Ace Your AWS Interview with Ease: The Quick Revision Guide You NeeAce Your AWS Interview with Ease
Access Control List (ACL) A document that defines who can access a particular bucket or object. Each bucket and object in Amazon Simple Storage Service (Amazon S3) has an ACL. The document defines what each type of user can do, such as write and read permissions.
Access Key The combination of an Access Key ID (AKI) (like AKIAIOSFODNN7EXAMPLE) and a Secret Access Key (SAK) (like wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY). You use access keys to sign API requests that you make to AWS.
Access Key ID (AKI) A unique identifier that’s associated with a Secret Access Key (SAK); the AKI and SAK are used together to sign programmatic AWS requests cryptographically.
Account A formal relationship with AWS that is associated with (1) the owner’s email address and password, (2) the control of resources created under its umbrella, and (3) payment for the AWS activity related to those resources. The AWS account has permission to do anything and everything with all the AWS account resources. This is in contrast to a user, which is an entity contained within the account.
Action (in a Policy) Defines the actions for which the permission in a policy applies. This could be * for all actions, one or more individual actions, or a wildcard defining multiple actions (such as Read*).
Activities (AWS Data Pipeline) A pipeline component that defines the work to perform.
Amazon API Gateway A fully managed service that makes it easy for developers to create, publish, maintain, monitor, and secure Application Programming Interfaces (APIs) at any scale.
Amazon Aurora Amazon Aurora is a fully managed Amazon RDS database engine. Amazon Aurora is MySQL-compatible and provides increased reliability and performance over standard MySQL deployments.
Amazon CloudFront A content delivery service that helps you improve the performance, reliability, and availability of your websites and applications.
Amazon CloudWatch is A web service that enables you to monitor and manage various metrics and configure alarm actions based on data from those metrics.
Amazon Cognito A web service that makes it easy to save mobile user data, such as app preferences or game state, in the AWS Cloud without writing any backend code or managing any infrastructure. Amazon Cognito offers mobile identity management and data synchronization across devices.
Amazon DynamoDB A fully managed, fast, and flexible NoSQL database service for all applications that need consistent, single-digit millisecond latency at any scale. Amazon DynamoDB is a cloud database that supports both document and key/value
Amazon Elastic Block Store (Amazon EBS) A service that provides block-level storage volumes for use with Amazon Elastic Compute Cloud (Amazon EC2) instances.
Amazon Elastic Block Store (Amazon EBS) Snapshot Point-in-time backup of your volume stored in Amazon Simple Storage Service (Amazon S3). Can be used as the starting point for new Amazon EBS volumes or to protect your data for long-term durability.
Amazon Elastic Compute Cloud (Amazon EC2) A web service that enables you to launch and manage Linux/UNIX and Windows server instances in Amazon’s data centers.
Amazon Elastic Transcoder A cloud-based media transcoding service. Elastic Transcoder is a highly scalable tool for converting (or transcoding) media files from their source format into versions that will play on devices like smartphones, tablets, and PCs.
Amazon ElastiCache A web service that simplifies deploying, operating, and scaling an in-memory cache in the cloud. The service improves the performance of web applications by providing information retrieval from fast, managed, in-memory caches, instead of relying entirely on slower disk-based databases.
Amazon Elasticsearch A managed service for deploying, operating, and scaling Elasticsearch, an open-source search and analytics engine.
Amazon Glacier A secure, durable, and low-cost storage service for data archiving and long-term backup. You can reliably store large or small amounts of data for significantly less than on-premises solutions. Amazon Glacier is optimized for infrequently accessed data, where a retrieval time of several hours is suitable.
Amazon Kinesis Streams Application A data consumer that reads and processes data from an Amazon Kinesis stream.
Amazon Machine Image (AMI) An encrypted machine image stored in Amazon Elastic Block Store (Amazon EBS) or Amazon Simple Storage Service (Amazon S3). AMIs are like a template of a computer’s root drive. They contain the Operating System (OS) and can also include software and layers of your application, such as database servers, middleware, web servers, and so on.
Amazon Redshift A fully managed, petabyte-scale data warehouse service in the cloud. With Amazon Redshift, you can analyze your data using your existing business intelligence tools.
Amazon Relational Database Service (Amazon RDS) A web service that makes it easier to set up, operate, and scale a relational database in the cloud. It provides cost-efficient, resizable capacity for an industry-standard relational database and manages common database administration tasks.
Amazon Resource Name (ARN) A standardized way to refer to an AWS resource. For example:
Amazon Route 53 A web service you can use to register new domains or manage the Domain Name System (DNS) settings for existing domains.
Amazon Simple Email Service (Amazon SES) An easy-to-use, cost-effective email solution for applications.
Amazon Simple Notification Service (Amazon SNS) A web service that enables applications, end users, and devices to send and receive notifications instantly from the cloud.
Amazon Simple Queue Service (Amazon SQS) Reliable and scalable managed queues for storing messages as they travel between computers.
Amazon Simple Queue Service (Amazon SQS) Access Control Amazon SQS has its own resource-based permissions system that uses policies written in the same language used for AWS Identity and Access Management (IAM) policies. This means that you can achieve the same things with Amazon SQS policies that you can with IAM policies, such as using variables.
Amazon Simple Queue Service (Amazon SQS) Dead Letter Queues Amazon SQS provides support for dead letter queues. A dead letter queue is a queue that other (source) queues can target to send messages that for some reason could not be successfully processed. A primary benefit of using a dead letter queue is the ability to sideline and isolate the unsuccessfully processed messages. You can then analyze any messages sent to the dead
letter queue to try to determine the cause of failure.
Amazon Simple Queue Service (Amazon SQS) Delay Queues Delay queues allow you to postpone the delivery of new messages in a queue for a specific number of seconds. If you create a delay queue, any message that you send to that queue will be invisible to consumers for the duration of the delay period. To create a delay queue, use CreateQueue and set the DelaySeconds attribute to any value between 0 and 900 seconds (15 minutes). You can also turn an existing queue into a delay queue by using SetQueueAttributes to set the queue’s DelaySeconds attribute. The default value for DelaySeconds is 0.
Amazon Simple Queue Service (Amazon SQS) Long Polling When your application queries the Amazon SQS queue for messages, it calls the function ReceiveMessage. Historically, developers would design their systems to poll the queue as frequently as possible to ensure that messages were not building up in the queue. However, because of
the way Amazon SQS is billed, polling in tight loops can be expensive and burn through CPU cycles. In November 2012, AWS enabled long polling, which allows your Amazon Elastic Compute Cloud (Amazon EC2) instances to poll the queue and, if nothing is there, Amazon EC2 waits for an amount of time you specify (between 1 and 20 seconds).
If a message arrives in that time, it is delivered to your Amazon EC2 instance as soon as possible. If a message does not arrive in that time, you need to execute the ReceiveMessage function again.
Amazon Simple Queue Service (Amazon SQS) Message Attributes Amazon SQS provides support for message attributes. Message attributes allow you to provide structured metadata items (such as timestamps, geospatial data, signatures, and identifiers) about the message. Message attributes are optional and separate from, but
sent along with the message body. The receiver of the message can use this information to help decide how to handle the message without having to process the message body first. Each message can have up to ten attributes. To specify message attributes, you can use the AWS Management Console, AWS Software Development Kits (SDKs), or query Application Program Interface (API).
Amazon Simple Queue Service (Amazon SQS) Message Identifiers Amazon SQS assigns each message a unique ID that it returns to you in the SendMessage response. This identifier is useful for identifying messages, but note that to delete a message, you need the message’s receipt handle instead of the message ID. The maximum length of a message ID is 100 characters.
Amazon Simple Queue Service (Amazon SQS) Metadata Amazon SQS supports message metadata and allows you to send up to ten attributes on each message. With message attributes, you can separate the body of a message from the metadata that describes it. This allows you to route, process, and store information with greater speed and intelligence because your applications no longer have to inspect an entire message before understanding
what processing steps are necessary. Amazon SQS message attributes take the form of name-type-value triples. Types supported include string, binary, and number (including integers, floating point numbers, and doubles).
Amazon Simple Queue Service (Amazon SQS) Queue Amazon SQS uses three identifiers that you need to be familiar with queue URLs, message IDs, and receipt handles. When creating a new queue, you must provide a queue name that is unique within the scope of all your queues. This single namespace includes queues that you create using both the latest WSDL and a previous version. Amazon SQS assigns each queue that you create an identifier called a queue URL, which includes the queue name and other components that Amazon SQS determines. Whenever you want to perform an action on a queue, you must provide its queue URL.
Amazon Simple Queue Service (Amazon SQS) Queue Operations The defined operations for Amazon SQS queues are CreateQueue, ListQueues, DeleteQueue, SendMessage, SendMessageBatch, ReceiveMessage, DeleteMessage, DeleteMessageBatch, PurgeQueue, ChangeMessageVisibility, ChangeMessageVisibilityBatch, SetQueueAttributes,
GetQueueAttributes, GetQueueUrl, AddPermission, and RemovePermission. Only the AWS account owner or an AWS account that the account owner has delegated permissions to can perform operations.
Amazon Simple Queue Service (Amazon SQS) Unique IDs Your messages are identified via a globally unique ID that Amazon SQS returns when the message is delivered to the queue. The ID isn’t required in order to perform any further actions on the message, but it’s useful for tracking whether a particular message in the queue has been received. When you receive a message from the queue, the response includes a receipt handle, which you must provide when deleting the message.
Amazon Simple Storage Service (Amazon S3) Storage for the Internet. You can use it to store and retrieve any amount of data, at any time, from anywhere on the web.
Amazon Simple Workflow Service (Amazon SWF) A fully managed service that helps developers build, run, and scale background jobs that have parallel or sequential steps. Amazon SWF is like a state tracker and task coordinator in the cloud.
Amazon Simple Workflow Service (Amazon SWF) Actors SWF consists of a number of different types of programmatic features known as actors. Actors can be workflow starters, deciders, or activity workers. These actors communicate with Amazon SWF through its API. You can develop actors in any programming language.
Amazon Simple Workflow Service (Amazon SWF) Long Polling Deciders and activity workers communicate with Amazon SWF using long polling. The decider or activity worker periodically initiates communication with Amazon SWF, notifying Amazon SWF of its availability to accept a task, and then specifies a task list to get tasks from. Long polling works well for high-volume task processing. Deciders and activity workers can manage their own capacity, and long polling is easy to use when the deciders and activity workers are behind a firewall.
Amazon Simple Workflow Service (Amazon SWF) Object Identifiers Amazon SWF objects are uniquely identified by workflow type, activity type, decision and activity tasks, and workflow execution.
Amazon Simple Workflow Service (Amazon SWF) Task Lists Task lists provide a way of organizing the various tasks associated with a workflow. You could think of task lists as similar to dynamic queues. When a task is scheduled in Amazon SWF, you can specify a queue (task list) to put it in. Similarly, when you poll Amazon SWF for a task, you say which queue (task list) to get the task from.
Amazon Simple Workflow Service (Amazon SWF) Tasks Amazon SWF provides activity workers and deciders with work assignments, given as one of three types of tasks: activity tasks, AWS Lambda tasks, and decision tasks. An activity task tells an activity worker to perform its function, such as checking inventory or charging a credit card. The
activity task contains all of the information that the activity worker needs to perform its function.
Amazon Simple Workflow Service (Amazon SWF) Workflows Using Amazon SWF, you can implement distributed, asynchronous applications as workflows. Workflows coordinate and manage the execution of activities that can be run asynchronously across multiple computing devices and that can feature both sequential and parallel processing.
Amazon Virtual Private Cloud (Amazon VPC) A web service for provisioning a logically isolated section of the AWS cloud where you can launch AWS resources in a virtual network that you define. You control your virtual networking environment, including a selection of your own IP address range, creation of subnets, and configuration of route tables and network gateways.
Application Programming Interface (API) A secure, REST-based interface for controlling AWS Cloud services. This is the lowest level of control over the services. While code can be written to access the API directly, it is more commonly accessed through the AWS Software Development Kits (SDKs) or other tools such as the CLI or AWS Management Console.
Application Version A specific, labeled iteration of an application in AWS Elastic Beanstalk that represents a functionally consistent set of deployable application code. A version points to an Amazon Simple Storage Service (Amazon S3) object (for example, a Java WAR file) that contains the application code.
Archive Data in Amazon Glacier is stored in archives, identified by unique archive ID. Archives typically contain TAR (Tape Archive) or ZIP files.
Asymmetric Key Algorithm Any cryptographic system that uses pairs of keys: public keys that may be disseminated widely paired with private keys that are known only to the owner.
Authentication The process of proving your identity to a system.
Authorization The mechanism for assigning privileges to a properly authenticated principal.
Auto Discovery Clients connecting to Amazon ElastiCache clusters running Memcached can use Auto Discovery to identify automatically all of the nodes in a cache cluster as the cluster is resized or nodes are replaced.
Auto Scaling A web service designed to launch or terminate instances automatically based on user-defined policies, schedules, and health checks.
Auto Scaling Group An Auto Scaling group helps you maintain application availability and allows you to scale your Amazon EC2 capacity up or down automatically according to the conditions you define.
Availability The probability that a system will work as required over some time period, usually specified as some number of nines.
Availability Zone A distinct location within a region that is insulated from failures in other Availability Zones and provides inexpensive, low-latency network connectivity to other Availability Zones in the same region.
AWS Application Programming Interface (API) A secure, REST-based interface for controlling AWS Cloud services. This is the lowest level of control over the services, and while code can be written to access this API directly, it is more commonly accessed through the AWS Software Development Kits (SDKs) or other tools such as the CLI or AWS Management Console.
AWS Certificate Manager (ACM) A web service for provisioning, managing, and deploying Secure Sockets Layer/Transport Layer Security (SSL/TLS) certificates for use with AWS services.
AWS CloudFormation A service for writing or changing templates that provisions related AWS resources together as a unit.
AWS CloudFormation Stack A collection of AWS resources you create and delete as a single unit.
AWS CloudTrail A web service that records AWS API calls for your account and delivers log files to you. The recorded information includes the identity of the API caller, the time of the API call, the source IP address of the API caller, the request parameters, and the response elements returned by the AWS service.
AWS Command-Line Interface (CLI) A unified downloadable and configurable tool for managing AWS Cloud services. Users can control multiple AWS Cloud services from the command line and automate them through scripts.
AWS Config A fully managed service that provides an AWS resource inventory, configuration history, and configuration change notifications for better security and governance. You can create rules that automatically check the configuration of AWS resources that AWS Config records.
AWS Config Rule Represents the desired configuration settings for specific AWS resources or for an entire AWS account.
AWS Direct Connect A web service that simplifies establishing a dedicated network connection from your premises to AWS. Using AWS Direct Connect, you can establish private connectivity between AWS and your data center, office, or colocation environment.
AWS Directory Service A managed service for connecting your AWS resources to an existing on-premises Microsoft Active Directory or to set up and operate a new, standalone directory on the AWS Cloud.
AWS Elastic Beanstalk A web service for deploying and managing applications on the AWS Cloud without worrying about the infrastructure that runs those applications.
AWS Elastic Beanstalk Application A logical collection of AWS Elastic Beanstalk components, including environments, versions, and environment configurations. An application is conceptually similar to a folder.
AWS Identity and Access Management (IAM) A web service that enables AWS customers to manage users and user permissions within AWS.
AWS Identity and Access Management (IAM) Group A collection of IAM users. You can use IAM groups to simplify specifying and managing permissions for multiple users.
AWS Identity and Access Management (IAM) Role A tool for giving temporary access to AWS resources in your AWS account.
AWS Identity and Access Management (IAM) User A person or application under an account that needs to make API calls to AWS products. Each user has a unique name within the AWS account and a set of security credentials not shared with other users. These credentials are separate from the AWS account’s security credentials. Each user is associated with one and only one AWS account.
AWS Key Management Service (KMS) A managed service that simplifies the creation and control of encryption keys that are used to encrypt data.
AWS Lambda A serverless compute service that runs code in response to events and automatically manages the underlying compute resources.
AWS Management Console A graphical interface used to manage computing, storage, and other cloud resources.
AWS OpsWorks App Represents code to run on an application server. It contains the information required to deploy the code to the appropriate application server instances.
AWS OpsWorks Layer Represents an AWS OpsWorks stack component, such as a load balancer or a set of application servers. Every stack contains one or more layers.
AWS OpsWorks Stack A set of resources you manage collectively, typically because they have a common purpose such as serving PHP applications. A stack serves as a container and handles tasks that apply to the group of instances as a whole, such as managing applications and cookbooks.
AWS Security Token Service (STS) A web service for requesting temporary, limited privilege credentials for IAM users or for users that you authenticate (federated users).
AWS Storage Gateway A web service that connects an on-premises software appliance with cloud-based storage to provide seamless and secure integration between an organization’s on-premises IT environment and AWS storage infrastructure.
AWS Web Application Firewall (WAF) A web application firewall service that controls access to content by allowing or blocking web requests based on criteria that you specify,
such as header values or the IP addresses that the requests originate from. AWS WAF helps
protect web applications from common web exploits that could affect application availability,
compromise security, or consume excessive resources.
How to clear AWS admin interviews with confidence
Basic Monitoring Amazon CloudWatch-provided monitoring of AWS-provided metrics derived at a five-minute frequency.
Block Device A storage device that supports reading and (optionally) writing data in fixed-size blocks, sectors, or clusters.
Block Storage A storage device that supports reading and (optionally) writing data in fixed-size blocks, sectors, or clusters.
Bootstrap A user-specified script that runs on an Amazon Elastic Compute Cloud (Amazon EC2) instance once when the instance is launched.
Bootstrapping Providing a script that is executed when the instance is created to configure the instance.
Bring Your Own License (BYOL) Amazon RDS supports BYOL deployments for Oracle and SQL Server.
Bucket A container for objects stored in Amazon Simple Storage Service (Amazon S3). Every object is contained in a bucket. For example, if the object photos/puppy.jpg is stored in the john smith bucket.