<summary>What is cloud computing?</summary><br><b>
[Wikipedia](https://en.wikipedia.org/wiki/Cloud_computing): "Cloud computing is the on-demand availability of computer system resources, especially data storage (cloud storage) and computing power, without direct active management by the user"
- IAAS - Infrastructure As A Service is a cloud computing service where a cloud provider rents out IT infrastructure such as compute, networking resources and storage over the internet.<br>
- PAAS - Platform As A Service is a cloud hosting platform with an on-demand access to ready-to-use set of deployment, application management and DevOps tools.<br>
- SAAS - Software As A Service is a software distribution model in which services are hosted by a cloud service provider.
- Public - Public cloud is when you leverage cloud services over the open internet on hardware owned by the cloud provider, but its usage is shared by other companies.<br>
- Hybrid - A hybrid cloud is a cloud computing environment that uses a mix of combining a public and private cloud environment, like an on-premises data center, and public CSPs.<br>
- Private - Private cloud means that the cloud infrastructure is provisioned for exclusive use by a single organization.
AWS regions are data centers hosted across different geographical locations worldwide, each region is completely independent of one another.<br>
Within each region, there are multiple isolated locations known as Availability Zones. Multiple availability zones ensure high availability in case one of them goes down.<br>
Edge locations are basically content delivery network which caches data and insures lower latency and faster delivery to the users in any location. They are located in major cities in the world.
</b></details>
#### AWS Networking
<details>
<summary>What is VPC?</summary><br><b>
"A logically isolated section of the AWS cloud where you can launch AWS resources in a virtual network that you define"
Read more about it [here](https://aws.amazon.com/vpc).
<summary>Explain Security Groups and Network ACLs</summary><br><b>
* NACL - security layer on the subnet level.
* Security Group - security layer on the instance level.
Read more about it [here](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-security-groups.html) and [here](https://docs.aws.amazon.com/vpc/latest/userguide/VPC_SecurityGroups.html)
<summary>What EC2 RI types are there?</summary><br><b>
Standard RI - most significant discount + suited for steady-state usage
Convertible RI - discount + change attribute of RI + suited for steady-state usage
Scheduled RI - launch within time windows you reserve
Learn more about EC2 RI [here](https://aws.amazon.com/ec2/pricing/reserved-instances)
</b></details>
#### AWS Containers
<details>
<summary>What is Amazon ECS?</summary><br><b>
Amazon definition: "Amazon Elastic Container Service (Amazon ECS) is a fully managed container orchestration service. Customers such as Duolingo, Samsung, GE, and Cook Pad use ECS to run their most sensitive and mission critical applications because of its security, reliability, and scalability."
Learn more [here](https://aws.amazon.com/ecs)
</b></details>
<details>
<summary>What is Amazon ECR?</summary><br><b>
Amazon definition: "Amazon Elastic Container Registry (ECR) is a fully-managed Docker container registry that makes it easy for developers to store, manage, and deploy Docker container images."
Amazon definition: "AWS Fargate is a serverless compute engine for containers that works with both Amazon Elastic Container Service (ECS) and Amazon Elastic Kubernetes Service (EKS)."
S3 is a object storage service which is fast, scalable and durable. S3 enables customers to upload, download or store any file or object that is up to 5 TB in size.
<summary>Explain folders and objects in regards to buckets</summary><br><b>
* Folder - any sub folder in an s3 bucket
* Object - The files which are stored in a bucket
</b></details>
<details>
<summary>Explain the following:
* Object Lifecycles
* Object Sharing
* Object Versioning</summary><br><b>
* Object Lifecycles - Transfer objects between storage classes based on defined rules of time periods
* Object Sharing - Share objects via a URL link
* Object Versioning - Manage multiple versions of an object
</b></details>
<details>
<summary>Explain Object Durability and Object Availability</summary><br><b>
Object Durability: The percent over a one-year time period that a file will not be lost
Object Availability: The percent over a one-year time period that a file will be accessible
</b></details>
<details>
<summary>What is a storage class? What storage classes are there?</summary><br><b>
Each object has a storage class assigned to, affecting its availability and durability. This also has effect on costs.
Storage classes offered today:
* Standard:
* Used for general, all-purpose storage (mostly storage that needs to be accessed frequently)
* The most expensive storage class
* 11x9% durability
* 2x9% availability
* Default storage class
* Standard-IA (Infrequent Access)
* Long lived, infrequently accessed data but must be available the moment it's being accessed
* 11x9% durability
* 99.90% availability
* One Zone-IA (Infrequent Access):
* Long-lived, infrequently accessed, non-critical data
* Less expensive than Standard and Standard-IA storage classes
* 2x9% durability
* 99.50% availability
* Intelligent-Tiering:
* Long-lived data with changing or unknown access patterns. Basically, In this class the data automatically moves to the class most suitable for you based on usage patterns
* Price depends on the used class
* 11x9% durability
* 99.90% availability
* Glacier: Archive data with retrieval time ranging from minutes to hours
* Glacier Deep Archive: Archive data that rarely, if ever, needs to be accessed with retrieval times in hours
* Both Glacier and Glacier Deep Archive are:
* The most cheap storage classes
* have 9x9% durability
More on storage classes [here](https://aws.amazon.com/s3/storage-classes)
<summary>A customer would like to move data which is rarely accessed from standard storage class to the most cheapest class there is. Which storage class should be used?
<summary>What is "Amazon S3 Transfer Acceleration"?</summary><br><b>
AWS definition: "Amazon S3 Transfer Acceleration enables fast, easy, and secure transfers of files over long distances between your client and an S3 bucket"
Learn more [here](https://docs.aws.amazon.com/AmazonS3/latest/dev/transfer-acceleration.html)
Amazon definition: "Amazon Elastic File System (Amazon EFS) provides a simple, scalable, fully managed elastic NFS file system for use with AWS Cloud services and on-premises resources."
Learn more [here](https://aws.amazon.com/efs)
</b></details>
<details>
<summary>What is AWS Snowmobile?</summary><br><b>
"AWS Snowmobile is an Exabyte-scale data transfer service used to move extremely large amounts of data to AWS."
Learn more [here](https://aws.amazon.com/snowmobile)
<summary>True or False? When creating an AWS account, root account is created by default. This is the recommended account to use and share in your organization</summary><br><b>
Policies documents used to give permissions as to what a user, group or role are able to do. Their format is JSON.
</b></details>
<details>
<summary>A user is unable to access an s3 bucket. What might be the problem?</summary><br><b>
There can be several reasons for that. One of them is lack of policy. To solve that, the admin has to attach the user with a policy what allows him to access the s3 bucket.
</b></details>
<details>
<summary>What should you use to:
* Grant access between two services/resources?
* Grant user access to resources/services?</summary><br><b>
* Role
* Policy
</b></details>
<details>
<summary>What permissions does a new user have?</summary><br><b>
<summary>What is ELB (Elastic Load Balancing)?</summary><br><b>
AWS definition: "Elastic Load Balancing automatically distributes incoming application traffic across multiple targets, such as Amazon EC2 instances, containers, IP addresses, and Lambda functions."
More on ELB [here](https://aws.amazon.com/elasticloadbalancing)
</b></details>
<details>
<summary>What is auto scaling?</summary><br><b>
AWS definition: "AWS Auto Scaling monitors your applications and automatically adjusts capacity to maintain steady, predictable performance at the lowest possible cost"
Read more about auto scaling [here](https://aws.amazon.com/autoscaling)
</b></details>
<details>
<summary>True or False? Auto Scaling is about adding resources (such as instances) and not about removing resource</summary><br><b>
False. Auto scaling adjusts capacity and this can mean removing some resources based on usage and performances.
</b></details>
<details>
<summary>What types of load balancers are supported in EC2 and what are they used for?</summary><br><b>
* Application LB - layer 7 traffic
* Network LB - ultra-high performances or static IP address
* Classic LB - low costs, good for test or dev environments
</b></details>
#### AWS DNS
<details>
<summary>What is Route 53?</summary><br><b>
"Amazon Route 53 is a highly available and scalable cloud Domain Name System (DNS) web service"
Some of Route 53 features:
* Register domain
* DNS service - domain name translations
* Health checks - verify your app is available
More on Route 53 [here](https://aws.amazon.com/route53)
</b></details>
#### AWS CloudFront
<details>
<summary>Explain what is CloudFront</summary><br><b>
AWS definition: "Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds, all within a developer-friendly environment."
More on CloudFront [here](https://aws.amazon.com/cloudfront)
</b></details>
<details>
<summary>Explain the following
* Origin
* Edge location
* Distribution</summary><br><b>
</b></details>
#### AWS Monitoring & Logging
<details>
<summary>What is AWS CloudWatch?</summary><br><b>
AWS definition: "Amazon CloudWatch is a monitoring and observability service..."
More on CloudWatch [here](https://aws.amazon.com/cloudwatch)
</b></details>
<details>
<summary>What is AWS CloudTrail?</summary><br><b>
AWS definition: "AWS CloudTrail is a service that enables governance, compliance, operational auditing, and risk auditing of your AWS account."
Read more on CloudTrail [here](https://aws.amazon.com/cloudtrail)
</b></details>
<details>
<summary>What is Simply Notification Service?</summary><br><b>
AWS definition: "a highly available, durable, secure, fully managed pub/sub messaging service that enables you to decouple microservices, distributed systems, and serverless applications."
Read more about it [here](https://aws.amazon.com/sns)
</b></details>
<details>
<summary>Explain the following in regards to SNS:
* Topics
* Subscribers
* Publishers</summary><br><b>
* Topics - used for grouping multiple endpoints
* Subscribers - the endpoints where topics send messages to
* Publishers - the provider of the message (event, person, ...)
</b></details>
#### AWS Security
<details>
<summary>What is the shared responsibility model? What AWS is responsible for and what the user is responsible for based on the shared responsibility model?</summary><br><b>
The shared responsibility model defines what the customer is responsible for and what AWS is responsible for. For example, AWS is responsible for security "of" the cloud, while the customer is responsible for security "in" the cloud.
<summary>True or False? Based on the shared responsibility model, Amazon is responsible for physical CPUs and security groups on instances</summary><br><b>
False. It is responsible for Hardware in its sites but not for security groups which created and managed by the users.
<summary>Explain "Shared Controls" in regards to the shared responsibility model</summary><br><b>
AWS definition: "apply to both the infrastructure layer and customer layers, but in completely separate contexts or perspectives. In a shared control, AWS provides the requirements for the infrastructure and the customer must provide their own control implementation within their use of AWS services"
Learn more about it [here](https://aws.amazon.com/compliance/shared-responsibility-model)
AWS definition: "AWS Artifact is your go-to, central resource for compliance-related information that matters to you. It provides on-demand access to AWSā security and compliance reports and select online agreements."
Read more about it [here](https://aws.amazon.com/artifact)
</b></details>
<details>
<summary>What is AWS Inspector?</summary><br><b>
AWS definition: "Amazon Inspector is an automated security assessment service that helps improve the security and compliance of applications deployed on AWS. Amazon Inspector automatically assesses applications for exposure, vulnerabilities, and deviations from best practices.""
Learn more [here](https://aws.amazon.com/inspector)
An AWS Web Application Firewall (WAF) can filter out unwanted web traffic (bots), and protect against attacks like SQL injection and cross-site scripting. One service you could use it with would be Amazon CloudFront, a CDN service, to block attacks before they reach your origin servers
Amazon definition: "AWS CloudHSM is a cloud-based hardware security module (HSM) that enables you to easily generate and use your own encryption keys on the AWS Cloud."
Learn more [here](https://aws.amazon.com/cloudhsm)
<summary>What is AWS Key Management Service (KMS)?</summary><br><b>
AWS definition: "KMS makes it easy for you to create and manage cryptographic keys and control their use across a wide range of AWS services and in your applications."
Amazon definition: "AWS Certificate Manager is a service that lets you easily provision, manage, and deploy public and private Secure Sockets Layer/Transport Layer Security (SSL/TLS) certificates for use with AWS services and your internal connected resources."
Learn more [here](https://aws.amazon.com/certificate-manager)
<summary>Explain "Point-in-Time Recovery" feature in DynamoDB</summary><br><b>
Amazon definition: "You can create on-demand backups of your Amazon DynamoDB tables, or you can enable continuous backups using point-in-time recovery. For more information about on-demand backups, see On-Demand Backup and Restore for DynamoDB."
Learn more [here](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/PointInTimeRecovery.html)
</b></details>
<details>
<summary>Explain "Global Tables" in DynamoDB</summary><br><b>
Amazon definition: "A global table is a collection of one or more replica tables, all owned by a single AWS account."
Learn more [here](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/V2globaltables_HowItWorks.html)
</b></details>
<details>
<summary>What is DynamoDB Accelerator?</summary><br><b>
Amazon definition: "Amazon DynamoDB Accelerator (DAX) is a fully managed, highly available, in-memory cache for DynamoDB that delivers up to a 10x performance improvement ā from milliseconds to microseconds..."
Learn more [here](https://aws.amazon.com/dynamodb/dax)
AWS Redshift is a cloud data warehousing service that is geared towards handling massive amounts of data (think petabytes) and being able to execute complex queries. In contrast, Amazon RDS is best suited for things like web applications requiring simple queries with more frequent transactions, and on a smaller scale.
<summary>What is Amazon DocumentDB?</summary><br><b>
Amazon definition: "Amazon DocumentDB (with MongoDB compatibility) is a fast, scalable, highly available, and fully managed document database service that supports MongoDB workloads. As a document database, Amazon DocumentDB makes it easy to store, query, and index JSON data."
Learn more [here](https://aws.amazon.com/documentdb)
</b></details>
<details>
<summary>What "AWS Database Migration Service" is used for?</summary><br><b>
AWS definition: "Amazon RDS Read Replicas provide enhanced performance and durability for RDS database (DB) instances. They make it easy to elastically scale out beyond the capacity constraints of a single DB instance for read-heavy database workloads."
Read more about [here](https://aws.amazon.com/rds/features/read-replicas)
<summary>Which service is used for sending notifications?</summary><br><b>
SNS
</b></details>
<details>
<summary>Which service would you use for monitoring malicious activity and unauthorized behavior in regards to AWS accounts and workloads?</summary><br><b>
Amazon GuardDuty
</b></details>
<details>
<summary>Which service would you use for centrally manage billing, control access, compliance, and security across multiple AWS accounts?</summary><br><b>
AWS Organizations
</b></details>
<details>
<summary>Which service would you use for web application protection?</summary><br><b>
Amazon definition: "Amazon Connect is an easy to use omnichannel cloud contact center that helps companies provide superior customer service at a lower cost."
Learn more [here](https://aws.amazon.com/connect)
</b></details>
<details>
<summary>What are "APN Consulting Partners"?</summary><br><b>
Amazon definition: "APN Consulting Partners are professional services firms that help customers of all types and sizes design, architect, build, migrate, and manage their workloads and applications on AWS, accelerating their journey to the cloud."
Learn more [here](https://aws.amazon.com/partners/consulting)
<summary>What is "AWS Infrastructure Event Management"?</summary><br><b>
AWS Definition: "AWS Infrastructure Event Management is a structured program available to Enterprise Support customers (and Business Support customers for an additional fee) that helps you plan for large-scale events such as product or application launches, infrastructure migrations, and marketing events."
Amazon definition: "AWS CodeDeploy is a fully managed deployment service that automates software deployments to a variety of compute services such as Amazon EC2, AWS Fargate, AWS Lambda, and your on-premises servers."
Learn more [here](https://aws.amazon.com/codedeploy)
</b></details>
<details>
<summary>Explain what is CloudFormation</summary><br><b>
AWS definition: "Lightsail is an easy-to-use cloud platform that offers you everything needed to build an application or website, plus a cost-effective, monthly plan."
</b></details>
<details>
<summary>What is AWS Rekognition?</summary><br><b>
AWS definition: "Amazon Rekognition makes it easy to add image and video analysis to your applications using proven, highly scalable, deep learning technology that requires no machine learning expertise to use."
Learn more [here](https://aws.amazon.com/rekognition)
<summary>What AWS Resource Groups used for?</summary><br><b>
Amazon definition: "You can use resource groups to organize your AWS resources. Resource groups make it easier to manage and automate tasks on large numbers of resources at one time. "
Learn more [here](https://docs.aws.amazon.com/ARG/latest/userguide/welcome.html)
</b></details>
<details>
<summary>What is AWS Global Accelerator?</summary><br><b>
Amazon definition: "AWS Global Accelerator is a service that improves the availability and performance of your applications with local or global users..."
Learn more [here](https://aws.amazon.com/global-accelerator)
</b></details>
<details>
<summary>What is AWS Config?</summary><br><b>
Amazon definition: "AWS Config is a service that enables you to assess, audit, and evaluate the configurations of your AWS resources."
Learn more [here](https://aws.amazon.com/config)
</b></details>
<details>
<summary>What is AWS X-Ray?</summary><br><b>
AWS definition: "AWS X-Ray helps developers analyze and debug production, distributed applications, such as those built using a microservices architecture."
Learn more [here](https://aws.amazon.com/xray)
</b></details>
<details>
<summary>What is AWS OpsWorks?</summary><br><b>
Amazon definition: "AWS OpsWorks is a configuration management service that provides managed instances of Chef and Puppet."
Learn more about it [here](https://aws.amazon.com/opsworks)
<summary>What is AWS Service Catalog?</summary><br><b>
Amazon definition: "AWS Service Catalog allows organizations to create and manage catalogs of IT services that are approved for use on AWS."
Learn more [here](https://aws.amazon.com/servicecatalog)
</b></details>
<details>
<summary>What is AWS CAF?</summary><br><b>
Amazon definition: "AWS Professional Services created the AWS Cloud Adoption Framework (AWS CAF) to help organizations design and travel an accelerated path to successful cloud adoption. "
Learn more [here](https://aws.amazon.com/professional-services/CAF)
</b></details>
<details>
<summary>What is AWS Cloud9?</summary><br><b>
AWS definition: "AWS Cloud9 is a cloud-based integrated development environment (IDE) that lets you write, run, and debug your code with just a browser"
</b></details>
<details>
<summary>What is AWS Application Discovery Service?</summary><br><b>
Amazon definition: "AWS Application Discovery Service helps enterprise customers plan migration projects by gathering information about their on-premises data centers."
Learn more [here](https://aws.amazon.com/application-discovery)
<summary>What is the AWS well-architected framework and what pillars it's based on?</summary><br><b>
AWS definition: "The Well-Architected Framework has been developed to help cloud architects build secure, high-performing, resilient, and efficient infrastructure for their applications. Based on five pillars ā operational excellence, security, reliability, performance efficiency, and cost optimization"
Learn more [here](https://aws.amazon.com/architecture/well-architected)
AWS definition: "big data platform for processing vast amounts of data using open source tools such as Apache Spark, Apache Hive, Apache HBase, Apache Flink, Apache Hudi, and Presto."
<summary>What is Amazon Cloud Directory?</summary><br><b>
Amazon definition: "Amazon Cloud Directory is a highly available multi-tenant directory-based store in AWS. These directories scale automatically to hundreds of millions of objects as needed for applications."
Learn more [here](https://docs.aws.amazon.com/clouddirectory/latest/developerguide/what_is_cloud_directory.html)
<summary>What is AWS Elastic Beanstalk?</summary><br><b>
AWS definition: "AWS Elastic Beanstalk is an easy-to-use service for deploying and scaling web applications and services...You can simply upload your code and Elastic Beanstalk automatically handles the deployment"
Learn more about it [here](https://aws.amazon.com/elasticbeanstalk)
</b></details>
<details>
<summary>What is AWS SWF?</summary><br><b>
Amazon definition: "Amazon SWF helps developers build, run, and scale background jobs that have parallel or sequential steps. You can think of Amazon SWF as a fully-managed state tracker and task coordinator in the Cloud."
Learn more on Amazon Simple Workflow Service [here](https://aws.amazon.com/swf)
<summary>What is Simple Queue Service (SQS)?</summary><br><b>
AWS definition: "Amazon Simple Queue Service (SQS) is a fully managed message queuing service that enables you to decouple and scale microservices, distributed systems, and serverless applications".
Learn more about it [here](https://aws.amazon.com/sqs)
</b></details>
#### AWS Disaster Recovery
<details>
<summary>In regards to disaster recovery, what is RTO and RPO?</summary><br><b>
RTO - The maximum acceptable length of time that your application can be offline.
RPO - The maximum acceptable length of time during which data might be lost from your application due to an incident.
</b></details>
<details>
<summary>What types of disaster recovery techniques AWS supports?</summary><br><b>
* The Cold Method - Periodically backups and sending the backups off-site<br>
* Pilot Light - Data is mirrored to an environment which is always running
* Warm Standby - Running scaled down version of production environment
* Multi-site - Duplicated environment that is always running
</b></details>
<details>
<summary>Which disaster recovery option has the highest downtime and which has the lowest?</summary><br><b>
