Aws Certified Solutions Architect Associate Flashcards
SWF
Simple Workflow Service
S3 Bucket
1. Files/Objects are stored in buckets2. Name Must be unique globally
IAM Roles
You create and can assign them to AWS resources like an EC2 instance (which you can't do with IAM access policies)
VPC: Benefits
1. Launch instances into a subnet of your choosing2. Assign custom IP address range in each subnet3. Configure route tables between subnets4. Create internet gateways and attach them to subnets or not5. Much better security controls over your AWS resources - Instance security group- Subnet network access control list (ACLs)
DynamoDB (Definition)
1. Fast and Flexible NoSQL database service for all applications that need consistent, single-digit millisecond latency at any scale2. It's a fully managed database and supports both documented and key-value data models.3. It's flexible data model and reliable performance makes it a great fit for mobile web, gaming, ad-hoc, IOT, and many other applications
EBS Provisioned IOPS SSD
1. Designed for IO intensive applications such as:- Large relational or NoSQL DBs- Use if you need more than 10,000 IOPS
IAM
Identity and Access Management
Identity Store (who)
1. Facebook2. Active-Directory3. Google4. Amazon
Network ACL
1. Operates on the subnet/network level2. Supports Allow and Deny rules3. Stateless, so return traffic must be allowed through an outbound rule4. Processes rules in NUMBER ORDER (lowest overrules higher #)
VPC Peering
1. Allows you to connect on VPC with another via a direct network route using private IP address.2. Instances behave as if they were on the same network3. You can peer VPCs with other AWS accounts as well as with other VPCs in the same account.4. Peering is in a star configuration, ie. one central VPC peers with four others.
S3 Standard Storage (definition)
Availability = 99.99%Durability = 99.999999999 (11 nines)1. Stored redundancy across multiple devices in multiple facilities and is designed to sustain the loss of TWO facilities concurrently.
EC2 Instance Types (list)
1. T22. M43. M34. C45. C36. R37. G28. I29. D2
SNS (abbrev)
Simple Notification service
EC2 Placement Groups (definition)
1. A placement group is a logical grouping of instances within a single availability zone2. Using Placement groups enables applications to participate in a low latency, 10 Gbps network3. Placement groups are recommended for applications that benefit from low network latency, high network throughput, or both
RedShift (definition)
1. A fast powerful, fully managed petabyte-scale data warehouse service in the cloud2. Customers can start small for just $.25 per hour with NO commitments or upfront cost and scale to petabyte or more for $1000 per terabyte per year. Which is less than a tenth of most other data warehouse solutions.
S3 File Size
1. Files can be 0 to 5 TB in Size2. Unlimited Storage (for each account)
Security Groups
1. Operates on the instance layer2. Supports "allow" rules only3. in "stateful", so return traffic request are allowed regardless of rules4. Evaluates All rules before deciding to allow traffic
EC2: RAID 1
1. Mirrored2. Redundancy
OLAP (abbrev)
Online Analytic Processing
S3 Bucket Policies Elements: Actions
1. Identity resources operations that allow or deny NOTE: ie. List objects/upload object
EC2 Bash Scripts (definition)
1. Use bash scripts to start moving around from the S3 buckets to EC2 instances2. Turn on apache/move code/files to EC23. For Automation
Redshift Configurations
1. Single Node (160 GB)2. Scale to Multi-node- Leader node (manages client connections and receives queries)- Compute Node (store data and perform queries and computations, up to 128 compute nodes
EC2:R3 (specialty and use case)
1. Speciality: Memory Optimizated2. Use case: Memory intensive apps/DBs
EC2 RAID 10 (definition)
1. Striped and Mirrored2. Good Redundancy3. Good Performance4. Combination of RAID 0 and 1
DynamoDB: Eventually Consistent Reads (definition)
1. Consistently across all copies of data is usually reached within a second2. Repeating a read after as shoot time should return the updated data (best read performance)
IAM Root Account (definition)
1. The initial sign-up email address2. AWS account has Admin Access
SAML (abbrev)
Security Assess Markup Language
IAM (definition)
1. IAM allows you to manage users and their level of access to AWS console and resources.
EC2: Volumes
1. Exist on EBS2. Basically a virtual hard drive
EC2 On-Demand Instances (when to use)
1. Users that want low cost and flexibility of EC2 without any upfront payment or long-term commitment2. Applications with short term, spiky or unpredictable workloads that cannot be interrupted3. Applications being developed or tested on EC2 for the first time Note: Use for short term projects/temp dev environments.
Federation
1. Grant temporary access to users on a corporate network without having to create IAM credentials for each user2. Single sign-on would be allowing federated users to login to the AWS console without having IAM users defined
OLTP (abbrev)
Online Transaction Processing
VPC (use case)
1. You can easily customize the network config for your VPC2. You can create a public-facing subnet for Web Servers and private subnets for backend system, databases, or application servers with no internet access.3. You can leverage multiple layers of security, including security groups, and network access control list, to help control access to EC2 instance in each subnet.
EC2:AMI (abbrev and definition)
AMI = Amazon Machine Image1. A pre-baked virtual machine2. Comes with different operating systems.
EC2:M4/M3 (specialty and use case)
1. Specialty: General Purpose2. Use Case: Application Server
S3 Pricing (based on)
1. Storage Type2. Request3. Amount of data transferred
S3 Bucket Policies Element: Resources
1. A bucket or an object is a resource that you are creating allow/deny permission for
EC2 Spot Instances (definition)
1. Enables you to bid whatever price you want for instance capacity, providing for even greater savings if your applications have flexible start and end timesPricing depends on market conditions.
S3 Storage Tiers (lists)
1. S32. S3-IA (infrequent Access)3. RRS (Reduced Redundancy Storage)4. Glacier
EC2: AMI Template (definition)
1. A template for the root volume for the instance2. For Example, an operating system, an application server, and applications
VPC Restrictions (limits)
1. 5 Elastic IP Addresses2. 5 Internet Gateways3. 5 VPCs per Region (can be increased per request)4. 50 VPN connections per region5. 50 VPN Customer gateways per regions6. 200 customer gateways per region7. 100 Security Groups per VPC
EC2 Meta Data Link (url)
curl http://169.254.169.254/latest/meta-data
S3 Key (definition)
The name of the object
S3 RRS (definition)
Availability: 99.99%Durability: 99.99%1. Storage for objects that CAN be lost (since they can be regenerated, IE pictures, thumbnails, etc..
S3 Meta Data (definition)
Data about the data you are storing
IAM groups (definition)
A collection of users
EC2:T2 (specialty and use case)
1. Specialty: Low cost, general purpose2. Use Case: Web server/small database
EC2:AMI Block Device Mapping (definition)
A block device mapping that specifies the volumes to attach to the instance when it's lauched
Elasticache (use case)
1. Can be used to significantly improve latency and throughput for many read-heavy application workloads (such as social networking, gaming, media sharing) OR compute intensive workloads (such as a recommendation engine)2. Caching improves app performance by storing critical data in memory for lower latency access.
Centralized Logging (3rd party)
1. Rsyslog (native to Linux)2. Splunk3. Kiwi4.
EC2: AMI Launch Permission (definition)
1. Launch permissions that control which AWS accounts can use the AMI to launch instances.
EC2: C4/C3 (specialty and use case)
1. Specialty: Compute optimization2. Use case: CPU intensive apps/DBs
Lambda (use case)
1. As an event-driven compute service where AWS Lambda runs your code in response to an event.2. There could be:-Changes to data in a S3 bucket Or a DynamoDB table-As a compute service to run code in response to HTTP request.
EC2 Spot Pricing instances (when to use)
1. Applications that have flexible start and end times2. Applications that are only feasible at very low compute prices3. Users with urgent computing needs for large amounts of additional capacity4. ONLY use IF you can have downtime.
EC2 On-Demand (definition)
1. Allows you to pay a fixed rate, by the hour, with no commitmentNote: Expecting a "Black Friday sales and may need 4 extra servers for 1 day.
EC2: AMI's (list)
1. Template2. Launch Permission3. Block Device mapping
Route 53 and DNS Failover
1. You can setup a "primary" and "failover" DNS-"Cross -region failover"-send failover to s3, on-premise, or other regions2. Setup primary "A" record3. Setup health check for that4. Setup failover "A" record
S3 (definition)
1. Provides developers and IT teams with secure, durable, highly scalable object storage2. Easy to use web interface to store and retrieve any amount of data from anywhere on the web.3. in a simple key-value store