Topical Cards from Digital Cloud AWS Cert Exam Flashcards Preview

AWS Associate Developer Exam > Topical Cards from Digital Cloud AWS Cert Exam > Flashcards

Flashcards in Topical Cards from Digital Cloud AWS Cert Exam Deck (48)
Loading flashcards...
1

Kinesis Data Analytics

-used for processing and analyzing real-time streaming data from either Firehose or Data streams
-can only output data to S3, RedShift, Elasticsearch and Kinesis Data Streams
-Autoscaling and Managed (no servers)
-Real Time

2

Kinesis Data Firehose

-the easiest way to deliver data directly to AWS services or servicers like Splunk
-data is NOT stored
-serverless data transforms with lambda functions
-Kinesis Data Streams can be used as the source(s) to Kinesis Data Firehose
-near real-time (1 minute latency)

3

Kinesis Data Streams

-enables real-time processing of streaming big data
-stores data for later processing by applications (key difference with Firehose which delivers data directly to AWS services)
-partition keys can guarentee ordering
-records accessible from 24 hours (default) to 7 days
-does not deliver it to destinations such as Splunk
-must manage to scaling
-will have to develop code (producer/consumer) to use

4

Default IAM User Permissions

-By default IAM users are created with no permissions
-an IAM policy must be attached to the user before they can do anything (even view their own access keys)

5

EBS Encryption

-Data in transit between an instance and an encrypted volume is encrypted
-There is no direct way to change the encryption state of a volume
-All EBS types support encryption

6

Amazon Glacier Resilience

-99.999999999% durability of archives
-Data is resilient in the event of one entire AZ destruction
-Data is NOT replicated globally

7

EBS Instance Store Configuration

-Can only specify the instance store volumes for your instance when you launch the instance
-Cannot add EBS volumes after launch

8

Default Security Group Settings for a VPC

-Inbound rule that allows all traffic from the security group itself
-Outbound rule that allows all traffic to all addresses
-Custom security groups do not have inbound rules by default (blocking all inbound traffic) and allow all outbound traffic by default

9

RDS Database Restore

-Can restore up to the last 5 minutes
-default DB security group is applied to the new DB instance

10

Monitoring ELB Traffic

-Use VPC Flow Logs
-To set up, create a VPC flow log for each network interface associated with an ELB

11

Network ACL

-tied to subnets
-stateless rules (rules applied to incoming traffic will not be applied to outgoing traffic
-support allow and deny rules
-rules applied in order
-by default inbound rule denying all traffic and outbound rule denying all traffic

12

Enhanced Networking

-provides higher bandwidth, pakcet-per-second, and lower inter-instance latencies

13

DynamoDB Auto Scaling

-uses AWS Application Auto Scaling Service to adjust provisted throughput capacity to traffic patterns
-most efficient and cost-effective solution to optimizing cost

14

CodeDeploy

-automates application deployment to EC2 instances, on-premises instances, serverless lambda.

15

OpsWorks

-mangaged instances of Chef and Puppet

16

Beanstalk

-used to quickly deploy and mange applications in the cloud
-beanstalk handles deployment details for applications in Go, Java, Python, Ruby, Node.js, and PHP

17

Run Command

-designed to support a wide ranbe of enterprise configuration needs on windws machines
-can install software, run scripts, or powershell commnads
-accessible in the AWS Managment Console

18

AWS Config

-services that lets you assess, audit, and evaluate the configuration of your AWS Resources

19

POSIX Permissions

-allow you to restrict access from host by user group for EFS

20

EFS Security Groups

-can act as a fire wall to restrict network traffic for EFS

21

Direct Connect Gateway

-transitive peering connections for VPC, VPN, and Direct Connect
-can be assoicated with transit gateway when you have mutiple vpcs in the same region
-can be associated with a virtural private gateway

22

Direct Connect

-establish private connectivity between AWS and your datacenter
-set up a virtual private gateway on vpn and configured hardware connection to datacenter

23

VPN CloudHub

-hub-and-spoke VPN model to connect your sites

24

Transit Gateway

-transitive peering connections for VPC, VPN, and Direct Connect

25

Private Link

-connect services privately form your service VPC to customers VPC
-eliminates the exposure of data to the public Internet
-dosen't need vpc peering, public internet, NAT gateway, ect
-Must be used with NLB and Elastic Network Interface

26

VPC Endpoints

-provide private access to aws services within a vpc

27

Internet Gateway

-provide internet access at VPC level via ipv4 & ipv6

28

Route Tables

-connect subnets to Interne Gateway, VPC Peering Connections, VPC Endpoints, ect

29

Nat Instances

-provides internet access to private instances on private subnet
-Managed by user and requires additional set up like disabling source/destination check on the ec2

30

Network ACL

-Statless, subnet allow and deny rules