search

Which Amazon web services AWS offering allows customers to aggregate billing for many accounts?

1 Jahrs vor
Kommentare: 0
Ansichten: 175

Which Amazon web services AWS offering allows customers to aggregate billing for many accounts?

Show

Chris Kuo/Dr. Dataman

Aug 6, 2021

25 min read

If you are interested in taking the AWS exams, you probably know the benefits in your career advancement. According to the survey by Zip Recruiter in 2021, the average salary for an AWS Solution Architect Associate is $155,005/year and an AWS Solution Architect Professional is $163,525/year in North America. My post “The Guide to the AWS Certifications” walks you…

AWS VPN & AWS Direct Connect

In cloud computing, hybrid cloud refers to the use of both on-premises resources in addition to public cloud resources. A hybrid cloud enables an organization to migrate applications and data to the cloud, extend their datacenter capacity, utilize new cloud-native capabilities, move applications closer to customers, and create a backup and disaster recovery solution with cost-effective high availability. By working closely with enterprises, AWS has developed the industry's broadest set of hybrid capabilities across storage, networking, security, application deployment, and management tools to make it easy for you to integrate the cloud as a seamless and secure extension of your existing investments.

AWS Virtual Private Network (AWS VPN) provides an internet-based Site-to-Site connection that enables you to securely connect your on-premises network or branch office site to your Amazon Virtual Private Cloud (Amazon VPC). A VPC VPN Connection utilizes IPSec to establish encrypted connectivity between your network and Amazon VPC over the Internet. VPN Connections can be configured in minutes and are a good solution if you have an immediate need, have low to modest bandwidth requirements, and can tolerate the inherent variability in Internet-based connectivity.

AWS Direct Connect does not involve the Internet; instead, it uses dedicated, private network connections between your on-premises network or branch office site and Amazon VPC. AWS Direct Connect is a network service that provides an alternative to using the Internet to connect customer's on-premise sites to AWS. Using AWS Direct Connect, data that would have previously been transported over the Internet can now be delivered through a private network connection between AWS and your datacenter or corporate network. Companies of all sizes use AWS Direct Connect to establish private connectivity between AWS and datacenters, offices, or colocation environments. Compared to AWS VPN (Internet-based connection), AWS Direct Connect can reduce network costs, increase bandwidth throughput, and provide a more consistent network experience.

Additional information:
Besides the connectivity options that AWS provides, AWS provides many features to support building more efficient hybrid cloud architectures. For example, AWS Identity and Access Management (IAM) can grant your employees and applications access to the AWS Management Console and AWS service APIs using your existing corporate identity systems. AWS IAM supports federation from corporate systems like Microsoft Active Directory, as well as external Web Identity Providers like Google and Facebook.

A.

Explanation
Amazon ElastiCache is a web service that makes it easy to deploy, operate, and scale an in-memory data store or cache in the cloud. The service improves the performance of web applications by allowing you to retrieve information from fast, managed, in-memory data stores, instead of relying entirely on slower disk-based databases.
The primary purpose of an in-memory data store is to provide ultrafast (submillisecond latency) and inexpensive access to copies of data. Querying a database is always slower and more expensive than locating a copy of that data in a cache. Some database queries are especially expensive to perform. An example is queries that involve joins across multiple tables or queries with intensive calculations. By caching (storing) such query results, you pay the price of the query only once. Then you can quickly retrieve the data multiple times without having to re-execute the query.

The other options are incorrect:

"AWS Storage Gateway" is incorrect. AWS Storage Gateway is not a caching service, it is a hybrid storage service that enables your on-premises applications to seamlessly use AWS cloud storage.

"Amazon EBS volume" is incorrect. An Amazon EBS volume is a durable, block-level storage device that you can attach to a single EC2 instance. You can use EBS volumes as primary storage for data that requires frequent updates, such as the system drive for an instance or storage for a database application. You can also use them for throughput-intensive applications that perform continuous disk scans.

"AWS OpsWorks" is incorrect. AWS OpsWorks is a configuration management service that provides managed instances of Chef and Puppet. Chef and Puppet are automation platforms that allow you to use code to automate the configurations of your servers. OpsWorks lets you use Chef and Puppet to automate how servers are configured, deployed, and managed across your Amazon EC2 instances or on-premises compute environments.

C.

Explanation
In the traditional data center-based model of IT, once infrastructure is deployed, it typically runs whether it is needed or not, and all the capacity is paid for, regardless of how much it gets used. In the cloud, resources are elastic, meaning they can instantly grow ( to maintain performance) or shrink ( to reduce costs).

The other options are incorrect.

"Adopt monolithic architecture" is incorrect. AWS recommends adopting microservices architecture, not monolithic architecture. With monolithic architectures, application components are tightly coupled and run as a single service. With a microservices architecture, an application is built as loosely coupled components.
Benefits of microservices architecture include:
1- Microservices allow each service to be independently scaled to meet demand for the application feature it supports.
2- Teams are empowered to work more independently and more quickly.
3- Microservices enable continuous integration and continuous delivery, making it easy to try out new ideas and to roll back if something doesn't work.
4- Service independence increases an application's resistance to failure. In a monolithic architecture, if a single component fails, it can cause the entire application to fail. With microservices, applications handle total service failure by degrading functionality and not crashing the entire application.

"Parallelize tasks" is incorrect. An example of parallelization is when you use a load balancer to distribute the incoming requests across multiple asynchronous instances or when you use the AWS multipart upload to upload large objects in parts. Adjusting capacity up or down based on demand defines the AWS Cloud elasticity not the parallelization.

"Build Security in every layer" is incorrect. This option is related to security.

A & E

Explanation
For managed services such as Amazon Elastic MapReduce (Amazon EMR) and DynamoDB, AWS is responsible for performing all the operations needed to keep the service running.
Amazon EMR launches clusters in minutes. You don't need to worry about node provisioning, infrastructure setup, Hadoop configuration, or cluster tuning. Amazon EMR takes care of these tasks so you can focus on analysis.
DynamoDB is serverless with no servers to provision, patch, or manage and no software to install, maintain, or operate. DynamoDB automatically scales tables up and down to adjust for capacity and maintain performance. Availability and fault tolerance are built in, eliminating the need to architect your applications for these capabilities.
Other managed services include: Amazon RDS, Amazon Redshift, Amazon WorkSpaces, Amazon CloudFront, Amazon CloudSearch and several other services.
For these managed services, AWS is responsible for most of the configuration and management tasks, but customers are still responsible for managing their data (including encryption options), classifying their assets, and using IAM tools to apply the appropriate permissions.

NOTE:
The AWS managed services we mentioned above are different than the AWS Managed Services (AMS) service. AMS is an AWS service that operates AWS on behalf of enterprise customers and partners. Enterprises want to adopt AWS at scale but often the skills that have served them well in traditional IT do not always translate to success in the cloud. AWS Managed Services (AMS) enables them to migrate to AWS at scale more quickly, reduce their operating costs, improve security and compliance and focus on their differentiating business priorities.

The other options are incorrect:

"Amazon VPC" is incorrect. Amazon Virtual Private Cloud (Amazon VPC) lets you provision a logically isolated section of the AWS Cloud where you can launch AWS resources in a virtual network that you define. You have complete control over your virtual networking environment. Amazon VPC is not a managed service, you are responsible for managing almost everything when using the Amazon VPC service.

"Amazon Elastic Compute Cloud" is incorrect. Amazon Elastic Compute Cloud (Amazon EC2) is a service that gives you complete control over your compute resources. Apart from patching the underlying host - which is the responsibility of AWS - you are responsible for managing almost everything in your server instances when using Amazon EC2.

"AWS IAM" is incorrect. AWS Identity and Access Management (IAM) enables you to manage access to AWS services and resources securely. Using IAM, you can create and manage AWS users and groups, and use permissions to allow and deny their access to AWS resources.

D & E

Explanation
Amazon Inspector is an automated security assessment service that helps improve the security and compliance of applications deployed on AWS. Amazon Inspector automatically assesses applications for vulnerabilities or deviations from best practices. After performing an assessment, Amazon Inspector produces a detailed list of security findings prioritized by level of severity. These findings can be reviewed directly or as part of a detailed assessment report which is available via the Amazon Inspector console or API. To help get started quickly, Amazon Inspector includes a knowledge base of hundreds of rules mapped to common security best practices and vulnerability definitions. Examples of built-in rules include checking for remote root login being enabled, or vulnerable software versions installed. These rules are regularly updated by AWS security researchers.

AWS Trusted Advisor offers a rich set of best practice checks and recommendations across five categories: cost optimization; security; fault tolerance; performance; and service limits. Like your customized cloud security expert, AWS Trusted Advisor analyzes your AWS environment and provides security recommendations to protect your AWS environment. The service improves the security of your applications by closing gaps, examining permissions, and enabling various AWS security features.

The other options are incorrect:

"Amazon SNS" is incorrect. Amazon SNS is a pub/sub messaging service that enables you to decouple microservices, distributed systems, and serverless applications.

"Concierge Support Team" is incorrect. The AWS Concierge Support Team is a specialized offering available only to customers having an Enterprise Support subscription. The Concierge Team assists customers with their billing and account inquiries.

"Amazon CloudWatch" is incorrect. Amazon CloudWatch is used to monitor the utilization of AWS resources and services. You can use CloudWatch to visualize system metrics, take automated actions, troubleshoot performance issues, discover insights to optimize your applications, and ensure they are running smoothly.

AWS Support Concierge

Explanation
Included as part of the Enterprise Support plan, the Support Concierge Team are AWS billing and account experts that specialize in working with enterprise accounts. The Concierge team will quickly and efficiently assist you with your billing and account inquiries, and work with you to help implement billing and account best practices so that you can focus on running your business.
Support Concierge service includes:
** 24 x7 access to AWS billing and account inquires.
** Guidance and best practices for billing allocation, reporting, consolidation of accounts, and root-level account security.
** Access to Enterprise account specialists for payment inquiries, training on specific cost reporting, assistance with service limits, and facilitating bulk purchases.

The other options are incorrect:

"AWS Support API" is incorrect. The AWS Support API provides programmatic access to AWS Support Center features to create, manage, and close your support cases, and operationally manage your Trusted Advisor check requests and status.

"AWS Operations Support" is incorrect. AWS Operations Support is an Enterprise support program that provides operations assessments and analysis to identify gaps across the operations lifecycle, as well as recommendations based on best practices.

"AWS Personal Health Dashboard" is incorrect. AWS Personal Health Dashboard provides a personalized view of the health of AWS services, and alerts when your resources are impacted. Also includes the Health API for integration with your existing management systems.

B & D

Explanation
"Amazon S3 can run any type of application or backend system" is not a benefit of S3 and thus is a correct answer. Amazon S3 is a storage service not a compute service.
"Amazon S3 can be scaled manually to store and retrieve any amount of data from anywhere" is not a benefit of S3 and thus is a correct answer. Amazon S3 scales automatically to store and retrieve any amount of data from anywhere.

Companies today need the ability to simply and securely collect, store, and analyze their data at a massive scale. Amazon S3 is object storage built to store and retrieve any amount of data from anywhere - web sites and mobile apps, corporate applications, and data from IoT sensors or devices. It's a simple storage service that offers highly available, and infinitely scalable data storage infrastructure at very low costs. It is designed to deliver 99.999999999% durability, and stores data for millions of applications used by market leaders in every industry. S3 provides comprehensive security and compliance capabilities that meet even the most stringent regulatory requirements. It gives customers flexibility in the way they manage data for cost optimization, access control, and compliance. S3 provides query-in-place functionality, allowing you to run powerful analytics directly on your data at rest in S3. And Amazon S3 is the most supported cloud storage service available, with integration from the largest community of third-party solutions, systems integrator partners, and other AWS services.

Amazon S3 stores any number of objects, but each object does have a size limitation. Individual Amazon S3 objects can range in size from a minimum of 0 bytes to a maximum of 5 terabytes.

B

Explanation
Under the shared responsibility model, AWS is responsible for the hardware and software that run AWS services. This includes patching the infrastructure software and configuring infrastructure devices. As a customer, you are responsible for implementing best practices for data encryption, patching guest operating system and applications, identity and access management, and network & firewall configurations.

The other options are incorrect.

"Filtering traffic with Security Groups" is incorrect. The AWS Customer is responsible for all network and firewall configurations, including the configuration of Security Groups, Network Access Control Lists (NACLs), and Routing tables.

"Client-side encryption" and "Server-side encryption" are incorrect. Data encryption is the responsibility of the customer.
Additional information:
AWS offers a lot of services and features that help AWS customers protect their data in the cloud. Customers can protect their data by encrypting it in transit and at rest. They can use Cloudtrail to log API and user activity, including who, what, and from where calls were made. They can also use the AWS Identity and Access Management (IAM) to control who can access or edit their data.

D

Explanation
Snowball is a petabyte-scale data transport solution that uses devices designed to be secure to transfer large amounts of data into and out of the AWS Cloud. Using Snowball addresses common challenges with large-scale data transfers including high network costs, long transfer times, and security concerns. Customers today use Snowball to migrate analytics data, genomics data, video libraries, image repositories, backups, and to archive part of data center shutdowns, tape replacement or application migration projects. Transferring data with Snowball is simple, fast, more secure, and can be as little as one-fifth the cost of transferring data via high-speed Internet.

The other options are incorrect:

"A catalog of third-party software solutions that customers need to build solutions and run their businesses" is incorrect. AWS Marketplace is the service that provides this catalog. AWS Marketplace is a digital catalog with thousands of software listings from independent software vendors that make it easy to find, test, buy, and deploy software that runs on AWS. AWS Marketplace includes software listings from categories such as security, networking, storage, machine learning, business intelligence, database, and DevOps.

"A hybrid cloud storage between on-premises environments and the AWS Cloud" is incorrect. AWS Storage Gateway is the service that enables your on-premises applications to seamlessly use AWS cloud storage.

"An Exabyte-scale data transfer service that allows you to move extremely large amounts of data to AWS" is incorrect. AWS Snowmobile is the exabyte-scale data migration service that allows you to move very large datasets from on-premises to AWS.

A

Explanation
AWS CloudTrail is a service that enables governance, compliance, operational auditing, and risk auditing of your AWS account. With CloudTrail, you can log, continuously monitor, and retain account activity related to actions across your AWS infrastructure. CloudTrail provides event history of your AWS account activity, including actions taken through the AWS Management Console, AWS SDKs, command line tools, and other AWS services. This event history simplifies security analysis, resource change tracking, and troubleshooting.

The other options are incorrect:

"Amazon Inspector" is incorrect. Amazon Inspector is an automated security assessment service that helps improve the security and compliance of applications deployed on AWS.

"Amazon EC2 Usage report" is incorrect. The report provides a preconfigured view, based on fixed filter settings, that displays information about your usage and cost trends.

"AWS Trusted Advisor" is incorrect. AWS Trusted Advisor is an online tool that provides real time guidance to help you provision your resources following AWS best practices.

A

Explanation
Customers should be aware that their responsibilities may vary depending on the AWS services chosen. For example, when using Amazon EC2, you are responsible for applying operating system and application security patches regularly. However, such patches are applied automatically when using Amazon RDS.

The other options are incorrect:

"Security of the IaaS services is the responsibility of AWS" is incorrect. AWS products that fall into the well-understood category of Infrastructure as a Service (IaaS)—such as Amazon EC2, Amazon VPC, and Amazon S3—are completely under your control and require you to perform all of the necessary security configuration and management tasks. For example, for EC2 instances, you're responsible for management of the guest OS (including updates and security patches), any application software or utilities you install on the instances, and the configuration of the AWS-provided firewall (called a security group) on each instance. These are basically the same security tasks that you're used to performing no matter where your servers are located.

"Security of the managed services is the responsibility of the customer" is incorrect. AWS is responsible for the security configuration of its managed services. Examples of these types of services include Amazon DynamoDB, Amazon RDS, Amazon Redshift, Amazon Elastic MapReduce, and Amazon WorkSpaces. For most of these services, all you have to do is to configure logical access controls on the resources and protect your account credentials, but overall, the security configuration work is performed by the service.

"Patching the guest OS is the responsibility of AWS for all services" is incorrect.
A computer on which AWS runs one or more virtual machines is called a host machine, and each virtual machine is called a guest machine. AWS drives the concept of virtualization by allowing the physical host machine to operate multiple virtual machines as guests (for multiple customers) to help maximize the effective use of computing resources such as memory, network bandwidth and CPU cycles.
Patching the guest operating system is the responsibility of AWS for the managed services only (such as Amazon RDS). The customer is responsible for patching the guest OS for other services (such as Amazon EC2).
AWS is responsible for patching the underlying hosts, upgrading the firmware, and fixing flaws within the infrastructure for all services, including Amazon EC2.

B

Explanation
Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds, all within a developer-friendly environment.

The use cases of Amazon CloudFront include:
1- Accelerate static website content delivery.
CloudFront can speed up the delivery of your static content (for example, images, style sheets, JavaScript, and so on) to viewers across the globe. By using CloudFront, you can take advantage of the AWS backbone network and CloudFront edge servers to give your viewers a fast, safe, and reliable experience when they visit your website.
2- Live & on-demand video streaming.The Amazon CloudFront CDN offers multiple options for streaming your media - both pre-recorded files and live events - at sustained, high throughput required for 4K delivery to global viewers.
3- Security.
CloudFront integrates seamlessly with AWS Shield for Layer 3/4 DDoS mitigation and AWS WAF for Layer 7 protection.
4- Customizable content delivery with Lambda@Edge.
Lambda@Edge is a feature of Amazon CloudFront that lets you run code closer to users of your application, which improves performance and reduces latency.

The other options are incorrect:

"AWS CloudFormation" is incorrect. AWS CloudFormation allows you to use programming languages or a simple text file to model and provision, in an automated and secure manner, all the resources needed for your applications across all regions and accounts.

"Amazon Kinesis Video Streams" is incorrect. Amazon Kinesis Video Streams enables you to securely stream video from connected devices (IoT devices) to AWS for analytics, machine learning (ML), playback, and other processing. Kinesis Video Streams automatically provisions and elastically scales all the infrastructure needed to ingest streaming video data from millions of devices. It durably stores, encrypts, and indexes video data in your streams, and allows you to access your data through easy-to-use APIs.

"Amazon SNS" is incorrect. Amazon Simple Notification Service (SNS) is a fully managed pub/sub messaging service that enables you to decouple microservices, distributed systems, and serverless applications. Using Amazon SNS topics, your publisher systems can fan out messages to a large number of subscriber endpoints for parallel processing, including AWS Lambda functions, and HTTP/S webhooks. Additionally, SNS can be used to fan out notifications to end users using mobile push, SMS, and email.

C

Explanation
Amazon CloudWatch is a service that monitors AWS cloud resources and the applications you run on AWS. You can use Amazon CloudWatch to collect and track metrics, collect and monitor log files, set alarms, and automatically react to changes in your AWS resources. Amazon CloudWatch can monitor AWS resources such as Amazon EC2 instances, Amazon DynamoDB tables, and Amazon RDS DB instances, as well as custom metrics generated by your applications and services, and any log files your applications generate. You can use CloudWatch to detect anomalous behavior in your environments, take automated actions, troubleshoot issues, and discover insights to keep your applications running smoothly.

The other options are incorrect:

AWS Config is incorrect. AWS Config is a fully managed service that provides you with an AWS resource inventory, configuration history, and configuration change notifications to enable security and governance. With AWS Config you can discover existing AWS resources, export a complete inventory of your AWS resources with all configuration details, and determine how a resource was configured at any point in time. These capabilities enable compliance auditing, security analysis, resource change tracking, and troubleshooting.
AWS CloudTrail is incorrect. AWS CloudTrail is an AWS service that can be used to monitor all user interactions with the AWS environment.

AWS Lambda is incorrect. AWS Lambda is a serverless compute service.

D

For billing purposes, the consolidated billing feature of AWS Organizations treats all the accounts in the organization as one account. This means that all accounts in the organization can receive the hourly cost benefit of Reserved Instances that are purchased by any other account. For example, Suppose that Fiona and John each have an account in an organization. Fiona has five Reserved Instances of the same type, and John has none. During one particular hour, Fiona uses three instances and John uses six, for a total of nine instances on the organization's consolidated bill. AWS bills five instances as Reserved Instances, and the remaining four instances as On-demand instances.

The other options are incorrect:

"The purchased instances will have better performance than On-demand instances" is incorrect. There is no difference in performance between On-demand and Reserved instances of the same type.

"The Reserved Instance discounts can only be shared with the master account" is incorrect. The Reserved Instance discounts can be shared with all accounts in the organization.

"There are no cost benefits from using Consolidated billing; It is for informational purposes only" is incorrect. With Consolidated Billing, you can combine the usage across all accounts in the organization to share the Reserved Instance discounts, volume pricing discounts, and Savings Plans. This can result in a lower charge for your project, department, or company than with individual standalone accounts.

Explanation
Amazon CloudFront is a global content delivery network (CDN) service that gives businesses and web application developers an easy and cost effective way to distribute content (such as videos, data, applications, and APIs) with low latency and high data transfer speeds. Like other AWS services, Amazon CloudFront is a self-service, pay-per-use offering, requiring no long term commitments or minimum fees. With CloudFront, your files are delivered to end-users using a global network of edge locations. CloudFront is integrated with other AWS services such as AWS Shield for DDoS mitigation, Amazon S3, Elastic Load Balancing or Amazon EC2 as origins for your applications, and Lambda@Edge to run custom code close to your viewers.

The other options are incorrect:

"AWS Direct Connect" is incorrect. AWS Direct Connect allows you to establish a dedicated network connection from your premises to AWS.

"AWS Regions" is incorrect. An AWS Region is a physical location in the world where AWS have multiple Availability Zones. Availability Zones consist of one or more discrete data centers, each with redundant power, networking, and connectivity, housed in separate facilities.

"AWS VPN" is incorrect. AWS Virtual Private Network (AWS VPN) allows you to establish a secure and private tunnel from your network or device to the AWS global network.

A & D

Explanation
AWS Personal Health Dashboard provides alerts and remediation guidance when AWS is experiencing events that may impact you. While the Service Health Dashboard displays the general status of AWS services, Personal Health Dashboard gives you a personalized view into the performance and availability of the AWS services underlying your AWS resources.
The benefits of the AWS personal health dashboard include:
**A personalized View of Service Health: Personal Health Dashboard gives you a personalized view of the status of the AWS services that power your applications, enabling you to quickly see when AWS is experiencing issues that may impact you. For example, in the event of a lost EBS volume associated with one of your EC2 instances, you would gain quick visibility into the status of the specific service you are using, helping save precious time troubleshooting to determine root cause.
**Proactive Notifications: The dashboard also provides forward looking notifications, and you can set up alerts across multiple channels, including email and mobile notifications, so you receive timely and relevant information to help plan for scheduled changes that may affect you. In the event of AWS hardware maintenance activities that may impact one of your EC2 instances, for example, you would receive an alert with information to help you plan for, and proactively address any issues associated with the upcoming change.
**Detailed Troubleshooting Guidance: When you get an alert, it includes remediation details and specific guidance to enable you to take immediate action to address AWS events impacting your resources. For example, in the event of an AWS hardware failure impacting one of your EBS volumes, your alert would include a list of your affected resources, a recommendation to restore your volume, and links to the steps to help you restore it from a snapshot. This targeted and actionable information reduces the time needed to resolve issues.

The other options are incorrect:

"A dashboard detailing vulnerabilities in your applications" is incorrect. You can check your applications for vulnerabilities using other services such as Amazon Inspector.

"Recommendations for Cost Optimization" is incorrect. You can get help about cost optimization using other services such as the AWS Trusted Advisor.

"Published information about the current status and availability of all AWS services" is incorrect. You can get information about the current status and availability of the AWS services any time using the AWS Service Health Dashboard that is available at this link: https://status.aws.amazon.com/

B.

Explanation
Horizontal Scaling:
Scaling horizontally takes place through an increase in the number of resources (e.g., adding more hard drives to a storage array or adding more servers to support an application). This is a great way to build Internet-scale applications that leverage the elasticity of cloud computing.

Vertical Scaling:
Scaling vertically takes place through an increase in the specifications of an individual resource (e.g., upgrading a server with a larger hard drive, adding more memory, or provisioning a faster CPU). On Amazon EC2, this can easily be achieved by stopping an instance and resizing it to an instance type that has more RAM, CPU, I/O,or networking capabilities. This way of scaling can eventually hit a limit and it is not always a cost efficient or highly available approach. However, it is very easy to implement and can be sufficient for many use cases especially as a short term solution.

Additional information:
Vertical-scaling is often limited to the capacity constraints of a single machine, scaling beyond that capacity often involves downtime and comes with an upper limit. With horizontal-scaling it is often easier to scale dynamically by adding more machines in parallel. Hence, in most cases, horizontal-scaling is recommended over vertical-scaling.

The other options are incorrect:

All other options are examples of Vertical Scaling.

C.
Explanation
Amazon Route 53 is a global service that provides highly available and scalable Domain Name System (DNS) services, domain name registration, and health-checking web services. It is designed to give developers and businesses an extremely reliable and cost effective way to route end users to Internet applications by translating names like example.com into the numeric IP addresses, such as 192.0.2.1, that computers use to connect to each other.
Route 53 also simplifies the hybrid cloud by providing recursive DNS for your Amazon VPC and on-premises networks over AWS Direct Connect or AWS VPN.

The other options are incorrect:

Amazon EMR is incorrect. EMR is used to process vast amounts of data easily and securely. Use cases include: big data,log analysis, web indexing, data transformations (ETL), machine learning, financial analysis, scientific simulation, and bioinformatics.

AWS Config is incorrect. AWS Config is a fully managed service that provides you with an AWS resource inventory, configuration history, and configuration change notifications to enable security and governance.

Amazon CloudFront is incorrect. Amazon CloudFront gives businesses and web application developers an easy and cost effective way to distribute content globally with low latency and high data transfer speeds.

B.

Explanation
Amazon Glacier is an extremely low-cost storage service that provides secure, durable, and flexible storage for long-term data backup and archival. With Amazon Glacier, customers can reliably store their data for as little as $0.004 per gigabyte per month. Amazon Glacier enables customers to offload the administrative burdens of operating and scaling storage to AWS, so that they don't have to worry about capacity planning, hardware provisioning, data replication, hardware failure detection and repair, or time-consuming hardware migrations.

The other options are incorrect:

"S3 Intelligent-Tiering" is incorrect. S3 Intelligent-Tiering is ideal for data with unknown or changing access patterns.
S3 Intelligent-Tiering is the first cloud object storage class that delivers automatic cost savings by moving data between two access tiers — frequent access and infrequent access — when access patterns change.

"AWS Marketplace" is incorrect. AWS Marketplace is a curated digital catalog that makes it easy for customers to find, buy, deploy, and manage third-party software and services that customers need to build solutions and run their businesses. AWS Marketplace includes thousands of software listings from popular categories such as security, networking, storage, machine learning, business intelligence, database, and DevOps. AWS Marketplace also simplifies software licensing and procurement with flexible pricing options and multiple deployment methods. Customers can quickly launch pre-configured software with just a few clicks, and choose software solutions in AMI and SaaS formats, as well as other formats. Flexible pricing options include free trial, hourly, monthly, annual, multi-year, and BYOL, and get billed from one source, AWS.

"Amazon EBS" is incorrect. Amazon EBS is a block level storage that provides storage volumes for use with Amazon EC2 and Amazon RDS. Amazon EBS is not a cost-effective choice here.

C & E

Explanation
All of the physical security are taken care of for you. Amazon data centers are surrounded by three physical layers of security. "Nothing can go in or out without setting off an alarm". It's important to keep bad guys out, but equally important to keep the data in which is why Amazon monitors incoming gear, tracking every disk that enters the facility. And "if it breaks we don't return the disk for warranty. The only way a disk leaves our data center is when it's confetti."
Most (not all) data and network security are taken care of for you. When we talk about the data/network security, AWS has a "shared responsibility model" where AWS and the customer share the responsibility of securing them. For example the customer is responsible for creating rules to secure his network traffic using the security groups and is also responsible for protecting data with encryption.

"Increase speed and agility" is also a correct answer because in a cloud computing environment, new IT resources are only a click away, which means it requires less time to make those resources available to developers - from weeks to just minutes. This results in a dramatic increase in agility for the organization, since the cost and time it takes to experiment and develop is significantly lower.

The other options are incorrect:

"Gaining complete control over the physical infrastructure" is incorrect. The Physical infrastructure is a responsibility of AWS, not the customer.

Competitive upfront costs" is incorrect. In AWS, most of the services are available with no upfront costs as it follows the pay-as-you-go pricing.
AWS allows you to pay upfront for some services to get more discounts, but you have the choice to pay upfront or pay as you go. By contrast, traditional IT providers require you to pay upfront for all of their services.

"There is no need to worry about security" is incorrect. As mentioned above, security is a shared responsibility between AWS and the customer. For example, the customer has to manage who can access and use AWS resources using the IAM service.

D. Explanation
AWS Database Migration Service (DMS) helps you migrate databases to AWS easily and securely. The source database remains fully operational during the migration, minimizing downtime to applications that rely on the database. The AWS Database Migration Service can migrate your data to and from most widely used commercial and open-source databases. The service supports homogeneous migrations such as Oracle to Oracle, as well as heterogeneous migrations between different database platforms, such as Oracle to Amazon Aurora or Microsoft SQL Server to MySQL. It also allows you to stream data to Amazon Redshift from any of the supported sources including Amazon Aurora, PostgreSQL, MySQL, MariaDB, Oracle, SAP ASE, and SQL Server, enabling consolidation and easy analysis of data in the petabyte-scale data warehouse. AWS Database Migration Service can also be used for continuous data replication with high availability.

The other options are incorrect:

"AWS OpsWorks" is incorrect. AWS OpsWorks is a configuration management service that provides managed instances of Chef and Puppet.

"AWS Server Migration Service" is incorrect. AWS Server Migration Service (SMS) is used to migrate your on-premises workloads to AWS.

"AWS Application Discovery Service" is incorrect. AWS Application Discovery Service helps enterprise customers plan migration projects by gathering information about their on-premises data centers.

C.

Explanation
The Well-Architected Framework identifies a set of general design principles to facilitate good design in the cloud:
1- Stop guessing your capacity needs: Eliminate guessing about your infrastructure capacity needs. When you make a capacity decision before you deploy a system, you might end up sitting on expensive idle resources or dealing with the performance implications of limited capacity. With cloud computing, these problems can go away. You can use as much or as little capacity as you need, and scale up and down automatically.
2- Test systems at production scale: In the cloud, you can create a production-scale test environment on demand, complete your testing, and then decommission the resources. Because you only pay for the test environment when it's running, you can simulate your live environment for a fraction of the cost of testing on premises.
3- Automate to make architectural experimentation easier: Automation allows you to create and replicate your systems at low cost and avoid the expense of manual effort. You can track changes to your automation, audit the impact, and revert to previous parameters when necessary.
4- Allow for evolutionary architectures: Allow for evolutionary architectures. In a traditional environment, architectural decisions are often implemented as static, one-time events, with a few major versions of a system during its lifetime. As a business and its context continue to change, these initial decisions might hinder the system's ability to deliver changing business requirements. In the cloud, the capability to automate and test on demand lowers the risk of impact from design changes. This allows systems to evolve over time so that businesses can take advantage of innovations as a standard practice.
5- Drive architectures using data: In the cloud you can collect data on how your architectural choices affect the behavior of your workload. This lets you make fact-based decisions on how to improve your workload. Your cloud infrastructure is code, so you can use that data to inform your architecture choices and improvements over time.
6- Improve through game days: Test how your architecture and processes perform by regularly scheduling game days to simulate events in production. This will help you understand where improvements can be made and can help develop organizational experience in dealing with events.

The other options are incorrect:

"Provision a large compute capacity to handle any spikes in load" is incorrect. Instead of provisioning a large compute capacity to handle the spikes in load, it is recommended to use the AWS Auto Scaling service to add or remove instances based on demand. The AWS Auto Scaling service allows you to automatically provision new resources to meet demand and maintain performance. When demand drops, AWS Auto Scaling will automatically remove any excess resource capacity, so you avoid overspending.

"Use AWS reservations to reduce costs when testing your production environment" is incorrect. Reservations in AWS are not an appropriate choice when you need to test your production environment, AWS reservations have a minimum term of one year.

"Invest heavily in architecting your environment, as it is not easy to change your design later" is incorrect. In AWS, you can test and provision your resources on-demand and pay only for what you use with no long-term contracts. This enables you to make any changes you want in your architecture design at any time without any risks.

B.

Explanation
An IAM group is a collection of IAM users that are managed as a unit. Groups let you specify permissions for multiple users, which can make it easier to manage the permissions for those users. For example, you could have a group called Admins and give that group the types of permissions that administrators typically need. Any user in that group automatically has the permissions that are assigned to the group. If a new user joins your organization and needs administrator privileges, you can assign the appropriate permissions by adding the user to that group. Similarly, if a person changes jobs in your organization, instead of editing that user's permissions, you can remove him or her from the old groups and add him or her to the appropriate new groups.

The other options are incorrect:

"IAM role" is incorrect. An IAM role is an IAM identity that you can create in your account that has specific permissions. IAM roles allow you to delegate access (for a limited time) to users or services that normally don't have access to your organization's AWS resources. IAM users or AWS services can assume a role to obtain temporary security credentials that can be used to interact with specific AWS resources.
You can use roles to delegate access to users, applications, or services that don't normally have access to your AWS resources. For example, you might want to grant users in your AWS account access to resources they don't usually have, or grant users in one AWS account access to resources in another account. Or you might want to allow a mobile app to use AWS resources, but not want to embed AWS keys within the app. Sometimes you want to give AWS access to users who already have identities defined outside of AWS, such as in your corporate directory. Or, you might want to grant access to your account to third parties so that they can perform an audit on your resources. For these scenarios, you can delegate access to AWS resources using an IAM role.

"IAM users" is incorrect. An IAM user is an entity that you create in AWS to represent the person or application that uses it to directly interact with AWS. A primary use for IAM users is to give people the ability to sign in to the AWS Management Console for interactive tasks and to make programmatic requests to AWS services using the API or CLI. A user in AWS consists of a name, a password to sign into the AWS Management Console, and up to two access keys that can be used with the API or CLI. When you create an IAM user, you grant it permissions by making it a member of a group that has appropriate permission policies attached (recommended), or by directly attaching policies to the user.

Additional information:
An IAM role is similar to an IAM user, in that it is an AWS identity with permission policies that determine what the identity can and cannot do in AWS. However, instead of being uniquely associated with one person, a role is intended to be assumable by anyone (or any service, application, ...etc) who needs it. Also, a role does not have standard long-term credentials such as a password or access keys associated with it. Instead, when you assume a role, it provides you with temporary security credentials for your role session. IAM roles are meant to be assumed by authorized entities, such as IAM users, applications, or an AWS service such as EC2.

"AWS Organizations" is incorrect. AWS Organization helps you to centrally manage billing; control access, compliance, and security; and share resources across multiple AWS accounts.

Which AWS service enables users to consolidated billing across multiple accounts?

AWS Organizations provides consolidated billing so you can track the combined costs of all the linked accounts in your organization. The master account receives the consolidated bill. With consolidated billing, you can combine service usage from multiple accounts into a single invoice.

Which AWS service will enable customers that have multiple AWS accounts to simplify and consolidate their billing process?

Consolidated billing enables consolidating payments from multiple AWS accounts (Linked or Member Accounts) within the organization to a single account by designating it to be the Management or Payer Account.

Which AWS service or feature enables users to get one bill?

Consolidated billing has the following benefits: One bill – You get one bill for multiple accounts. Easy tracking – You can track the charges across multiple accounts and download the combined cost and usage data.

Which AWS services can be used to gather information about AWS account activity?

AWS CloudTrail monitors and records account activity across your AWS infrastructure, giving you control over storage, analysis, and remediation actions.

amazon web services aws offering customers aggregate billing accounts

zusammenhängende Posts

Which AWS service or feature can be used to find availability status information on all AWS services?
Which AWS service or feature can be used to find availability status information on all AWS services?

Which of the following is the responsibility of AWS according to the shared security model choose 3 answers from the options given below?
Which of the following is the responsibility of AWS according to the shared security model choose 3 answers from the options given below?

Which tool is used to automate actions for AWS services and applications through?
Which tool is used to automate actions for AWS services and applications through?

Which of the following are steps you should take in securing your AWS account choose 3?
Which of the following are steps you should take in securing your AWS account choose 3?

Was ist der unterschied zwischen einer rechnungsadresse und einer versandadresse
Was ist der unterschied zwischen einer rechnungsadresse und einer versandadresse

Wer bin ich - und wenn ja wie viele Amazon
Wer bin ich - und wenn ja wie viele Amazon

Wie viel kostet die Expresslieferung bei Amazon?
Wie viel kostet die Expresslieferung bei Amazon?

Which sector of the economy provides services to individuals and other businesses?
Which sector of the economy provides services to individuals and other businesses?

Kostenlose e books bücher zum runterladen
Kostenlose e books bücher zum runterladen

Most common health insurance claim form used to file claims for physicians services
Most common health insurance claim form used to file claims for physicians services

Werbung

NEUESTEN NACHRICHTEN

Wie lange gilt man mit johnson als vollständig geimpft
1 Jahrs vor . durch CurlyDelicacy
Wie kann man Batterie in Prozent anzeigen iPhone 13?
1 Jahrs vor . durch StrickenMotto
Which of the following is considered effective for both upward and downward influence?
1 Jahrs vor . durch PreparedContentment
Which of the following statements is true regarding impression management IM techniques?
1 Jahrs vor . durch TiresomeMelodrama
Auf der grünen Wiese liegt der Theodor
1 Jahrs vor . durch GuidingCrossroads
In which of the following ways can effective communicators protect goodwill?
1 Jahrs vor . durch ExtremistConfiscation
Was ist der unterschied zwichen feil und richard
1 Jahrs vor . durch CloudlessAnnuity
In welchem Alter sterben die meisten Männer in Deutschland
1 Jahrs vor . durch HappyThreshold
Wo liegt der unterschied zwischen job und beruf
1 Jahrs vor . durch PositiveCabal
By definition the speaker and the audience cannot be part of the same public
1 Jahrs vor . durch ApocalypticCrocodile

Werbung

Populer

Werbung

Um

Legal

Hilfe

Sozial

homeendefrkoptzhitthjphi
Urheberrechte © © 2024 berikutyang Inc.