Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
144 Cards in this Set
- Front
- Back
What is cloud computing? |
Cloud computing is the on-demand delivery of compute, database storage, applications, and other IT resources through a cloud services platform via the Internet, with pay-as-you-go pricing |
|
What are six advantages of cloud computing? |
1. Trade capital expense for variable expense 2. Benefit from massive economies of scale 3. Stop guessing about capacity 4. Increase speed and agility 5. Stop spending money running and maintaining data centers 6. Go global in minutes |
|
What are the three types of cloud computing? |
1. Infrastructure as a service: someone manages the server for you 2. Platform as a service: someone else manages the underlying hardware and operating systems. You just focus on apps, someone else worries about patching, security, updates, maintenance 3. Software as a service: someone takes care of data centers, servers, networks, storage, maintenance, patching, etc. |
|
What are the three types of cloud computing deployments? |
1. Public Cloud (AWS, Azure, Google Cloud) 2. Hybrid - mix of public/private 3. Private Cloud |
|
What is an AWS availability zone? |
A data center... which is just a building filled with servers |
|
What is an AWS region? |
A geographical area. Each region consists of 2 or more availability zones |
|
What s GovCloud and who is it available to? |
For federal government and private companies. Only available to US citizens or green-card holders to manage and access root account keys to US regions |
|
What are edge locations? What is the primary AWS edge service? |
Endpoints which are used for caching content. Typically this consists of CloudFront-- Amazon's CDN |
|
Are there more edge locations or regions? |
Many more edge locations |
|
What three factors are there to choosing the right AWS region? |
1. Data sovereignty laws (federal requirements, for example) 2. Latency to end users 3. AWS services can vary |
|
IAM policies are in what format? |
JSON |
|
What types of keys are in IAM policies? |
Effect, Action, Resource |
|
What three ways can you access AWS?
|
1. Console 2. Programmatically (CLI) 3. Software Developer's Kit (SDK) |
|
What does S3 stand for? |
Simple Storage Services |
|
What types of files can S3 hold? |
Flat files (any object that doesn't change) |
|
What is the max file size in S3? |
One file can be 5 terabytes |
|
S3 is a universal namespace... what does that mean? |
Bucket names must be unique at the global level |
|
What are the four elements of an S3 object? |
1. Key (name) 2. Value (data) 4. Subresources (access control lists and torrent) |
|
How does data consistency work for S3? |
1. Read after write consistency for PUTs of new objects (immediately read new objects) 2. Eventual consistency for overwrite PUTs and DELETEs (can take some time to propogate) (near-immediately read updated objects) |
|
What are the Amazon standards for durability and availability? |
durability: 99.9%(x11) availability: 99.9% (guaranteed) |
|
What are the 5 primary features of S3? |
1. Tiered Storage 2. Lifecycle Management 3. Versioning 4. Encripytion 5. Secure data using access control lists and bucket policies |
|
What status code results on a successful upload to S3? |
HTTP200 |
|
What are the six storage classes? |
1. S3 Standard (designed to sustain loss of 2 concurrent facilities) 2. S3 - IA (Infrequent, but rapid, Access) (charged a retrieval fee) 3. S3 One Zone - IA 4. S3 Intelligent Tiering (optimize cost) 5. S3 Glacier(low-cost data archiving) 6. S3 Glacier Deep Archive (12-hour retrieval time) |
|
What are the two primary charges from S3? |
1. Storage 2. Requests |
|
What is S3 transfer acceleration?
|
Files take advantage of CloudFront's globally distributed edge locations, and files go through Amazon's internal network |
|
What is S3 cross-region replication? |
Two buckets, everytime someone uploads a file to the primary bucket, it gets copied to a secondary bucket for disaster recovery |
|
What are three ways to restrict bucket access? |
1. Bucket Policies - applies across the whole bucket 2. Object policies - applies to individual files 3. IAM policies to Users & Groups |
|
What is a CDN? |
A CDN (Content Delivery Network) is a system of distributed servers (network) that deliver webpages and other web content to a user based on the geographic locations of the user, the origin of the webpage, and a content delivery server |
|
What is an edge location |
This is the location where content will be cached |
|
What is a CloudFront origin? |
This is the origin of all the files that CDN will distribute. This can be an S3 bucket, an EC2 instance, an Elastic Load Balances, or Route53 |
|
What is a CloudFront distribution? |
this is the name given to the CDN, which consists of a collection of edge locations |
|
What is the typical TTL for caching files? |
48 hours..although this is usually in seconds |
|
Can you clear cached objects? |
Yes, but you will be charged |
|
What is EC2? What does it do? |
Elastic Compute Cloud, a virtual server or servers in the cloud. It reduces the time required to obtain and boot new server instances to minutes, allowing you to quickly scale capacity, both up and down, as your computing requirements change |
|
What are the EC2 pricing models? |
1. On demand 2. Reserved 2a. Standard Reserved 2b. Convertible Reserved 2c. Scheduled Reserved 3. Spot pricing 4. Dedicated hosts |
|
What is On-Demand EC2 pricing? |
Pay a fixed rate by the hour (or second) with no commitment.
|
|
What is Reserved EC2 pricing? |
Reserved provides you with a capacity reservation, and offers a significant discount on the hourly charge for an instance. Contract terms are 1 or 3 year terms, and the more you pay up front, the better. |
|
What are the use cases for on-demand ec2 pricing? |
Use cases: 1. Low cost and flexibility of EC2 without any up-front payment or long-term commitment 2. Apps with short-term, spiky or unpredictable workloads that cannot be interrupted 3. Apps that are being developed or tested on EC2 for the first time |
|
What are the use cases for reserved ec2 pricing? |
Use Cases: 1. Apps with steady state or predictable usage 2. Apps that require reserved capacity 3. Users able to make upfront payments to reduce their total computing cost even further |
|
What is the price break on a standard ec2 reserved instance? |
Up to 75% off on-demand instances. The more you pay up front, and the longer the contract, the greater the discount |
|
What is a convertible reserved ec2 instance? |
Up to 54% off on demand capability to change the attributes of the instance, as long as the exchange results in the creation of reserved instances of equal or greater value |
|
What is a scheduled reserved ec2 instance? |
These are available to launch within the time windows you reserve. This option allows you to match your capacity reservation to predictable recurring schedule that only requires a fraction of the day, week, or month |
|
What is ec2 spot pricing? |
spot pricing enables you to bid whatever price you want for instance capacity |
|
what are use cases for ec2 spot instances? |
1. Apps with flexible start and end times 2. Apps that are only feasible at very low compute prices 3. Users with urgent computing needs who need large amounts of additional capacity |
|
What is ec2 dedicated hosts? |
these are physical ec2 servers dedicated for your use. Dedicated hosts can help you reduce costs by allowing you to use your existing server-bound software licenses |
|
What are use cases for ec2 dedicated hosts? |
1. Useful for regulatory requirements that may not support multi-tenet virtualization 2. Great for licensing which does not support multi-tenancy or cloud deployments 3. Can be purchased on-demand (hourly) 4. Can be purchased as a Reservation |
|
What is EBS? |
Amazon Elastic Block Storage allows you to create storage volumes and attach them to EC2 instances. This is a virtual disk in the cloud. |
|
What are the two types of EBS? What are the subtypes of each? |
1. Solid state drive 1a. General Purpose SSD (GP2) - balances price and performance for a wide variety of workloads 1b. Provisioned IOPS SSD (IO1) - highest-performance SSD volume for mission-critical low-latency or high-throughput workloads 2. Magnetic 2a. Throughput Optimized HDD (ST1) - low cost HDD volume designed for frequently accessed, throughput-intensive workloads 2b. Cold HDD (SC1) - lowest cost HDD volume designed for less frequently accessed workloads (file servers) |
|
How do linux computers talk to each other? |
SSH (port 22) |
|
How do windows computers talk to each other? |
Remote desktop protocol (port 3389) |
|
What ports are HTTP and HTTPS |
port 80 and port 443 |
|
What does a firewall do? |
A firewall enables communication through different ports. |
|
What sider address range would let anything in on a firewall?
|
0.0.0.0/0 |
|
What number means you're letting in just one IP address? |
32 |
|
Explain the difference between a public key and a private key |
Private Key:You can have hundreds of copies of the lock (public key), but the only thing that can open the lock is a key (private key). You only want one copy of that key. |
|
What are the 3 different types of load balancers |
Application load network load balancer classic load balancer |
|
What are application load balancers? |
It inspects packets, reads HTTP and HTTPS headers, and intelligently routes requests to different backend services accordingly. |
|
Is IAM global or regional? |
Global |
|
What are the six types of relational databases on AWS |
1. SQL Server 2. Oracle 3. MySQL Server 4. PostgresSQL 5. Aurora 6. MariaDB |
|
What are the two key features of RDS |
1. Multiple availability zones (disaster recovery) 2. Read Replicas (for performance-- can have 5 copies) |
|
What are the equivalents of tables, rows, and fields in non-relational databases? |
Tables: collection (columns can vary, does not affect other rows in DB) Rows: Documents Fields: Key-value pairs |
|
What is Amazon's non-relational database called? |
DynamoDB |
|
What are features of OLTP? |
Online Transaction Processing - index query returns or inserts one row |
|
What are features of OLAP? |
Online Analytics Processing -Returns or inserts many records, may do calculations -Spurred the invention of data warehouses.. to do things outside of your production database |
|
What are some examples of OLAP data warehouses? |
Cognos, Jaspersoft, SQL Server Reporting, Oracle Hyperion |
|
What is Amazon's OLAP data warehouse? |
Redshift |
|
What is Elasticache |
A web server that makes it easy to deploy, operate, and scale an in-memory cache in the cloud. It improves the performance of web applications by allowing you to retrieve information from fast, managed, in-memory databases instead of relying entirely on slower-disk based databases |
|
What open-source in-memory caching engines does Elasticache support? |
MemcacheD Redis |
|
Are ALBs and EC2 instances in multi AZ? |
ALBs are redundant, EC2 is not |
|
What is Elastic Beanstalk? |
quickly deploy and manage apps in the AWS cloud without worrying about the infrastructure that runs those apps. |
|
What four primary things does EB do? |
Capacity provisioning, load balancing, scaling, app health monitoring |
|
What is CloudFormation |
A service that helps you model and set up your AWS resources so that you spend less time managing those resources and more time focusing on your applications that run in AWS |
|
What is one way you can scale up using AWS? |
Increase amount of RAM or CPU inside an individual VM |
|
What are six ways you can scale out using AWS? |
1. Stateless Apps like Lambda 2. Load distribution (Multiple EC2 servers or Read Replicas in RDS) 3. Stateless Components (cookies) 4. Stateful components (purchase data in database) 5. Session Affinity (sticky session EC2) 6. Distributed Processing (MapReduce) |
|
What are four ways to instantiate compute resources on EC2? |
1. Bootstrapping 2. Golden Images (AMIs) 4. Hybrid |
|
What are Amazon's primary databases? |
- Aurora (OLTP) - DynamoDP (Non-relational) - Redshift (OLAP) - CloudSearch and ElasticSearch (search) - GraphDB (Graphing) |
|
What is a data lake? |
An architectural approach that allows you to store massive amounts of data in a central location so that it's readily available - No predefined scehma - S3 can store data lakes. - Athena can run queries on data lakes |
|
What is CloudWatch |
A monitoring service your AWS resources use, as well as the apps you run on AWS |
|
What three things can CloudWatch monitor? |
1. Compute (EC2, autoscaling, ELBs, route53) 2. Storage and Content delivery (EBS volumes, storage gateway, cloudfront) 3. Physical hosts (CPU, Network, Disk, Status Checks) |
|
What is AWS systems manager? |
Allows you to manage EC2 instances at scale |
|
What are multiple EC2 instances called? |
A fleet |
|
Which AWS services can be used on-premise? |
- Snowball (gigantic disk of 80TB delivered to your office) - Snowball edge (lambda functions if you have bad connectivity) - Storage gateway (caches files inside data center and replicates them on S3) - CodeDeploy (deploy code to EC2 instances) - Opsworks (Uses Chef for automated deployments to EC2) - IoT Greengrass (connects iot to the cloud) |
|
What is Snowball and Snowball edge? |
Snowball - gigantic disk (80tb) delivered to your office Snowall edge - lambda functions for bad connectivity (boeing used this) |
|
What is storage gateway? |
Caches files inside data center and replicates them on S3 |
|
What is CodeDeploy |
deploy code automatically to Ec2 instances (kind of like a code update instead of manually having to install stuff) |
|
What is OpsWorks |
you can automatically deploy ec2 servers with chef or puppet |
|
What is IoT Greengrass? |
Connects your IoT devices to the cloud |
|
What is CloudWatch? |
A monitoring service to monitor your AWS resources as well as the apps you run on AWS. Think of CloudWatch as a personal trainer that monitors your performance |
|
What are the compute AWS products that CloudWatch can monitor? |
EC2, autoscaling, elastic load balancers, route53 |
|
What are the storage AWS products that CloudWatch can monitor |
EBS volumes, storage gateway, cloudfront |
|
What are the monitoring intervals for CW? |
5 mins by default, 1 minute for detailed monitoring, and CloudWatch alarms for triggered notifications |
|
What is AWS systems manager? |
Allows you to manager a fleet of EC2 instances at scale. Basically on an EC2 instance, you install software that lets AWS systems manager talk to it |
|
What are the three fundamental drivers of cost with AWS? |
Compute, Storage, and outbound data transfer |
|
What free-tier offers are only available to new AWS customers for 12 months? |
EC2, S3, RDS, Cloudfront |
|
What free-tier offers do not expire after 12 months? |
DynamoDB, Glacier, Lambda |
|
What are the 5 basic AWS pricing policies? |
1. pay as you go 2. pay less when you reserve 3. Pay even less by unit by using more 4. pay even less as AWS grows 5. custom pricing |
|
What are the 7 AWS free services? |
1. IAM 2. VPC 3. Elastic Beanstalk 4. Cloud Formation 5. Auto Scaling 6. Opsworks 7. Consolidated Billing |
|
What 2 things determines price for Lambda? |
1. Requests: Lambda is free up to 1 million requests per month, and $0.20 per million requests thereafter 2. Duration: How long your function runs |
|
What 3 things determines price for EBS? |
1. Volumes 2. Snapshots 3. Data Transfer into EBS |
|
What 4 tings determine price for S3? |
1. Storage class 2. Storage volume 3. Requests (Get is more than Put/Copy) 4. Data Transfer |
|
What 2 things determines price for Glacier? |
1. Storage volume 2. Data retrieval times |
|
What is snowball? |
Snowball is a PB-scale data transport solution that uses secure appliances to transfer large amounts of data into and out of the AWS cloud. It's a huge disk |
|
What 3 things determine the price for Snowball? |
1. Service fee per job 2. Daily charge (first 10 days are free) 3. Data transfer in to S3 is free. Data transfer out is not |
|
What 8 things determine the price for RDS? |
1. clock hours of server time 2. database characteristics 3. Database purchase types 4. Number of database instances 5. provisioned storage 6. additional storage 7. deployment type 8. data transfer |
|
What two things determine price for DynamoDB? |
1. Provisioned throughputs for write/read 2. Indexed data storage (hourly... also cost to index) |
|
What 3 things drive the price for CloudFront |
1. Traffic distribution 2. Number of requests 3. Data transfer out |
|
What are AWS budgets? |
Gives you the ability to set custom budgets that alert you when your costs or usage exceed (or are forecasted to exceed) your budgeted amount. Used to budget costs before they have been incurred |
|
What is AWS Cost Explorer? |
Easy to use interface that lets you understand AWS cost and usage over time. Used to see budget costs after they have been incurred |
|
What are the four basic AWS support plans? |
1. Basic (nothing) 2. Developer (email tech support. 1 person open cases) 3. Business (many open cases. phone support 24/7) 4. Enterprise (15 mins business crit system down) |
|
What are tags? |
Tags are Key-Value pairs attached to AWS resources. These include some metadata about the resource |
|
What are resource groups? |
Resource groups make it easy to group your resources using the tags that are assigned to them. You can group resources that share one or more tags |
|
What is AWS Organizations? |
an account management service that enables you to consolidate multiple AWS accounts into an organization that you create and centrally manage |
|
What are the two feature sets of AWS organizations? |
1. Consolidated billing 2. All features |
|
What is the paying account in AWS organizations? |
It is an independent account that cannot access resources of other accounts. It enjoys economies of scale. Prob should not provision resources on it |
|
What is CloudWatch? |
monitors performance |
|
What is CloudTrail |
monitors API calls in the AWS platform (auditing) |
|
How should you use CloudTrail? |
Used on a per-account basis, enabled per region. Can consolidate logs under all accounts |
|
How do you consolidate the logs using CloudTrail? |
1. Turn CT on in paying account 2. Create bucket policy that allows cross-account access 3. Turn on CT in the other accounts and use the bucket in the paying account |
|
What is Quickstart? |
Quickstart provisions a predefined Cloud Formation template in a particular technology into an AWS account. These are built by AWS solutions architects who are experts in those technologies |
|
What is landing zone? |
Allows you to set up a multi-account AWS environment at the click of a button |
|
What is the basic Landing Zone account set up? |
Four accounts: organization, shared services, log archive, security |
|
What are the two AWS calculators? |
1. AWS simple monthly calculator 2. AWS total cost of ownership calculator |
|
What is AWS Artifact |
a comprehensive list of access-controlled documents relevant to compliance and security in the AWS cloud |
|
What is the AWS shared responsibility model? |
While AWS manages security of the cloud, security in the cloud is the responsibility of the customer |
|
What is AWS WAF? |
Web application firewall, it helps protect web applications from common web exploits (hackers) |
|
How does WAF work? |
Firewall inspects web traffic and looks at layer 7 (application layer) |
|
What is AWS Shield? |
A managed DDoS protection service that safeguards web apps running on AWS |
|
What are the two tiers of AWS shield? |
Standard (on by default) and Advanced ($3K a month -- cost protection....AWS reimburses attacks) |
|
What is AWS Inspector? |
Automated security assessment services that helps improve the security and compliance of applications deployed on AWS |
|
What is Trusted Advisor? |
Helps you reduce cost, increase performance and improve security by optimizing your AWS environment. Advises on: cost optimization, performance, security, and fault tolerance |
|
What is CloudTrail? |
Regional, monitors calls in AWS. Increases visibility into your user and resource activity by recording AWS management console actions and api calls |
|
What is CloudWatch? |
Monitors performance on EC2, like host-level metrics and custom metrics |
|
What is AWS Config? |
provides a detailed view of the configuration of AWS resources in your AWS account. Includes how the resources are related to one another and how they were configured in the past so that you can see how the configurations and relationships change |
|
What is AWS Athena? |
Interactive query service which enables you to analyze and query data located in S3 using standard SQL. Serverless, pay per query per TB scanned. Works directly in S3 |
|
What use cases are in AWS Athena? |
Qyer log files in s3, generate business reports on data stored in s3, analyze AWS cost and usage reports, run queries on click-stream data |
|
What is AWS Macie? |
Looks at PII, it is a security service which uses ML and NLP to discover, classify, and protect sensitive data in S3 |
|
What are the five sections of the AWS Well-Architected Framework? |
1. OpEx 2. Security 3. Reliability 4. Performance Efficiency 5. Cost Optimization |
|
What is a component? |
The code, configuration, and AWS resources that together deliver against a requirment |
|
What is a workload? |
a set of components that together deliver business value |
|
What are milestones? |
Key changes in your architecture as it evolves throughout the product lifecycle |
|
What are the 6 AWS general design principles? |
1. Stop guessing about capacity needs 2. Test systems at production scale 3. Automate to make architectural experimentation easier 4. Allow for evolutionary architecture 5. Drive architectures using data 6. Improve through game days (simulations) |
|
What are the 6 OpEx design principles? |
1. Perform operations as code
2. Annotate documentation 3. Make frequent, small, reversible changes 4. Refine operations procedures frequently. 5. Anticipate failure 6. Learn from all operational failures |
|
What are the 3 OpEx best practice areas? |
1. Prepare 2. Operate 3. Evolve |
|
What factors drive the cost of Amazon RDS? |
1. Clock hours of server time 2. Database characteristics (engine, size, mem class) 3. Database purchase type (on demand vs reserved) 4. # of Database instances 5. Provisioned storage 6. Additional storage 7. Requests 8. Deployment type (multi AZ) 9. Data Transfer (outbound) |