AWS Certified Solutions Architect Associate (SAA02) – Free Practice Tests

Explanation

If you get an InsufficientInstanceCapacity error when you try to launch an instance or start a stopped instance, AWS does not currently have enough available capacity to service your request. In this situation, reserved instances offer the required reliability to avoid outages and loss of money. Reserved Instances are a long-term capacity reservation, and you will not have to rely on Amazon having enough on-demand capacity. Usually these capacity issues are short term, but due to the nature of the company even short outages can be very costly.

Explanation

The user may want to stop the automated scaling processes on the Auto Scaling groups either to perform manual operations or during emergency situations. To perform this, the user can suspend one or more scaling processes at any time. When the process is suspended and the user changes the desired capacity, the changes will take effect, but Auto Scaling will not be executed. Thus, the scaling activity will not happen even though there is a difference between the desired capacity and the current capacity.

Explanation

In AWS, ephemeral storage is only temporary storage. If the instance is stopped and started back all the data on ephemeral storage will be lost.

Explanation

To prevent the public DNS address for your instance from changing and breaking your installation, you can associate an Elastic IP address (EIP) to the instance you are using. You need to allocate an Elastic IP address for that instance (the first association is free). If you own a domain name and you want to use it for your blog, you can update the DNS record for the domain name to point to your EIP address. If you don’t already have a domain name for your blog, you can register a domain name with Amazon Route 53 and associate your instance’s EIP address with your domain name.

Explanation

You can place a network interface on each of your web servers that connects to a mid-tier network where an application server resides. The application server can also be dual-homed to a back-end network (subnet) where the database server resides. Instead of routing network packets through the dual-homed instances, each dual-homed instance receives and processes requests on the front end, initiates a connection to the back end, and then sends requests to the servers on the back-end network.

Explanation

Amazon API Gateway automatically protects your backend systems from distributed denial-of-service (DDoS) attacks, whether attacked with counterfeit requests (Layer 7) or SYN floods (Layer 3). Additional reading is available here (https://aws.amazon.com/api-gateway/faqs/).

AWS Shield Advanced includes intelligent DDoS attack detection and mitigation for not only for the network layer (layer 3) and transport layer (layer 4) attacks but also for application layer (layer 7) attacks.

NACLs do not provide DDoS mitigation. They are used to control ingress and egress into a subnet based on port and source IP range. Route 53 can protect against DNS based DDoS attacks but does not protect entire layers. Elastic Load Balancing can protect EC2 instances specifically, but not other AWS resources.

Explanation

Public and private subnets, except for the default VPC, do not automatically have Internet access enabled. To enable access to or from the Internet for instances in a VPC subnet, you must do the following:

Explanation

If you have multiple resources that perform the same function, for example, web servers or email servers, and you want Amazon Route 53 to route traffic only to the resources that are healthy, you can configure DNS failover by associating health checks with your resource record sets. If a health check determines that the underlying resource is unhealthy, Amazon Route 53 routes traffic away from the associated resource record set.

Explanation

Explanation

These types of issues can be investigated in a checklist type manner. First, it’s important to verify manually that the EC2 instances are properly functioning. If so, it becomes a network issue. Are the Security Groups configured properly? Are the ACLs configured properly? Once the instances are verified, it is most likely that a Security Group or ACL is not configured properly.

Explanation

Amazon RDS provides high availability and failover support for DB instances using Multi-AZ deployments. Multi-AZ deployments for Oracle, PostgreSQL, MySQL, and MariaDB DB instances use Amazon technology, while SQL Server DB instances use SQL Server Mirroring.

Explanation

You can create a VPC with an instance tenancy of dedicated to ensure that all instances launched into the VPC are dedicated instances. Alternatively, you can specify the tenancy of the instance during launch

Explanation

AWS is responsible for what is known as Security ‘of’ the Cloud. This covers their global infrastructure elements – Regions, Availability Zones, and Edge Locations, and also the foundations of their services covering Compute, Storage, Database, and Network

Explanation

Amazon Web Services has massive hardware resources at its data centers, but they are finite. The best way for users to maximize their access to these resources is by reserving a portion of the computing capacity that they require. This can be done through reserved instances. With reserved instances, the user literally reserves the computing capacity in the Amazon Web Services cloud.

Explanation

The Simple Monthly Calculator is used to calculate projected costs, assuming you know what AWS resources you’ll be consuming.

Explanation

The Total Cost of Ownership (TCO) Calculator is a free service offered by AWS to allow you to compare the cost of on-premises servers and AWS cloud services. It requires users to answer a short series of questions and then provides a detailed report on the potential AWS cloud environment that would mirror their on-premise systems.

Explanation

Each Amazon S3 bucket and object has an ACL (Access Control List) associated with it. An ACL is a list of grants identifying the grantee and the permission granted. The user can use ACLs to grant basic read/write permissions to other AWS accounts. ACLs use an Amazon S3–specific XML schema. The user cannot grant permissions to other users in his account. ACLs are suitable for specific scenarios. For example, if a bucket owner allows other AWS accounts to upload objects, permissions to these objects can only be managed using the object ACL by the AWS account that owns the object

Explanation

You can use AWS Identity and Access Management (IAM) roles and AWS Security and Token Service (STS) to set up cross-account access between AWS accounts. When you assume an IAM role in another AWS account to obtain cross-account access to services and resources in that account, AWS Cloudtrail logs the cross-account activity.

Explanation

Auto Scaling is an AWS service that allows you to increase or decrease the number of EC2 instances within your application’s architecture. With Auto Scaling, you create collections of EC2 instances, called Auto Scaling groups. You can create these groups from scratch, or from existing EC2 instances that are already in production

Explanation

You restrict access to Amazon S3 content by creating an origin access identity, which is a special CloudFront user. You change Amazon S3 permissions to give the origin access identity permission to access your objects, and to remove permissions from everyone else. When your users access your Amazon S3 objects using CloudFront URLs, the CloudFront origin access identity gets the objects on your users’ behalf. If your users try to access objects using Amazon S3 URLs, they’re denied access. The origin access identity has permission to access objects in your Amazon S3 bucket, but users don’t.

Explanation

You can place a network interface on each of your web servers that connects to a mid-tier network where an application server resides. The application server can also be dual-homed to a back-end network (subnet) where the database server resides. Instead of routing network packets through the dual-homed instances, each dual-homed instance receives and processes requests on the front end, initiates a connection to the back end, and then sends requests to the servers on the back-end network.

Explanation

You can set up a variety of failover configurations using Amazon Route 53 alias: weighted, latency, geolocation routing, and failover resource record sets. Active-active failover: Use this failover configuration when you want all of your resources to be available the majority of the time. When a resource becomes unavailable, Amazon Route 53 can detect that it’s unhealthy and stop including it when responding to queries. Active-passive failover: Use this failover configuration when you want a primary group of resources to be available the majority of the time and you want a secondary group of resources to be on standby in case all of the primary resources become unavailable. When responding to queries, Amazon Route 53 includes only the healthy primary resources. If allof the primary resources are unhealthy, Amazon Route 53 begins to include only the healthy secondary resources in response to DNS queries. Active-active-passive and other mixed configurations: You can combine alias and non-alias resource record sets to produce a variety of Amazon Route 53 behaviors.

Explanation

Explanation

Security Groups are essentially stateful firewalls at the instance level. Security Groups are associated with instances at launch time, and restrict or allow traffic based on port, protocol, and source/destination.

Explanation

Each CloudWatch alarm watches a single metric and sends messages to Auto Scaling when the metric breaches a threshold that you specify in your policy. Changing the scale down the CloudWatch metric to a higher threshold will not cost any more.

Auto Scaling also supports adding life-cycle hooks to Auto Scaling groups. These hooks enable you to control how instances launch and terminate within an Auto Scaling group; you can perform actions on the instance before it is put into service or before it is terminated. This is also cost-efficient and hence also a correct answer.

All the other answers will not optimize costs.

Explanation

DynamoDB supports two types of secondary indexes: Local secondary index –an index that has the same hash key as the table, but a different range key. A local secondary index is “local” in the sense that every partition of a local secondary index is scoped to a table partition that has the same hash key. Global secondary index –an index with a hash and range key that can be different from those on the table. A global secondary index is considered “global” because queries on the index can span all of the data in a table, across all partitions

Explanation

Amazon EC2 allows you to set up and configure everything about your instances from your operating system up to your applications. An Amazon Machine Image (AMI) is simply a packaged-up environment that includes all the necessary bits to set up and boot your instance. M1 and M3 Standard instances have the same ratio of CPU and memory, some reasons below as to why you would use one over the other. M3 instances provide better, more consistent performance that M1 instances for most use-cases. M3 instances also offer SSD-based instance storage that delivers higher I/O performance. M3 instances are also less expensive than M1 instances. Due to these reasons, we recommend M3 for applications that require general purpose instances with a balance of compute, memory, and network resources. However, if you need more disk storage than what is provided in M3 instances, you may still find M1 instances useful for running your applications

Explanation

In Amazon Route 53, you cannot create a hosted zone for a top-level domain (TLD).

Explanation

You can choose between three EBS volume types to best meet the needs of their workloads: General Purpose (SSD), Provisioned IOPS (SSD), and Magnetic. General Purpose (SSD) is the new, SSD-backed, general purpose EBS volume type that we recommend as the default choice for customers. General Purpose (SSD) volumes are suitable for a broad range of workloads, including small to medium sized databases, development and test environments, and boot volumes. Provisioned IOPS (SSD) volumes offer storage with consistent and low-latency performance, and are designed for I/O intensive applications such as large relational or NoSQL databases. Magnetic volumes provide the lowest cost per gigabyte of all EBS volume types. Magnetic volumes are ideal for workloads where data is accessed infrequently, and applications where the lowest storage cost is important

Explanation

As with all Amazon Web Services, you pay only for what you use. For Elastic Load Balancing, you pay for each hour or portion of an hour that the service is running, and you pay for each gigabyte of data that is transferred through your load balancer.

Explanation

Auto Scaling can start and stop the instance at a pre-defined time. Here, the total running time is unknown. Thus, the user has to use the CloudWatch alarm, which monitors the CPU utilization. The user can create an alarm that is triggered when the average CPU utilization percentage has been lower than 10 percent for 24 hours, signaling that it is idle and no longer in use. When the utilization is below the threshold limit, it will terminate the instance as a part of the instance action.

Explanation

With IAM, you can centrally manage users, security credentials such as access keys, and permissions that control which AWS resources users can access. In some cases, you might have an IAM user with full access to IAM and Amazon S3. If the IAM user assigns a bucket policy to an Amazon S3 bucket and doesn’t specify the root user as a principal, the root user is denied access to that bucket. However, as the root user, you can still access the bucket by modifying the bucket policy to allow root user access.

Explanation

The organization can always launch multiple EC2 instances in the same region across multiple availability zones for high availability and disaster recovery. It is recommended that the application should be load balanced for better load distribution. When the organization must support a workload that could be met with a small number of large instances, it is recommended to distribute the load by creating four small instances across availability zones. The two large instances give only 50% redundancy while the four small instances give 75% redundancy. As for cost, both the scenarios are the same it is recommended to run four small instances across availability zones

Explanation

The key is that the requirement is for high availability at the web-tier. While multi-AZ deployments and cross-region replication can contribute to high availability, they are each at the storage tier. Route 53 with Health Checks and Failover, Elastic Load Balancer (with health checks and various forms of load balancing, and auto scaling groups create high availability at the web tier.

Explanation

To establish a baseline you should, at a minimum, monitor the following items:

• CPU Utilization
• Memory Utilization
• Network Utilization
• Disk Performance
• Disk Space.

Explanation

If an IAM user wants to launch an EC2 instance, you need to grant the EC2 RunInstance permission to that user. If the EC2 instance should include an instance profile—that is, if applications in the EC2 instance will be able to get temporary security credentials via an IAM role—the user who launches the EC2 instance must also have the IAM PassRole permission. Not only that, but the user might need PassRole permission to associate a specific role with the EC2 instance.

Explanation

Amazon RDS manages the work involved in setting up a relational database: from provisioning the infrastructure capacity you request to installing the database software. Once your database is up and running, Amazon RDS automates common administrative tasks such as performing backups and patching the software that powers your database. With optional multi-AZ deployments, Amazon RDS also manages synchronous data replication across Availability Zones with automatic failover.

Since Amazon RDS provides native database access, you interact with the relational database software as you normally would. This means you’re still responsible for managing the database settings that are specific to your application. You’ll need to build the relational schema that best fits your use case and are responsible for any performance tuning to optimize your database for your application’s workflow.

Explanation

Application Load Balancer
You are charged for each hour or partial hour that an Application Load Balancer is running and the number of Load Balancer Capacity Units (LCU) used per hour.

Network Load Balancer
You are charged for each hour or partial hour that a Network Load Balancer is running and the number of Load Balancer Capacity Units (LCU) used by Network Load Balancer per hour.

Classic Load Balancer
You are charged for each hour or partial hour that a Classic Load Balancer is running and for each GB of data transferred through your load balancer.

Explanation

Regarding Amazon Route 53, if your application is running on Amazon EC2 instances in two or more regions, and if you have more than one Amazon EC2 instance in one or more regions, you can use latency-based routing to route traffic to the correct region and then use weighted resource record sets to route traffic to instances within the region based on weights that you specify

Explanation

To configure a bucket for static website hosting, you add a website configuration to your bucket. The configuration includes an index document, error documents, redirects of all requests that are intended for the index page, and any conditional redirects. Amazon S3 does not support server-side scripting.

Explanation

An archive is a durably stored block of information. You store your data in Amazon Glacier as archives. You may upload a single file as an archive, but your costs will be lower if you aggregate your data. TAR and ZIP are common formats that customers use to aggregate multiple files into a single file before uploading to Amazon Glacier. The total volume of data and number of archives you can store are unlimited. Individual Amazon Glacier archives can range in size from 1 byte to 40 terabytes. The largest archive that can be uploaded in a single upload request is 4 gigabytes. For items larger than 100 megabytes, customers should consider using the Multipart upload capability. Archives stored in Amazon Glacier are immutable, i.e. archives can be uploaded and deleted but cannot be edited or overwritten.

Explanation

If you get an InsufficientInstanceCapacity error when you try to launch an instance or start a stopped instance, AWS does not currently have enough available capacity to service your request. In this situation, reserved instances offer the required reliability to avoid outages and loss of money. Reserved Instances are a long-term capacity reservation, and you will not have to rely on Amazon having enough on-demand capacity. Usually these capacity issues are short term, but due to the nature of the company even short outages can be very costly.

Explanation

Elastic Load Balancing supports both Internet Protocol version 6 (IPv6) and Internet Protocol version 4 (IPv4). Clients can connect to the user’s load balancer using either IPv4 or IPv6 (in EC2-Classic) DNS. However, communication between the load balancer and its back-end instances uses only IPv4. The user can use the Dualstack-prefixed DNS name to enable IPv6 supportfor communications between the client and the load balancers. Thus, the clients are able to access the load balancer using either IPv4 or IPv6 as their individual connectivity needs dictate.

Explanation

The AWS Storage Gateway is a service connecting an on-premises software appliance with cloud-based storage to provide seamless and secure integration between an organization’s on-premises IT environment and AWS’s storage infrastructure. AWS Storage Gateway billing is as follows. Volume storage usage (per GB per month): You are billed for the Cached volume data you store in Amazon S3. You are only billed for volume capacity you use, not for the size of the volume you create. Snapshot Storage usage (per GB per month): You are billed for the snapshots your gateway stores in Amazon S3. These snapshots are stored and billed as Amazon EBS snapshots. Snapshots are incremental backups, reducing your storage charges. When taking a new snapshot, only the data that has changed since your last snapshot is stored. Virtual Tape Library usage (per GB per month): You are billed for the virtual tape data you store in Amazon S3. You are only billed for the portion of virtual tape capacity that you use, not for the size of the virtual tape. Virtual Tape Shelf usage (per GB per month): You are billed for the virtual tape data you store in Amazon Glacier. You are only billed for the portion of virtual tape capacity that you use, not for the size of the virtual tape

Explanation

If you have multiple resources that perform the same function, for example, web servers or email servers, and you want Amazon Route 53 to route traffic only to the resources that are healthy, you can configure DNS failover by associating health checks with your resource record sets. If a health check determines that the underlying resource is unhealthy, Amazon Route 53 routes traffic away from the associated resource record set.

Explanation

For protecting the Amazon EBS data at REST, the user can use options, such as Data Encryption (Windows / Linux / third party based), Data Replication (AWS internally replicates data for redundancy), and Data Snapshot (for point in time backup). Reference: http://media.amazonwebservices.com/AWS_Security_Best_Practices.pdf

Explanation

Read replicas of your master database allow you to increase performance. Placing your read replicas in different AWS regions closer to your users will maximize performance and increase the availability of your database.

Explanation

Amazon CloudWatch Alarms have three possible states: OK: The metric is within the defined threshold ALARM: The metric is outside of the defined threshold INSUFFICIENT_DATA: The alarm has just started, the metric is not available, or not enough data is available for the metric to determine the alarm state

Explanation

AWS is responsible for what is known as Security ‘of’ the Cloud. This covers their global infrastructure elements – Regions, Availability Zones, and Edge Locations, and also the foundations of their services covering Compute, Storage, Database, and Network

Explanation

Running a DB Instance as a Multi-AZ deployment can further reduce the impact of a maintenance event because Amazon RDS will conduct maintenance by following these steps: Perform maintenance on the standby.

Explanation

Most of these choices improve the responsiveness of CloudWatch in some way, but the aspect of this question is improving the responsiveness of CloudWatch alarms you have already implemented. This means you are not interested in additional metric information outside of the custom metrics you’ve already created in CloudWatch, and any features that increase responsiveness to metrics other than what you want will not be beneficial.

So, creating CloudWatch Log metric filters for default RDS metrics will not help, even though this can provide 1-second granularity, it is unlikely the logs will indicate overall latency and throughput of reads and writes, as these performance metrics are not related to specific API calls, but rather general database performance.

Performance Insights allow you to review and analyze your RDS database performance overall, but is not ideal for identifying a performance issue in real-time.

Enabling Enhanced monitoring does provide increased insight into RDS database performance, and with the increased granularity of 5 seconds instead of 60 seconds, or potentially even 1-second granularity through CloudWatch Log Streams. However, Enhanced Monitoring provides specific operating system metrics and other performance metrics, and would not apply to the custom metric you have created using CloudWatch.

Enabling Detailed Monitoring will increase the delivery of average metrics from every 5 minutes to every minute, and this will apply to your custom metrics as well.

In addition, creating a Route 53 CloudWatch Alarm Health Check will monitor the transmission of data to CloudWatch, and can effectively alert you before the CloudWatch alarm is even triggered.

Explanation

Multipart uploads must be used for files greater than 5 GB. Cross-region replication is used to reduce latency by placing objects closer to users. This would address the issue of having users in different continents. Another use case for cross-region replication is to meet compliance requirements of storing backup data a certain distance from their origin.

Explanation

With target tracking scaling policies, you select a scaling metric and set a target value. Amazon EC2 Auto Scaling creates and manages the CloudWatch alarms that trigger the scaling policy and calculates the scaling adjustment based on the metric and the target value. The scaling policy adds or removes capacity as required to keep the metric at, or close to, the specified target value. In addition to keeping the metric close to the target value, a target tracking scaling policy also adjusts to the changes in the metric due to a changing load pattern.

Explanation

Recovery takes IOPS; therefore, insufficient IOPS will slow down failover time. Database recovery relies on transactions; therefore, smaller transactions will shorten failover time.

Explanation

AWS Storage Gateway enables applications that are clustered using Windows Server Failover Clustering (WSFC) to use the iSCSI initiator to access a gateway’s volumes. However, connecting multiple hosts to the same iSCSI target is not supported. When using Red Hat Enterprise Linux (RHEL), you use the iscsi-initiator-utils RPM package to connect to your gateway iSCSI targets (volumes or VTL devices).

Explanation

Amazon DynamoDB is a managed NoSQL database service offered by Amazon. It automatically manages tasks like scalability for you while it provides high availability and durability for your data, allowing you to concentrate in other aspects of your application

Explanation

To handle a higher load in your database, you can vertically scale up your master database with a simple push of a button. There are currently over 18 instance sizes that you can choose from when resizing your RDS MySQL, PostgreSQL, MariaDB, Oracle, or Microsoft SQL Server instance. For Amazon Aurora, you have 5 memory-optimized instance sizes to choose from. There is minimal downtime when you are scaling up on a Multi-AZ environment because the standby database gets upgraded first, then failover will occur to the newly sized database. A Single-AZ instance will be unavailable during the scale operation

Explanation

When scaling a database, you can increase the storage capacity of a DB Instance up to a maximum of 64 terabytes (TiB). Please note that scaling the storage allocation with Amazon RDS does not incur a database outage. The performance will be increased as well.

Explanation

Elastic Beanstalk environments can be changed after creation. For example, if you have a compute-intensive application, you can change the type of Amazon EC2 instance that is running your application. To do this, you use the Scaling option in the management page of the Elastic Beanstalk console and change the minimum instance count.

Explanation

Explanation

A principal is an IAM entity that is allowed to interact with AWS resources. The Principal element specifies the user, account, service, or other entity that is allowed or denied access to a resource. The Principal element is relevant only in a bucket policy; you don’t specify it in a user policy because you attach user policy directly to a specific user.

Explanation

A Virtual Private Cloud (VPC) is a virtual network dedicated to the user’s AWS account. A user can create a subnet with VPC and launch instances inside that subnet. When the user is launching an instance he needs to select an option which attaches a public IP to the instance. If the user has not selected the option to attach the public IP, then it will only have a private IP when launched. If the user wants to connect to an instance from the Internet, he should create an elastic IP with VPC. If the elastic IP isa part of EC2 Classic, it cannot be assigned to a VPC instance.

Explanation

By upgrading to a larger t2 instance, you not only improve baseline compute power, you also improve the ability to handle bursts. Each T2 instance receives CPU Credits continuously at a set rate depending on the instance size. These credits provide the ability to handle bursts. You can also create a RAID 0 to maximize utilization of instance resources.

Explanation

In AWS EC2, while configuring a security group, the user needs to specify the IP address in CIDR notation. The CIDR IP range 10.20.30.40/32 says it is for a single IP 10.20.30.40. If the user specifies the IP as 10.20.30.40 only, the security group will not accept and ask it in a CIDR format

Explanation

If you use PuTTY to connect to your instances verify that your private key (.pem) file has been converted to the format recognized by PuTTY (.ppk). PuTTY does not natively support the private key format (.pem) generated by Amazon EC2. PuTTY has a tool named PuTTYgen, which can convert keys to the required PuTTY format (.ppk). You must convert your private key into this format (.ppk) before attempting to connect to your instance using PuTTY.

Explanation

To host a static website, the user needs to configure an Amazon S3 bucket for website hosting and then upload the website contents to the bucket. The website is then available at the region-specific website endpoint of the bucket.

If the user has an index.html object as part of the bucket, the user can always host it without the website hosting feature. However, it will require an absolute URL of the object. In this case the user can access the whole bucket as a website and need not refer individual objects separately.

Explanation

Amazon S3 storage offers very high durability, but it is still a best practice to protect against user level deletion or overwriting of data using versioning, cross-region replication, and MFA Delete.

Explanation

You can use the infrequent access to reduce the cost of certain classes of objects, as well as send older objects to Glacier for archiving at a much lower cost.

Note that data transfer into S3 is always free. So if you want to reduce your cost, using Snowball might speed up moving large data sets however it will not reduce your cost

Explanation

After you launch an instance in EC2-Classic, you can’t change its security groups. However, you can add rules to or remove rules from a security group, and those changes are automatically applied to all instances that are associated with the security group

Explanation

The user can join multiple provisioned IOPS volumes together in a RAID 1 configuration to achieve better fault tolerance. RAID 1 does not provide a write performance improvement, it requires more bandwidth than non-RAID configurations since the data is written simultaneously to multiple volumes.

Explanation

Networking performance offered by the c4.8xlarge instance is 10 Gigabit

Explanation

Each Amazon S3 bucket and object has an ACL (Access Control List) associated with it. An ACL is a list of grants identifying the grantee and the permission granted. The user can use ACLs to grant basic read/write permissions to other AWS accounts. ACLs use an Amazon S3–specific XML schema. The user cannot grant permissions to other users in his account. ACLs are suitable for specific scenarios. For example, if a bucket owner allows other AWS accounts to upload objects, permissions to these objects can only be managed using the object ACL by the AWS account that owns the object

Explanation

Several factors can affect the performance of Amazon EBS volumes, such as instance configuration, I/O characteristics, workload demand, and storage configuration. IOPS are input/output operations per second. Amazon EBS measures each I/O operation per second (that is 256 KB or smaller) as one IOPS. I/O operations that are larger than 256 KB are counted in 256 KB capacity units. For example, a 1,024 KB I/O operation would count as 4 IOPS. When you provision a 4,000 IOPS volume and attach it to an EBS-optimized instance that can provide the necessary bandwidth, you can transfer up to 4,000 chunks of data per second (provided that the I/O does not exceed the 128 MB/s per volume throughput limit of General Purpose (SSD) and Provisioned IOPS (SSD) volumes).

Explanation

When you are unable to connect to a new database, it is often because the DB instance creation is still in progress and is not available yet. A reasonable amount of time to wait (at most) is 20 to 30 minutes. Beyond that, there is likely a problem. A common pattern in DB implementation involves placing databases in private subnets for additional security. If you follow this practice, make sure that the Security Groups provide appropriate ingress and egress to the DB instance

Explanation

Explanation

When using Amazon Import/Export, a separate job request needs to be submitted for each physical device even if they belong to the same import or export job.

Explanation

S3 bucket access control lists are a legacy access control mechanism, created before IAM existed. S3 bucket ACLs are best used for a limited set of use cases

Explanation

When you create a default VPC, the following components are created with it:

Explanation

Amazon EC2 supports the following storage options: Amazon Elastic Block Store (Amazon EBS) Amazon EC2 Instance Store Amazon Simple Storage Service (Amazon S3) Reference:

Explanation

Dynamic scaling can provide a very robust scaling option. But it is not the only option and not always the best option in all scenarios. Manual scaling and scheduled scaling also have use cases where they may be a better choice than dynamic scaling. Increasing resources to improve performance is certainly the most common use case for scaling. However, it is important also to be aware of the effects of scaling on cost. Utilizing auto scaling in conjunction with Cloudwatch monitoring can help insure that resources are scaled in and out appropriately and that money is not wasted on idle or underused resources