Название | AWS Certified Solutions Architect Study Guide |
---|---|
Автор произведения | David Higby Clinton |
Жанр | Зарубежная компьютерная литература |
Серия | |
Издательство | Зарубежная компьютерная литература |
Год выпуска | 0 |
isbn | 9781119713104 |
Exam Essentials
Understand how to provision and launch an EC2 instance. You'll need to select the right AMI and instance type, configure a security group, add any extra storage volumes that might be needed, point to any necessary user data and scripts, and, ideally, tag all the elements using descriptive key values.
Understand how to choose the right hardware/software profile for your workload. Consider the benefits of building your own image against the ease and simplicity of using a marketplace, community, or official AMI. Calculate the user demand you expect your application to generate so that you can select an appropriate instance type. Remember that you can always change your instance type later if necessary.
Understand EC2 pricing models and how to choose one to fit your needs. Know how to calculate whether you'll be best off on the spot market, with on‐demand, or with reserve—or some combination of the three.
Understand how to configure a security group to balance access with security to match your deployment profile. Security groups act as firewalls, applying policy rules to determine which network traffic is allowed through. You can control traffic based on a packet's protocol and network port and its source and intended destination.
Know how to access a running instance. Instance data, including private and public IP addresses, can be retrieved from the AWS Console, through the AWS CLI, and from metadata queries on the instance itself. You'll need this information so that you can log in to administer the instance or access its web‐facing applications.
Understand the features and behavior of storage volume types. SSD volumes can achieve higher IOPS and, therefore, lower latency, but they come at a cost that's higher than traditional hard drives.
Know how to create a snapshot from a storage volume and how to attach the snapshot to a different instance. Any EBS drive can be copied and either attached to a different instance or used to generate an image that, in turn, can be made into an AMI and shared or used to launch any number of new instances.
Be able to configure EC2 Auto Scaling. Auto Scaling can help you avoid application failures by automatically provisioning new instances when you need them, avoiding instance failures caused by resource exhaustion. When an instance failure does occur, Auto Scaling steps in and creates a replacement.
Review Questions
1 You need to deploy multiple EC2 Linux instances that will provide your company with virtual private networks (VPNs) using software called OpenVPN. Which of the following will be the most efficient solutions? (Choose two.)Select a regular Linux AMI and bootstrap it using user data that will install and configure the OpenVPN package on the instance and use it for your VPN instances.Search the community AMIs for an official AMI provided and supported by the OpenVPN company.Search the AWS Marketplace to see whether there's an official AMI provided and supported by the OpenVPN company.Select a regular Linux AMI and SSH to manually install and configure the OpenVPN package.Create a Site‐to‐Site VPN Connection from the wizard in the AWS VPC dashboard.
2 As part of your company's long‐term cloud migration strategy, you have a VMware virtual machine in your local infrastructure that you'd like to copy to your AWS account and run as an EC2 instance. Which of the following will be necessary steps? (Choose two.)Import the virtual machine to your AWS region using a secure SSH tunnel.Import the virtual machine using VM Import/Export.Select the imported VM from among your private AMIs and launch an instance.Select the imported VM from the AWS Marketplace AMIs and launch an instance.Use the AWS CLI to securely copy your virtual machine image to an S3 bucket within the AWS region you'll be using.
3 Your AWS CLI command to launch an AMI as an EC2 instance has failed, giving you an error message that includes InvalidAMIID.NotFound. What of the following is the most likely cause?You haven't properly configured the ~/.aws/config file.The AMI is being updated and is temporarily unavailable.Your key pair file has been given the wrong (overly permissive) permissions.The AMI you specified exists in a different region than the one you've currently specified.
4 The sensitivity of the data your company works with means that the instances you run must be secured through complete physical isolation. What should you specify as you configure a new instance?Dedicated Host tenancyShared tenancyDedicated Instance tenancyIsolated tenancy
5 Normally, two instances running m5.large instance types can handle the traffic accessing your online e‐commerce site, but you know that you will face short, unpredictable periods of high demand. Which of the following choices should you implement? (Choose two.)Configure autoscaling.Configure load balancing.Purchase two m5.large instances on the spot market and as many on‐demand instances as necessary.Shut down your m5.large instances and purchase instances using a more robust instance type to replace them.Purchase two m5.large reserve instances and as many on‐demand instances as necessary.
6 Which of the following use cases would be most cost effective if run using spot market instances?Your e‐commerce website is built using a publicly available AMI.You provide high‐end video rendering services using a fault‐tolerant process that can easily manage a job that was unexpectedly interrupted.You're running a backend database that must be reliably updated to keep track of critical transactions.Your deployment runs as a static website on S3.
7 In the course of a routine infrastructure audit, your organization discovers that some of your running EC2 instances are not configured properly and must be updated. Which of the following configuration details cannot be changed on an existing EC2 instance?AMIInstance typeSecurity groupPublic IP address
8 For an account with multiple resources running as part of multiple projects, which of the following key/value combination examples would make for the most effective identification convention for resource tags?servers:server1project1:server1EC2:project1:server1server1:project1
9 Which of the following EBS options will you need to keep your data‐hungry application that requires up to 20,000 IOPS happy?Cold HDDGeneral‐purpose SSDThroughput‐optimized HDDProvisioned‐IOPS SSD
10 Your organization needs to introduce Auto Scaling to its infrastructure and needs to generate a “golden image” AMI from an existing EBS volume. This image will need to be shared among multiple AWS accounts belonging to your organization. Which of the following steps will get you there? (Choose three.)Create an image from a detached EBS volume, use it to create a snapshot, select your new AMI from your private collection, and use it for your launch configuration.Create a snapshot of the EBS root volume you need, use it to create an image, select your new AMI from your private collection, and use it for your launch configuration.Create an image from the EBS volume attached to the instance, select your new AMI from your private collection, and use it for your launch configuration.Search the AWS Marketplace for the appropriate image and use it for your launch configuration.Import the snapshot of an EBS root volume from a different AWS account, use it to create an image, select your new AMI from your private collection, and use it for your launch configuration.
11 Which of the following are benefits of instance store volumes? (Choose two.)Instance volumes are physically attached to the server that's hosting your instance, allowing faster data access.Instance volumes can be used to store data even after the instance is shut down.The use of instance volumes does not incur costs (beyond those for the instance itself).You can set termination protection so that an instance volume can't be accidentally shut down.Instance volumes are commonly used as a base for the creation of AMIs.
12 According to default behavior (and AWS recommendations), which of the following IP addresses could be assigned as the private IP for an EC2 instance? (Choose two.)54.61.211.9823.176.92.3172.17.23.4310.0.32.176192.140.2.118
13 You need to restrict access to your EC2 instance‐based