Add Terraform and AWS exercises

In addition to multiple new questions.
2022-07-22 00:18:48 +03:00
parent 842120d428
commit 641f41aa96
8 changed files with 579 additions and 372 deletions
--- a/exercises/aws/README.md
+++ b/exercises/aws/README.md
@@ -1,168 +1,160 @@
 # AWS

-## AWS Exercises
-
 **Note**: Provided solutions are using the AWS console. It's recommended you'll use IaC technologies to solve the exercises (e.g. Terraform, Pulumi).<br>
 **2nd Note**: Some of the exercises cost money and can't be performed using the free tier/resources

-* [AWS IAM](#exercises-aws-iam)
-* [AWS EC2](#exercises-aws-ec2)
-* [AWS ELB](#exercises-aws-elb)
-* [AWS Auto Scaling Groups](#exercises-aws-asg)
-* [AWS VPC](#exercises-aws-vpc)
-* [AWS Databases](#exercises-aws-databases)
-* [AWS DNS](#exercises-aws-dns)
-* [AWS Containers](#exercises-aws-containers)
-* [AWS Lambda](#exercises-aws-rambda)
-* [AWS Elastic Beanstalk](#exercises-aws-elastic-beanstalk)
-* [AWS Misc](#exercises-aws-misc)
-
-## AWS Questions
-
-* [AWS Global Infrastructure](#questions-aws-global-infra)
-* [AWS IAM](#questions-aws-iam)
-* [AWS EC2](#questions-aws-ec2)
-  * [AMI](#questions-aws-ec2-ami)
-  * [EBS](#questions-aws-ec2-ebs)
-  * [Instance Store](#questions-aws-ec2-instance-store)
-  * [EFS](#questions-aws-ec2-efs)
-  * [Pricing Models](#questions-aws-ec2-pricing-models)
-  * [Launch Templates](#questions-aws-ec2-launch-templates)
-  * [ENI](#questions-aws-ec2-eni)
-  * [Placement Groups](#questions-aws-ec2-placement-groups)
-* [AWS Containers](#questions-aws-containers)
-  * [AWS ECS](#questions-aws-containers-ecs)
-  * [AWS Fargate](#questions-aws-containers-fargate)
-* [AWS S3](#questions-aws-s3)
-* [AWS Disaster Recovery](#questions-aws-disaster-recovery)
-* [AWS ELB](#questions-aws-elb)
-* [AWS Auto Scaling Group](#questions-aws-asg)
-* [AWS Security](#questions-aws-security)
-* [AWS Databases](#questions-aws-db)
-  * [AWS RDS](#questions-aws-db-rds)
-  * [AWS Aurora](#questions-aws-db-aurora)
-  * [AWS DynamoDB](#questions-aws-db-dynamodb)
-  * [AWS ElastiCache](#questions-aws-db-elasticache)
-  * [AWS RedShift](#questions-aws-db-redshift)
-* [AWS VPC](#questions-vpc)
-* [AWS DNS](#questions-aws-dns)
-* [AWS Monitoring and Logging](#questions-aws-monitoring-logging)
-* [AWS Billing and Support](#questions-aws-billing-support)
-* [AWS Automation](#questions-aws-automation)
-* [AWS Misc](#questions-aws-misc)
-* [AWS HA](#questions-aws-ha)
-* [AWS Production Operations and Migrations](#questions-aws-migrations)
-* [AWS Scenarios](#questions-aws-scenarios)
-* [AWS Architecture Design](#questions-aws-architecture-design)
+- [AWS](#aws)
+  - [Exercises](#exercises)
+    - [IAM](#iam)
+    - [EC2](#ec2)
+    - [ELB](#elb)
+    - [Auto Scaling Groups](#auto-scaling-groups)
+    - [VPC](#vpc)
+    - [Databases](#databases)
+    - [DNS](#dns)
+    - [Containers](#containers)
+    - [Lambda](#lambda)
+    - [Elastic Beanstalk](#elastic-beanstalk)
+    - [Misc](#misc)
+  - [Questions](#questions)
+    - [Global Infrastructure](#global-infrastructure)
+    - [IAM](#iam-1)
+    - [EC2](#ec2-1)
+      - [AMI](#ami)
+      - [EBS](#ebs)
+      - [Instance Store](#instance-store)
+      - [EFS](#efs)
+      - [Pricing Models](#pricing-models)
+      - [Launch Template](#launch-template)
+      - [ENI](#eni)
+      - [Placement Groups](#placement-groups)
+    - [Lambda](#lambda-1)
+    - [Containers](#containers-1)
+      - [ECS](#ecs)
+      - [Fargate](#fargate)
+    - [S3](#s3)
+      - [Basics](#basics)
+      - [Buckets](#buckets)
+      - [Security](#security)
+    - [Disaster Recovery](#disaster-recovery)
+    - [CloudFront](#cloudfront)
+    - [ELB](#elb-1)
+    - [Auto Scaling Group](#auto-scaling-group)
+    - [Security](#security-1)
+    - [Databases](#databases-1)
+      - [RDS](#rds)
+      - [Aurora](#aurora)
+      - [DynamoDB](#dynamodb)
+      - [ElastiCache](#elasticache)
+      - [RedShift](#redshift)
+    - [VPC](#vpc-1)
+    - [Identify the Service](#identify-the-service)
+    - [DNS (Route 53)](#dns-route-53)
+    - [Monitoring and Logging](#monitoring-and-logging)
+    - [Billing and Support](#billing-and-support)
+    - [Automation](#automation)
+    - [Misc](#misc-1)
+    - [High Availability](#high-availability)
+    - [Production Operations and Migrations](#production-operations-and-migrations)
+    - [Scenarios](#scenarios)
+    - [Architecture Design](#architecture-design)

 ## Exercises

-<a name="exercises-aws-iam"></a>
 ### IAM

 |Name|Topic|Objective & Instructions|Solution|Comments|
 |--------|--------|------|----|----|
-| Create a User | IAM | [Exercise](create_user.md) | [Solution](solutions/create_user.md) | Easy |
-| Password Policy | IAM | [Exercise](password_policy_and_mfa.md) | [Solution](solutions/password_policy_and_mfa.md) | Easy |
-| Create a role | IAM | [Exercise](create_role.md) | [Solution](solutions/create_role.md) | Easy |
-| Credential Report | IAM | [Exercise](credential_report.md) | [Solution](solutions/credential_report.md) | Easy |
-| Access Advisor | IAM | [Exercise](access_advisor.md) | [Solution](solutions/access_advisor.md) | Easy |
+| Create a User | IAM | [Exercise](create_user.md) | [Solution](solutions/create_user.md) | |
+| Password Policy | IAM | [Exercise](password_policy_and_mfa.md) | [Solution](solutions/password_policy_and_mfa.md) | |
+| Create a role | IAM | [Exercise](create_role.md) | [Solution](solutions/create_role.md) | |
+| Credential Report | IAM | [Exercise](credential_report.md) | [Solution](solutions/credential_report.md) | |
+| Access Advisor | IAM | [Exercise](access_advisor.md) | [Solution](solutions/access_advisor.md) | |

-<a name="exercises-aws-ec2"></a>
 ### EC2

 |Name|Topic|Objective & Instructions|Solution|Comments|
 |--------|--------|------|----|----|
-| Launch EC2 web instance | EC2 | [Exercise](launch_ec2_web_instance.md) | [Solution](solutions/launch_ec2_web_instance.md) | Easy |
-| Security Groups | EC2 | [Exercise](security_groups.md) | [Solution](solutions/security_groups.md) | Easy |
-| IAM Roles | EC2, IAM | [Exercise](ec2_iam_roles.md) | [Solution](solutions/ec2_iam_roles.md) | Easy |
-| Spot Instances | EC2 | [Exercise](create_spot_instances.md) | [Solution](solutions/create_spot_instances.md) | Easy |
-| Elastic IP | EC2, Networking | [Exercise](elastic_ip.md) | [Solution](solutions/elastic_ip.md) | Easy |
-| Placement Groups Creation | EC2, Placement Groups | [Exercise](placement_groups.md) | [Solution](solutions/placement_groups.md) | Easy |
-| Elastic Network Interfaces | EC2, ENI | [Exercise](elastic_network_interfaces.md) | [Solution](solutions/elastic_network_interfaces.md) | Easy |
-| Hibernate an Instance | EC2 | [Exercise](hibernate_instance.md) | [Solution](solutions/hibernate_instance.md) | Easy |
-| Volume Creation | EC2, EBS | [Exercise](ebs_volume_creation.md) | [Solution](solutions/ebs_volume_creation.md) | Easy |
-| Snapshots | EC2, EBS | [Exercise](snapshots.md) | [Solution](solutions/snapshots.md) | Easy |
-| Create an AMI | EC2, AMI | [Exercise](create_ami.md) | [Solution](solutions/create_ami.md) | Easy |
-| Create EFS | EC2, EFS | [Exercise](create_efs.md) | [Solution](solutions/create_efs.md) | Easy |
+| Launch EC2 web instance | EC2 | [Exercise](launch_ec2_web_instance.md) | [Solution](solutions/launch_ec2_web_instance.md) | |
+| Security Groups | EC2 | [Exercise](security_groups.md) | [Solution](solutions/security_groups.md) | |
+| IAM Roles | EC2, IAM | [Exercise](ec2_iam_roles.md) | [Solution](solutions/ec2_iam_roles.md) | |
+| Spot Instances | EC2 | [Exercise](create_spot_instances.md) | [Solution](solutions/create_spot_instances.md) | |
+| Elastic IP | EC2, Networking | [Exercise](elastic_ip.md) | [Solution](solutions/elastic_ip.md) | |
+| Placement Groups Creation | EC2, Placement Groups | [Exercise](placement_groups.md) | [Solution](solutions/placement_groups.md) | |
+| Elastic Network Interfaces | EC2, ENI | [Exercise](elastic_network_interfaces.md) | [Solution](solutions/elastic_network_interfaces.md) | |
+| Hibernate an Instance | EC2 | [Exercise](hibernate_instance.md) | [Solution](solutions/hibernate_instance.md) | |
+| Volume Creation | EC2, EBS | [Exercise](ebs_volume_creation.md) | [Solution](solutions/ebs_volume_creation.md) | |
+| Snapshots | EC2, EBS | [Exercise](snapshots.md) | [Solution](solutions/snapshots.md) | |
+| Create an AMI | EC2, AMI | [Exercise](create_ami.md) | [Solution](solutions/create_ami.md) | |
+| Create EFS | EC2, EFS | [Exercise](create_efs.md) | [Solution](solutions/create_efs.md) | |

-<a name="exercises-aws-elb"></a>
 ### ELB

 |Name|Topic|Objective & Instructions|Solution|Comments|
 |--------|--------|------|----|----|
-| Application Load Balancer | ELB, ALB | [Exercise](app_load_balancer.md) | [Solution](solutions/app_load_balancer.md) | Easy |
-| Multiple Target Groups | ELB, ALB | [Exercise](alb_multiple_target_groups.md) | [Solution](solutions/alb_multiple_target_groups.md) | Easy |
-| Network Load Balancer | ELB, NLB | [Exercise](network_load_balancer.md) | [Solution](solutions/network_load_balancer.md) | Easy |
+| Application Load Balancer | ELB, ALB | [Exercise](app_load_balancer.md) | [Solution](solutions/app_load_balancer.md) | |
+| Multiple Target Groups | ELB, ALB | [Exercise](alb_multiple_target_groups.md) | [Solution](solutions/alb_multiple_target_groups.md) | |
+| Network Load Balancer | ELB, NLB | [Exercise](network_load_balancer.md) | [Solution](solutions/network_load_balancer.md) | |

-<a name="exercises-aws-asg"></a>
 ### Auto Scaling Groups

 |Name|Topic|Objective & Instructions|Solution|Comments|
 |--------|--------|------|----|----|
-| Auto Scaling Groups Basics | ASG | [Exercise](auto_scaling_groups_basics.md) | [Solution](solutions/auto_scaling_groups_basics.md) | Easy |
-| Dynamic Scaling Policy | ASG, Policies | [Exercise](asg_dynamic_scaling_policy.md) | [Solution](solutions/asg_dynamic_scaling_policy.md) | Easy |
+| Auto Scaling Groups Basics | ASG | [Exercise](auto_scaling_groups_basics.md) | [Solution](solutions/auto_scaling_groups_basics.md) | |
+| Dynamic Scaling Policy | ASG, Policies | [Exercise](asg_dynamic_scaling_policy.md) | [Solution](solutions/asg_dynamic_scaling_policy.md) | |

-<a name="exercises-aws-vpc"></a>
 ### VPC

 |Name|Topic|Objective & Instructions|Solution|Comments|
 |--------|--------|------|----|----|
-| My First VPC | VPC | [Exercise](new_vpc.md) | [Solution](solutions/new_vpc.md) | Easy |
-| Subnets | VPC | [Exercise](subnets.md) | [Solution](solutions/subnets.md) | Easy |
+| My First VPC | VPC | [Exercise](new_vpc.md) | [Solution](solutions/new_vpc.md) | |
+| Subnets | VPC | [Exercise](subnets.md) | [Solution](solutions/subnets.md) | |

-<a name="exercises-aws-databases"></a>
 ### Databases

 |Name|Topic|Objective & Instructions|Solution|Comments|
 |--------|--------|------|----|----|
-| MySQL DB | RDS | [Exercise](mysql_db.md) | [Solution](solutions/mysql_db.md) | Easy |
-| Aurora DB | RDS | [Exercise](aurora_db.md) | [Solution](solutions/aurora_db.md) | Easy |
-| ElastiCache | ElastiCache | [Exercise](elasticache.md) | [Solution](solutions/elasticache.md) | Easy |
+| MySQL DB | RDS | [Exercise](mysql_db.md) | [Solution](solutions/mysql_db.md) | |
+| Aurora DB | RDS | [Exercise](aurora_db.md) | [Solution](solutions/aurora_db.md) | |
+| ElastiCache | ElastiCache | [Exercise](elasticache.md) | [Solution](solutions/elasticache.md) | |

-<a name="exercises-aws-dns"></a>
 ### DNS

 |Name|Topic|Objective & Instructions|Solution|Comments|
 |--------|--------|------|----|----|
-Register Domain | Route 53 | [Exercise](register_domain.md) | [Solution](solutions/register_domain.md) | Easy |
-Creating Records | Route 53 | [Exercise](creating_records.md) | [Solution](solutions/creating_records.md) | Easy |
-Health Checks | Route 53 | [Exercise](health_checks.md) | [Solution](solutions/health_checks.md) | Easy |
-Failover | Route 53 | [Exercise](route_53_failover.md) | [Solution](solutions/route_53_failover.md) | Easy |
+Register Domain | Route 53 | [Exercise](register_domain.md) | [Solution](solutions/register_domain.md) | |
+Creating Records | Route 53 | [Exercise](creating_records.md) | [Solution](solutions/creating_records.md) | |
+Health Checks | Route 53 | [Exercise](health_checks.md) | [Solution](solutions/health_checks.md) | |
+Failover | Route 53 | [Exercise](route_53_failover.md) | [Solution](solutions/route_53_failover.md) | |

-<a name="exercises-aws-containers"></a>
 ### Containers

 |Name|Topic|Objective & Instructions|Solution|Comments|
 |--------|--------|------|----|----|
-| ECS Task | ECS, Fargate | [Exercise](ecs_task.md) | [Solution](solutions/ecs_task.md) | Easy |
+| ECS Task | ECS, Fargate | [Exercise](ecs_task.md) | [Solution](solutions/ecs_task.md) | |

-<a name="exercises-aws-lambda"></a>
 ### Lambda

 |Name|Topic|Objective & Instructions|Solution|Comments|
 |--------|--------|------|----|----|
-| Hello Function | Lambda | [Exercise](hello_function.md) | [Solution](solutions/hello_function.md) | Easy |
-| URL Function | Lambda | [Exercise](url_function.md) | [Solution](solutions/url_function.md) | Easy |
+| Hello Function | Lambda | [Exercise](hello_function.md) | [Solution](solutions/hello_function.md) | |
+| URL Function | Lambda | [Exercise](url_function.md) | [Solution](solutions/url_function.md) | |

-<a name="exercises-aws-elastic-beanstalk"></a>
 ### Elastic Beanstalk

 |Name|Topic|Objective & Instructions|Solution|Comments|
 |--------|--------|------|----|----|
-| Simple Elastic Beanstalk Node.js app | Elastic Beanstalk | [Exercise](elastic_beanstalk_simple.md) | [Solution](solutions/elastic_beanstalk_simple.md) | Easy |
+| Simple Elastic Beanstalk Node.js app | Elastic Beanstalk | [Exercise](elastic_beanstalk_simple.md) | [Solution](solutions/elastic_beanstalk_simple.md) | |

-<a name="exercises-aws-misc"></a>
 ### Misc

 |Name|Topic|Objective & Instructions|Solution|Comments|
 |--------|--------|------|----|----|
-| Budget Setup | Budget | [Exercise](budget_setup.md) | [Solution](solutions/budget_setup.md) | Easy |
-| No Application :'( | Troubleshooting | [Exercise](no_application.md) | [Solution](solutions/no_application.md) | Easy |
+| Budget Setup | Budget | [Exercise](budget_setup.md) | [Solution](solutions/budget_setup.md) | |
+| No Application :'( | Troubleshooting | [Exercise](no_application.md) | [Solution](solutions/no_application.md) | |

 ## Questions

-<a name="questions-aws-global-infra"></a>
 ### Global Infrastructure

 <details>
@@ -200,7 +192,6 @@ False. The minimum is 2 while the maximum is 6.
 * Pricing: the pricing might not be consistent across regions so, the price for the same service in different regions might be different.
 </b></details>

-<a name="questions-aws-iam"></a>
 ### IAM

 <details>
@@ -337,7 +328,6 @@ This policy permits to perform any action on any resource. It happens to be the
 IAM Access Advisor
 </b></details>

-<a name="questions-aws-ec2"></a>
 ### EC2

 <details>
@@ -370,8 +360,7 @@ True. As opposed to IAM for example, which is a global service, EC2 is a regiona
 AMI. With AMI (Amazon Machine Image) you can customize EC2 instances by specifying which software to install, what OS changes should be applied, etc.
 </b></details>

-<a name="questions-aws-ec2-ami"></a>
-#### EC2 - AMI
+#### AMI

 <details>
 <summary>What is AMI?</summary><br><b>
@@ -461,8 +450,7 @@ Storage Optimized:
 EBS
 </b></details>

-<a name="questions-aws-ec2-ebs"></a>
-#### AWS EC2 - EBS
+#### EBS

 <details>
 <summary>Explain Amazon EBS</summary><br><b>
@@ -559,8 +547,7 @@ SSD: gp2, gp3, io1, io2
 True.
 </b></details>

-<a name="questions-aws-ec2-instance-store"></a>
-#### AWS EC2 - Instance Store
+#### Instance Store

 <details>
 <summary>If you would like to have an hardware disk attached to your EC2 instead of a network one (EBS). What would you use?</summary><br><b>
@@ -581,8 +568,7 @@ It is mostly used for cache and temporary data purposes.
 Yes, the data on instance store is lost when they are stopped.
 </b></details>

-<a name="questions-aws-ec2-efs"></a>
-#### AWS EC2 - EFS
+#### EFS

 <details>
 <summary>What is Amazon EFS?</summary><br><b>
@@ -648,8 +634,7 @@ Performance Mode (General Purpose): Used for web serving, CMS, ... anything that
 * Infrequent access: lower prices to store files but it also costs to retrieve them
 </b></details>

-<a name="questions-aws-ec2-pricing-models"></a>
-#### AWS EC2 - Pricing Models
+#### Pricing Models

 <details>
 <summary>What EC2 pricing models are there?</summary><br><b>
@@ -910,8 +895,7 @@ True. This is because the operating system isn't restarted or stopped.
 * Usually combined with Reserved Instances and Saving Plans to achieve cost saving
 </b></details>

-<a name="questions-aws-ec2-launch-templates"></a>
-#### AWS EC2 - Launch Template
+#### Launch Template

 <details>
 <summary>What is a launch template?</summary><br><b>
@@ -930,8 +914,7 @@ In addition, launch template has the clear benefits of:
  * support creating parameters subsets (used for re-use and inheritance)
 </b></details>

-<a name="questions-aws-ec2-eni"></a>
-#### AWS EC2 - ENI
+#### ENI

 <details>
 <summary>Explain Elastic Network Interfaces (ENI)</summary><br><b>
@@ -959,8 +942,7 @@ False. ENI are bound to specific availability zone.
 True. They can be attached later on and on the fly (for failover purposes).
 </b></details>

-<a name="questions-aws-ec2-placement-groups"></a>
-#### AWS EC2 - Placement Groups
+#### Placement Groups

 <details>
 <summary>What are "Placement Groups"?</summary><br><b>
@@ -1008,8 +990,6 @@ Pros:
  * Maximized high availability (instances on different hardware, span across AZs)
 </b></details>

-<a name="questions-aws-identify-service"></a>
-
 ### Lambda

 <details>
@@ -1043,11 +1023,9 @@ False. Charges are being made when the code is executed.
 True
 </b></details>

-<a name="questions-aws-containers"></a>
 ### Containers

-<a name="questions-aws-containers-ecs"></a>
-#### Containers - ECS
+#### ECS

 <details>
 <summary>What is Amazon ECS?</summary><br><b>
@@ -1094,8 +1072,7 @@ EC2 Instance Profile used by ECS agent on an EC2 instance to:
 Using EFS is a good way to share data between containers and it works also between different AZs.
 </b></details>

-<a name="questions-aws-containers-fargate"></a>
-#### Containers - Fargate
+#### Fargate

 <details>
 <summary>What is AWS Fargate?</summary><br><b>
@@ -1118,14 +1095,16 @@ While in AWS Fargate, you don't provision or manage the infrastructure, you simp
 True.
 </b></details>

-<a name="questions-aws-s3"></a>
 ### S3

+#### Basics
+
 <details>
 <summary>Explain what is AWS S3?</summary><br><b>

-S3 stands for: Simple Storage Service.<br>
-S3 is a object storage service which is fast, scalable and durable. S3 enables customers to upload, download or store any file or object that is up to 5 TB in size.
+- S3 is a object storage service which is fast, scalable and durable. S3 enables customers to upload, download or store any file or object that is up to 5 TB in size.<br>
+- S3 stands for: Simple Storage Service
+- As a user you don't have to worry about filesystems or disk space
 </b></details>

 <details>
@@ -1134,12 +1113,6 @@ S3 is a object storage service which is fast, scalable and durable. S3 enables c
 An S3 bucket is a resource which is similar to folders in a file system and allows storing objects, which consist of data.
 </b></details>

-<details>
-<summary>True or False? A bucket name must be globally unique</summary><br><b>
-
-True
-</b></details>
-
 <details>
 <summary>Explain folders and objects in regards to buckets</summary><br><b>

@@ -1268,18 +1241,70 @@ Learn more [here](https://docs.aws.amazon.com/AmazonS3/latest/dev/transfer-accel
 	No. S3 support only statis hosts. On a static website, individual webpages include static content. They might also contain client-side scripts. By contrast, a dynamic website relies on server-side processing, including server-side scripts such as PHP, JSP, or ASP.NET. Amazon S3 does not support server-side scripting.
 </b></details>

+#### Buckets
+
+<details>
+<summary>True or False? A bucket name must be globally unique</summary><br><b>
+
+True
+</b></details>
+
+<details>
+<summary>How to rename a bucket in S3?</summary><br><b>
+
+A S3 bucket name is immutable. That means it's not possible to change it, without removing and creating a new bucket.
+
+This is why the process for renaming a bucket is as follows:
+
+* Create a new bucket with the desired name
+* Move the data from the old bucket to it
+* Delete the old bucket
+
+With the AWS CLI that would be:
+
+```sh
+# Create new bucket
+aws s3 mb s3://[NEW_BUCKET_NAME]
+# Sync the content from the old bucket to the new bucket
+$ aws s3 sync s3://[OLD_BUCKET_NAME] s3://[NEW_BUCKET_NAME]
+# Remove old bucket
+$ aws s3 rb --force s3://[OLD_BUCKET_NAME]
+```
+</b></details>
+
+#### Security
+
+<details>
+<summary>True or False? Every new S3 bucket is public by default</summary><br><b>
+
+False
+</b></details>
+
 <details>
 <summary>What security measures have you taken in context of S3?</summary><br><b>
-	* Enable versioning.
-	* Don't make bucket public.
+	* Don't make a bucket public.
 	* Enable encryption if it's disabled.
+    * Define an access policy
 </b></details>

 <details>
-<summary>What storage options are there for EC2 Instances?</summary><br><b>
+<summary>True or False? In case of SSE-AES encryption, you manage the key</summary><br><b>
+
+False. S3 manages the key and uses AES-256 algorithm for the encryption.
+</b></details>
+
+<details>
+<summary>True or False? In case of SSE-C encryption, both S3 and you manage the keys</summary><br><b>
+
+False. You manage the keys. It's customer provided key.
+</b></details>
+
+<details>
+<summary>True or False? Traffic between a host an S3 (e.g. uploading a file) is encrypted using SSL/TLS</summary><br><b>
+
+True
 </b></details>

-<a name="questions-aws-disaster-recovery"></a>
 ### Disaster Recovery

 <details>
@@ -1306,7 +1331,6 @@ Lowest - Multi-site
 Highest - The cold method
 </b></details>

-<a name="questions-aws-cloudfront"></a>
 ### CloudFront

 <details>
@@ -1341,7 +1365,6 @@ True
 A transport solution which was designed for transferring large amounts of data (petabyte-scale) into and out the AWS cloud.
 </b></details>

-<a name="questions-aws-elb"></a>
 ### ELB

 <details>
@@ -1526,7 +1549,6 @@ True
 The period of time or process of "draining" instances from requests/traffic (basically let it complete all active connections but don't start new ones) so it can be de-registered eventually and ELB won't send requests/traffic to it anymore.
 </b></details>

-<a name="questions-aws-asg"></a>
 ### Auto Scaling Group

 <details>
@@ -1604,7 +1626,6 @@ Lifecycle hooks allows you perform extra steps before the instance goes in servi
 Lifecycle hooks in pending state.
 </b></details>

-<a name="questions-aws-securtiy"></a>
 ### Security

 <details>
@@ -1743,11 +1764,9 @@ Amazon definition: "AWS Certificate Manager is a service that lets you easily pr
 Learn more [here](https://aws.amazon.com/certificate-manager)
 </b></details>

-<a name="questions-aws-db"></a>
 ### Databases

-<a name="questions-aws-db-rds"></a>
-#### Databases - RDS
+#### RDS

 <details>
 <summary>What is AWS RDS?</summary><br><b>
@@ -1880,8 +1899,7 @@ Note: The token has a lifetime of 15 minutes
 True. Since read replicas add endpoints, each with its own DNS name, you need to modify your app to reference these new endpoints to balance the load read.
 </b></details>

-<a name="questions-aws-db-aurora"></a>
-#### Databases - Aurora
+#### Aurora

 <details>
 <summary>What do you know about Amazon Aurora?</summary><br><b>
@@ -1933,8 +1951,7 @@ True. If your read replica instances exhaust their CPU, you can scale by adding
 Aurora multi-master is perfect for a use case where you want to have instant failover for write node.
 </b></details>

-<a name="questions-aws-db-dynamodb"></a>
-#### Databases - DynamoDB
+#### DynamoDB

 <details>
 <summary>What is AWS DynamoDB?</summary><br><b>
@@ -1964,8 +1981,7 @@ Amazon definition: "Amazon DynamoDB Accelerator (DAX) is a fully managed, highly
 Learn more [here](https://aws.amazon.com/dynamodb/dax)
 </b></details>

-<a name="questions-aws-db-elasticache"></a>
-#### Databases - ElastiCache
+#### ElastiCache

 <details>
 <summary>What is AWS ElastiCache? In what use case should it be used?</summary><br><b>
@@ -2022,8 +2038,7 @@ True.
 * Session Store: store temporary session data in cache
 </b></details>

-<a name="questions-aws-db-redshift"></a>
-#### Databases - RedShift
+#### RedShift

 <details>
 <summary>What is AWS Redshift and how is it different than RDS?</summary><br><b>
@@ -2058,7 +2073,6 @@ Learn more [here](https://aws.amazon.com/documentdb)
 EBS
 </b></details>

-<a name="questions-aws-vpc"></a>
 ### VPC

 <details>
@@ -2437,7 +2451,6 @@ API Gateway - to define the URL trigger (= when you insert the URL, the function
 Kinesis
 </b></details>

-<a name="questions-aws-dns"></a>
 ### DNS (Route 53)

 <details>
@@ -2670,8 +2683,7 @@ False. Route 53 Multi Value is not a substitute for ELB. It's focused on client-
 False. DNS service can be Route 53 (where you manage DNS records) while the domain itself can be purchased from other sources that aren't Amazon related (e.g. GoDadday).
 </b></details>

-<a name="questions-aws-monitoring-logging"></a>
-### Monitoring & Logging
+### Monitoring and Logging

 <details>
 <summary>What is AWS CloudWatch?</summary><br><b>
@@ -2709,8 +2721,7 @@ Read more about it [here](https://aws.amazon.com/sns)
  * Publishers - the provider of the message (event, person, ...)
 </b></details>

-<a name="questions-aws-billing-support"></a>
-### Billing & Support
+### Billing and Support

 <details>
 <summary>What is "AWS Organizations"?</summary><br><b>
@@ -2803,7 +2814,6 @@ True. You pay differently based on the chosen region.
 AWS Definition: "AWS Infrastructure Event Management is a structured program available to Enterprise Support customers (and Business Support customers for an additional fee) that helps you plan for large-scale events such as product or application launches, infrastructure migrations, and marketing events."
 </b></details>

-<a name="questions-aws-automation"></a>
 ### Automation

 <details>
@@ -2818,8 +2828,7 @@ Learn more [here](https://aws.amazon.com/codedeploy)
 <summary>Explain what is CloudFormation</summary><br><b>
 </b></details>

-<a name="questions-aws-misc"></a>
-###  Misc
+### Misc

 <details>
 <summary>Which AWS service you have experience with that you think is not very common?</summary><br><b>
@@ -3006,7 +3015,6 @@ AWS definition: "Amazon Simple Queue Service (SQS) is a fully managed message qu
 Learn more about it [here](https://aws.amazon.com/sqs)
 </b></details>

-<a name="questions-aws-ha"></a>
 ### High Availability

 <details>
@@ -3016,7 +3024,6 @@ Learn more about it [here](https://aws.amazon.com/sqs)
 * Application/Service should survive (= operate as usual) a data center disaster
 </b></details>

-<a name="questions-aws-migrations"></a>
 ### Production Operations and Migrations

 <details>
@@ -3076,7 +3083,6 @@ For example, if you go to your instances in the AWS console you might see that t
 Go to the security group of your instance(s) and enable the traffic that NLB should forward (e.g. TCP on port 80).
 </b></details>

-<a name="questions-aws-scenarios"></a>
 ### Scenarios

 <details>
@@ -3126,7 +3132,6 @@ Use Amazon EventBridge so every time a file is uploaded to an S3 bucket (event)
 Such task should have an ECS Task Role so it can get the object from the S3 bucket (and possibly other permissions if it needs to update the DB for example).
 </b></details>

-<a name="questions-aws-architecture-design"></a>
 ### Architecture Design

 <details>