and network access control list, to help control access to EC2 instance in each subnet
|
|
|
|
S3 Bucket Polices Element: Resources
|
1) A bucket or an object is a resource that you are creating allow/deny permissions for*NOTE: An explicit DENY always overrides an explicit ALLOW
|
|
|
|
S3 (abbrev)
|
Simple Storage Service
|
|
|
|
EC2: AMI Template (definition)
|
1) A template for the root volume for the instance2) For example, an operating system , an application server, and applications
|
|
|
|
Security Groups
|
1) Operates on the instance layer2) Supports "allow" rules only3) Is "stateful", so return traffic request are allowed regardless of rules4) Evaluates ALL rules before deciding to allow traffic
|
|
|
|
Snapshots (definition)
|
1) Exist on S32) You can take a snapshot of a volume, this will store that volume on S33) Point-in-time copies of volumes4) Snapshots are incremental, this means they store the blocks that have changed since you last snapshot5) First snapshot may take some time to create, since it is copying the entire volume (not just the changes)
|
|
|
|
EC2 CloudWatch (definition)
|
1) Monitor resources and applications2) Collect and track metrics3) Collect and monitor log files4) Set alarms5) Automatically react to changes in AWS resources
|
|
|
|
SAML (abbrev)
|
Security Access Markup Language
|
|
|
|
IAM Policies (definition)
|
A document that defines one (or more) permissions
|
|
|
|
EC2 RAIDS (definition)
|
1) Essentially putting a whole bunch of disks together and they act as one disk to the operating system2) Used when you are NOT getting the disk I/O's that you require3) RAID 0 & 10 used most
|
|
|
|
Default vs. Custom VPC
|
1) Default VPC is user friendly, allowing you to immediately deploy instances2) All subnets in a default VPC have an internet gateway attached3) Each EC2 instance has both a public and a private IP address4) If you delete the default VPC the only way to get it back is to contact AWS
|
|
|
|
VPC Restrictions (limits) |
1) 5 Elastic IP addresses 2) 5 internet gateways 3) 5 VPCs per region (can be increased on request) 4) 50 VPN connections per region 5) 50 VPN Customer Gateways per region 6) 200 Customer Gateways per region 7) 100 Security Groups per VPC |
|
|
|
Identity Store (who) |
1) Facebook 2) Active-directory 3) Google 4) Amazon |
|
|
|
Aurora Scaling
|
1) Start with 10GB, scales in 10GB increments to 64TB2) Compute resources can scale up to 32vCPUs and 244GB of memory
|
|
|
|
IAM (abbrev)
|
Identity Access Management
|
|
|
|
Redshift (definiation)
|
1) A fast powerful, fully managed petabyte-scale data warehouse service in the cloud2) Customers can start small for just $0.25 per hour with NO commitments or upfront cost and scale to a petabyte or more for $1000 per terabyte per year. Which is less than a tenth of most other data warehouse solutions
|
|
|
|
Centralized Loggin (3rd party)
|
1) Rsylog (native to linux)2) Splunk3) Kiwi-made available to S3 for "download" via cronjobs
|
|
|
|
EC2: C4/C3 (specility & use case)
|
1) Speciality: Compute optimized2) Use case: CPU intensive apps/DBs
|
|
|
|
IAM Secret Key (definiation) |
Secret Access Key = password *NOTE: API access only, not for console login *NOTE: You can only view/download once (when generated) |
|
|
|
EC2 On-demand (definition)
|
1) Allows you to pay a fixed rate, by the hour, with no commitment*NOTE: Expecting a "black" Friday sale and may need 4 extra servers for 1 day
|
|
|
|
Network ACL
|
1) Operates on the subnet/network level2) Supports ALLOW & DENY rules3) Stateless, so return traffic must be allowed through an outbound rule4) Process rules in NUMBER ORDER (lower #'s overrule higher #'s)
|
|
|
|
EBS Volumes (definition)
|
1) Allow you to create storage volumes and attach them to EC2 instances2) Once attached, you can create a file system on top of these volumes, run a database, or use them in any other way you would use a block device3) EBS volumes are placed in a specific availability zone, where they are automatically replaced to protect from the failure of a single component
|
|
|
|
EC2: D2 (speciality & use case) |
1) Speciality: Dense storage 2) Use case: File servers, data warehousing, Hadoop |
Data |
|
|
IAM (benefits/list) |
1) Centralized control of your AWS account 2) Shared access to your AWS account 3) Granular permissions 4) Identity federation (Active Dir, facebook, etc) 5) Multifactor Identification (MFA) 6) Provide temporary access for users/devices/service 7) Setup password rotation policy 8) Integrates with many different AWS services 9) Supports PCI DSS Compliance |
|
|
|
OLAP (abbrev)
|
Online Analytic Processing
|
|
|
|
EC2: selecting an AMI (based on) |
1) Region 2) Operating system 3) Architecture (32-bit/64-bit) 4) Launch Permissions 5) Storage of the root-Referred to as "root" device volume-Instance store (ephemeral storage)-EBS backed volumes |
|
|
|
S3 Object Component (list) |
1) Key 2) Value 3) Version ID 4) Meta Data 5) Sub resources 6) Access controls |
|
|
|
Identity Broker
|
A service that allows you to take an identity from point "A" and federate it to another identity at point "B"
|
|
|
|
EBS (abbrev)
|
EBS = Elastic Block Store
|
|
|
|
OLTP (abbrev)
|
Online Transactional Processing
|
|
|
|
S3 Version ID (definition)
|
How different versions of file are labeled in an S3 bucket when versioning is enabled.
|
|
|
|
S3 Pricing (based on)
|
1) Storage Type2) Request3) Amount of data transferred
|
|
|
|
Audits/Shared Model (managed by AWS)
|
1) Virtualization layer2) Compute infrastructure3) Storage infrastructure4) Network infrastructure5) Facilities physical security6) AWS global infrastructure
|
|
|
|
EC2 Spot Instances (definition)
|
1) Enables you to big whatever price you want for instance capacity, providing for even greater savings if your applications have flexible start and end times*NOTE: Pricing depends on market conditions. Your instance can be pulled if the "ask" price goes above your "bid" price
|
|
|
|
S3 Key (definition)
|
The name of the object
|
|
|
|
S3 Standard Storage (definition)
|
Availability = 99.99%Durability = 99.999999999% (11 nines)1) Stored redundancy across multiple devices in multiple facilities and is designed to sustain the loss of TWO facilities concurrently
|
|
|
|
Aurora (definition)
|
1) Is a MySQL-compatible, relational database engine that combines the speed and availability of high-end commercial databases with the simplicity cost-effectiveness of open source databases2) Provides up to five (5) times better performance than MySQL at 1/10th the price
|
|
|
|
EC2: RAID 0 (definition)
|
1) Stripped2) No redundancy3) Good performance
|
|
|
|
EC2: RAID 1 (definition)
|
1) Mirrored2) Redundancy
|
|
|
|
S3 Storage Tiers (list)
|
1) S32) S3-IA (infrequent access)3) RRS (reduced redundancy storage)4) Glacier
|
|
|
|
EC2: AMI's (list)
|
1) Template2) Launch Permissions3) Block device mapping
|
|
|
|
EC2 EFS (definition)
|
1) A file storage service for Amazon Elastic Compute Cloud (EC2) instances2) Amazon EFS is easy to use and provides simple interfaces that allows you to create and configure file systems quickly and easily3) With EFS, storage capacity is elastic, growing/shrinking as you add/remove files. So your apps have the storage they need and when they need it.
|
|
|
|
S3 Bucket Policies Elements: Actions
|
1) Identity resources operations that you allow or deny*NOTE: i.e. list objects/upload objects
|
|
|
|
S3 File Size
|
1) Files can be 0 byte to 5 TB in size2) Unlimited storage (for each account)
|
|
|
|
EC2 Instance Types (list)
|
1) T22) M43) M34) C45) C36) R37) G28) I29) D2
|
|
|
|
S3 Availability & Durability
|
1) Availability = 99.99%2) Durability = 99.999999999% (11 nines)
|
|
|
|
EC2 Spot Pricing Instance (when to use)
|
1) Applications that have flexible start and end times2) Applications that are only feasible at very low compute prices3) Users with urgent computing needs for large amounts of additional capacity4) ONLY use IF you can have downtime
|
|
|
|
DynamoDB Configuration: Benefits |
1) Stored on SSD storage (no magnetic storage) 2) Spread across 3 geographical distinct data centers-Eventually Consistent reads (default) OR-Strongly Consistent Reads |
|
|
|
SNS (abbrev)
|
Simple Notification Service
|
|
|
|
EC2: AMI (abbrev & definition)
|
AMI = Amazon Machine Image1) A pre-baked virtual machine2) Comes with different operating systems
|
|
|
|
SWF (definition) |
1) A web service that makes it easy to coordinate work across distributed application components 2) Enables application for a range of use cases, including media processing, web applications backends, business process workflows, and analytics pipelines, to be designed as a coordination of tasks 3) Tasks represent invocations of various processing steps in an application which can be performed by executable code, web service calls, human actions, and scripts |
|
|
|
DNS (abbrev & definition) |
DNS = Domain name system 1) Route and users to interact applications by translating names like www.example.com into numeric IP addresses like 192.0.2.1 that computers use to connect to each other 2) Think of DNS like a phone book |
|
|
|
S3 Bucket Policies Elements: Effect
|
1) Defines if the policy is allowing/denying the above action
|
|
|
|
Route53 (definition)
|
1) A highly available and scalable cloud Domain Name System (DNS) web service2) Names after port 53, which is the DNS Port
|
|
|
|
IAM Groups (definition)
|
A collection of users
|
|
|
|
EC2 Bash Scripts (definition) |
1) Use bash scripts to start moving code around from the S3 buckets to EC2 instances 2) Turn on apache/move code/files to EC2 3) For automation |
|
|
|
Types of Databases (list)
|
1) Relational (OLTP)-MySQL-SQL-Postgres-Oracle-Aurora2) Non-relational Database (NoSQL)-DynamoDB3) Data warehouse databases (OLAP)-RedShift
|
|
|
|
EC2: IOPS (abbrev & definition)
|
IOPS = Input/Output per second1) How fast the disk is from a read/write capacity2) The more IOPS you have, the faster you can read/write to a disk (EBS)
|
|
|
|
EC2: R3 (speciality & use case) |
1) Speciality: Memory optimized 2) Use case: Memory intensive apps/DBs |
|
|
|
Elastic Load Balancers
|
1) Can be in or our of service2) Automatically distributes incoming application traffic across multiple EC2 instances3) Perform health checks4) Have their own DNS name. You are never given an IP address.
|
|
|
|
EC2: Volumes |
1) Exist on EBS 2) Basically a virtual hard disk |
|
|
|
EC2 (definition) |
1) A web based service that provides resizable compute capacity in the cloud 2) Reduces the time required to obtain and boot new server instances to minutes, allowing you to quickly scale capacity, both UP and DOWN, as your computing requirements change |
|
|
|
EC2 RAID (abbrev)
|
RAID = Redundant Array of Independent Disks
|
|
|
|
EC2: AMI (definition)
|
1) AMI provides the information required to launch a virtual sever in the cloud2) You specify and AMI when you launch an instance3) You can launch as many instances from AMI that you need4) You can also launch instances from as many different AMI's as you need
|
|
|
|
DynamoDB (definition)
|
1) Fast and flexible NoSQL database service for all applications that need consistent, single-digit millisecond latency at any scale2) It is a fully managed database and supports both documented and key-value data models3) It's flexible data model and reliable performance make it a great fit for mobile web, gaming, ad-tech, IoT, and many other applications
|
|
|
|
S3 RRS (definition)
|
Availability: 99.99%Durability: 99.99%1) Storage for objects that CAN be lost (since they can be regenerated, i.e. pictures thumbnails)
|
|
|
|
EC2 EFS (abbrev)
|
EFS = Elastic File System
|
|
|
|
IAM Roles (definition) |
You create and can assign them to AWS resources like an EC2 instance (which you can't do with IAM access polices). |
Roles to resources |
|
|
EC2: M4/M3 (speciality & use case)
|
1) Speciality: General purpose2) Use case: Application servers
|
|
|
|
EBS Volume Types (list) |
1) General purpose SSD 2) Provisioned IOPS SSD 3) Magnetic (standard) |
|
|
|
EC2 Reserved Instances (definition)
|
1) Provide you with capacity reservation2) Offers a significant discount on the hourly charge for an instance (massive discount over on-demand)3) 1-3 year terms* NOTE: You will always have a minimum steady state
|
|
|
|
EC2 EFS Features (list)
|
1) Supports the Network File System (NFSv4)2) You only pay for the storage you use ($0.30 per GB of storage)3) Can scale up to petabytes4) Can support thousands of concurrent NFS connections5) Data is stored across multiple AZ's within a region6) Block based storage, NOT object based
|
|
|
|
Route53 & DNS Failover
|
1) You can setup a "primary" and "failover" DNS-"Cross-region failover"-Send failover to S3, on-premise or other regions2) Setup primary "A" record3) Setup health check for that4) Setup failover "A" record
|
|
|
|
EC2: RAID (list)
|
1) RAID 02) RAID 13) RAID 54) RAID 10
|
|
|
|
Federation
|
1) Grant temporary access to users on a corporate network without having to create IAM credentials for each user2) Single sign-on would be allowing federated users to login to the AWS console without having IAM users defined*NOTE: For mobile use: Use facebook/amazon/google to authenticate
|
|
|
|
Magnetic: EBS Volumes (definition)
|
1) Lower Cost per gigabyte of all EBS volume types2) Magnetic Volumes are ideal for workloads were data is accessed infrequently, and applications where the lowest storage cost is important
|
|
|
|
Identities
|
1) A user or "identity" within a service (facebook, etc)
|
|
|
|
EC2 Meta Data Link (URL)
|
curl http://169.254.169.254/latest/meta-data
|
|
|
|
SWF (abbrev)
|
Simple Workflow Service
|
|
|
|
S3 Meta Data (definition)
|
1) Data about the data you storing
|
|
|
|
EC2: AMI Launch Permissions (definition)
|
1) Launch permissions that control which AWS accounts can use the AMI to launch instances
|
|
|
|
Redshift Configuration
|
1) Single Node (160 GB)2) Scale to Multi-Node-Leader node (manages client connections and receives queries)-Compute Note (store data and perform queries and computations, up to 128 compute nodes
|
|
|
|
EC2: I2 (speciality & use case)
|
1) Speciality: High speed storage2) User case: NoSQL DBs, data warehousing
|
|
|
|
S3 Storage Type
|
1) Object based storage (files, docs, pictures)2) NOT operating systems or databases
|
|
|
|
EC2: AMI Block Device Mapping (definition)
|
1) A block device mapping that specifies the volumes to attach to the instance when it's launched
|
|
|
|
Elasticache (use case) |
1) Can be used to significantly improve latency and throughput for many read-heavy application workloads (such as social networking, gaming, media sharing, Q&A) OR compute intensive workloads (such as a recommendation engine) 2) Caching improves app performance by storing critical data in memory for lower latency access |
Read heavy apps |
|
|
SWF vs. SQS
|
1) SWF presents a "task-oriented API"2) SQS offers a "message-oriented" API
|
|
|
|
IAM Access Key (definition)
|
Access Key ID = User Name*NOTE: API, not console login
|
|
|
|
BGP Routing (abbrev & definition)
|
BGP = Border Gateway Protocol1) Your network provider will pair up with your ASN and IP prefixes2) Amazon then will advertise public IP prefixes for that region via BGP3) Direct Connect customers in the U.S. will receive IP prefixes for all U.S. regions
|
|
|
|
Elasticache (definition)
|
1) Service that makes it easy to deploy, operate, and scale and in-memory cache in the cloud2) Improves performance of web applications3) Supports two open source in-memory caching engines (Memcached & Redis)
|
|
|
|
EC2: G2 (specialty & use case) |
1) Speciality: Graphics/General purpose GPU 2) Use case: Video encoding, machine learning, 3D application streaming |
|
|
|
SQS (abbrev)
|
Simple Queue Service
|
|
|
|
EC2: RAID 10 (definition)
|
1) Striped & Mirrored2) Good redundancy3) Good performance4) Combination of RAID 0 & 1
|
|
|
|
EBS Provisioned IOPS SSD (definition)
|
1) Designed for I/O intensive applications such as:-Large relational or NoSQL DBs-Use if you need more than 10,000 IOPS
|
|
|
|
IAM Users (definition)
|
End users - think people
|
|
|
|
S3 Value (definition)
|
1) The data2) Is made up of a sequence of bytes
|
|
|
|
EC2 (abbrev)
|
EC2 = Elastic Compute Cloud
|
|
|
|
IAM (definition)
|
IAM = Identity Access Management
|
|
|
|
S3 (definition)
|
S3 = Simple Storage Service
|
|
|
|
EC2 On-demand (when to use)
|
1) Users that want low cost and flexibility of EC2 without any upfront payment or long-term commitment2) Applications with short term, spiky, or unpredictable workloads that cannot be interrupted3) Applications being developed or tested on EC2 for the first time*NOTE: Use for short term projects/Temporary Dev environments
|
|
|
|
CIDR (abbrev & definition)
|
CIDR = Classless Interdomain Routing1) Basically, subnetting2) Most common is 10.0.0.0/16
|
|
|
|
Aurora Availability
|
1) 2 copies of your data is contained in each availability zone, with a minimum of 3 availability zones*NOTE: 6 copies of your data2) Can handle loss of up to 2 copies without effecting WRITE availability3) Can lose up to 3 copies without effecting READ availability
|
|
|
|
SNS (definition)
|
1) A web service that makes it easy to setup, operate, and send notifications from the cloud2) It provides developers with a highly scalable, flexible, and cost-effective capability to publish messages from an application and immediately deliver them to subscribers or other applications
|
|
|
|
SQS (definition) |
1) Is a web service that give you access to a message queue that can be used to store messages while waiting for a computer to process them 2) The queue acts as a buffer between the component and saving data, and the component receiving the data for processing |
|
|
|
Security Token Service (STS)
|
1) Allows you to grant a trusted user temporary and limited access to AWS resources*NOTE: Active-directory => temp user
|
|
|
|
EBS General Purpose SSD (definition) |
1) Designed for 99.999% availability 2) Ratio of 3 IOPS per GB, with up to 10,000 IOPS and the ability to burst up to 3,000 IOPS for short periods for volumes under 1 GB |
|
