What are the corresponding Azure and Google Cloud services for each of the AWS services?

What are the corresponding or equivalent Azure services for each of the AWS services?

What are unique distinctions and similarities between AWS, Azure and Google Cloud services? For each AWS service, what is the equivalent Azure and Google Cloud service? For each Azure service, what is the corresponding Google Service? AWS Services vs Azure vs Google Services? Side by side comparison between AWS, Google Cloud and Azure Service?

For a better experience, use the mobile app here.

AWS vs Azure vs Google
AWS vs Azure vs Google Mobile App
Cloud Practitioner Exam Prep:  AWS vs Azure vs Google
Cloud Practitioner Exam Prep: AWS vs Azure vs Google

1

Category: Marketplace
Easy-to-deploy and automatically configured third-party applications, including single virtual machine or multiple virtual machine solutions.
References:
[AWS]:AWS Marketplace
[Azure]:Azure Marketplace
[Google]:Google Cloud Marketplace
Tags: #AWSMarketplace, #AzureMarketPlace, #GoogleMarketplace
Differences: They are both digital catalog with thousands of software listings from independent software vendors that make it easy to find, test, buy, and deploy software that runs on their respective cloud platform.

3

Category: AI and machine learning
Build and connect intelligent bots that interact with your users using text/SMS, Skype, Teams, Slack, Office 365 mail, Twitter, and other popular services.
References:
[AWS]:Alexa Skills Kit (enables a developer to build skills, also called conversational applications, on the Amazon Alexa artificial intelligence assistant.)
[Azure]:Microsoft Bot Framework (building enterprise-grade conversational AI experiences.)
[Google]:Google Assistant Actions ( developer platform that lets you create software to extend the functionality of the Google Assistant, Google’s virtual personal assistant,)

Tags: #AlexaSkillsKit, #MicrosoftBotFramework, #GoogleAssistant
Differences: One major advantage Google gets over Alexa is that Google Assistant is available to almost all Android devices.

4

Category: AI and machine learning
Description:API capable of converting speech to text, understanding intent, and converting text back to speech for natural responsiveness.
References:
[AWS]:Amazon Lex (building conversational interfaces into any application using voice and text.)
[Azure]:Azure Speech Services(unification of speech-to-text, text-to-speech, and speech translation into a single Azure subscription)
[Google]:Google APi.ai, AI Hub (Hosted repo of plug-and-play AI component), AI building blocks(for developers to add sight, language, conversation, and structured data to their applications.), AI Platform(code-based data science development environment, lets ML developers and data scientists quickly take projects from ideation to deployment.), DialogFlow (Google-owned developer of human–computer interaction technologies based on natural language conversations. ), TensorFlow(Open Source Machine Learning platform)

Tags: #AmazonLex, #CogintiveServices, #AzureSpeech, #Api.ai, #DialogFlow, #Tensorflow
Differences: api.ai provides us with such a platform which is easy to learn and comprehensive to develop conversation actions. It is a good example of the simplistic approach to solving complex man to machine communication problem using natural language processing in proximity to machine learning. Api.ai supports context based conversations now, which reduces the overhead of handling user context in session parameters. On the other hand in Lex this has to be handled in session. Also, api.ai can be used for both voice and text based conversations (assistant actions can be easily created using api.ai).

5

Category: AI and machine learning
Description:Computer Vision: Extract information from images to categorize and process visual data.
References:
[AWS]:Amazon Rekognition (based on the same proven, highly scalable, deep learning technology developed by Amazon’s computer vision scientists to analyze billions of images and videos daily. It requires no machine learning expertise to use.)
[Azure]:Cognitive Services(bring AI within reach of every developer—without requiring machine-learning expertise.)
[Google]:Google Vision (offers powerful pre-trained machine learning models through REST and RPC APIs.)
Tags: AmazonRekognition, #GoogleVision, #AzureSpeech
Differences: For now, only Google Cloud Vision supports batch processing. Videos are not natively supported by Google Cloud Vision or Amazon Rekognition. The Object Detection functionality of Google Cloud Vision and Amazon Rekognition is almost identical, both syntactically and semantically.
Differences:
Google Cloud Vision and Amazon Rekognition offer a broad spectrum of solutions, some of which are comparable in terms of functional details, quality, performance, and costs.

7

Category: Big data and analytics: Data warehouse
Description: Apache Spark-based analytics platform. Managed Hadoop service. Data orchestration, ETL, Analytics and visualization
References:
[AWS]:EMR, Data Pipeline, Kinesis Stream, Kinesis Firehose, Glue, QuickSight, Athena, CloudSearch
[Azure]:Azure Databricks, Data Catalog Cortana Intelligence, HDInsight, Power BI, Azure Datafactory, Azure Search, Azure Data Lake Anlytics, Stream Analytics, Azure Machine Learning
[Google]:Cloud DataProc, Machine Learning, Cloud Datalab
Tags:#EMR, #DataPipeline, #Kinesis, #Cortana, AzureDatafactory, #AzureDataAnlytics, #CloudDataProc, #MachineLearning, #CloudDatalab
Differences: All three providers offer similar building blocks; data processing, data orchestration, streaming analytics, machine learning and visualisations. AWS certainly has all the bases covered with a solid set of products that will meet most needs. Azure offers a comprehensive and impressive suite of managed analytical products. They support open source big data solutions alongside new serverless analytical products such as Data Lake. Google provide their own twist to cloud analytics with their range of services. With Dataproc and Dataflow, Google have a strong core to their proposition. Tensorflow has been getting a lot of attention recently and there will be many who will be keen to see Machine Learning come out of preview.

8

Category: Virtual servers
Description:Virtual servers allow users to deploy, manage, and maintain OS and server software. Instance types provide combinations of CPU/RAM. Users pay for what they use with the flexibility to change sizes.
Batch: Run large-scale parallel and high-performance computing applications efficiently in the cloud.
References:
[AWS]:Elastic Compute Cloud (EC2), Amazon Bracket(Explore and experiment with quantum computing), Amazon Ec2 M6g Instances (Achieve up to 40% better price performance), Amazon Ec2 Inf1 instancs (Deliver cost-effective ML inference), AWS Graviton2 Processors (Optimize price performance for cloud workloads), AWS Batch, AWS AutoScaling, VMware Cloud on AWS, AWS Local Zones (Run low latency applications at the edge), AWS Wavelength (Deliver ultra-low latency applications for 5G devices), AWS Nitro Enclaves (Further protect highly sensitive data), AWS Outposts (Run AWS infrastructure and services on-premises)
[Azure]:Azure Virtual Machines, Azure Batch, Virtual Machine Scale Sets, Azure VMware by CloudSimple
[Google]:Compute Engine, Preemptible Virtual Machines, Managed instance groups (MIGs), Google Cloud VMware Solution by CloudSimple
Tags: #AWSEC2, #AWSBatch, #AWSAutoscaling, #AzureVirtualMachine, #AzureBatch, #VirtualMachineScaleSets, #AzureVMWare, #ComputeEngine, #MIGS, #VMWare
Differences: There is very little to choose between the 3 providers when it comes to virtual servers. Amazon has some impressive high end kit, on the face of it this sound like it would make AWS a clear winner. However, if your only option is to choose the biggest box available you will need to make sure you have very deep pockets, and perhaps your money may be better spent re-architecting your apps for horizontal scale.Azure’s remains very strong in the PaaS space and now has a IaaS that can genuinely compete with AWS
Google offers a simple and very capable set of services that are easy to understand. However, with availability in only 5 regions it does not have the coverage of the other players.

9

Category: Containers and container orchestrators
Description: A container is a standard unit of software that packages up code and all its dependencies so the application runs quickly and reliably from one computing environment to another.
Container orchestration is all about managing the lifecycles of containers, especially in large, dynamic environments.
References:
[AWS]:EC2 Container Service (ECS), Fargate(Run containers without anaging servers or clusters), EC2 Container Registry(managed AWS Docker registry service that is secure, scalable, and reliable.), Elastic Container Service for Kubernetes (EKS: runs the Kubernetes management infrastructure across multiple AWS Availability Zones), App Mesh( application-level networking to make it easy for your services to communicate with each other across multiple types of compute infrastructure)
[Azure]:Azure Container Instances, Azure Container Registry, Azure Kubernetes Service (AKS), Service Fabric Mesh
[Google]:Google Container Engine, Container Registry, Kubernetes Engine
Tags:#ECS, #Fargate, #EKS, #AppMesh, #ContainerEngine, #ContainerRegistry, #AKS
Differences: Google Container Engine, AWS Container Services, and Azure Container Instances can be used to run docker containers. Google offers a simple and very capable set of services that are easy to understand. However, with availability in only 5 regions it does not have the coverage of the other players.

10

Category: Serverless
Description: Integrate systems and run backend processes in response to events or schedules without provisioning or managing servers.
References:
[AWS]:AWS Lambda
[Azure]:Azure Functions
[Google]:Google Cloud Functions
Tags:#AWSLAmbda, #AzureFunctions, #GoogleCloudFunctions
Differences: Both AWS Lambda and Microsoft Azure Functions and Google Cloud Functions offer dynamic, configurable triggers that you can use to invoke your functions on their platforms. AWS Lambda, Azure and Google Cloud Functions support Node.js, Python, and C#. The beauty of serverless development is that, with minor changes, the code you write for one service should be portable to another with little effort – simply modify some interfaces, handle any input/output transforms, and an AWS Lambda Node.JS function is indistinguishable from a Microsoft Azure Node.js Function. AWS Lambda provides further support for Python and Java, while Azure Functions provides support for F# and PHP. AWS Lambda is built from the AMI, which runs on Linux, while Microsoft Azure Functions run in a Windows environment. AWS Lambda uses the AWS Machine architecture to reduce the scope of containerization, letting you spin up and tear down individual pieces of functionality in your application at will.

11

Category: Relational databases
Description: Managed relational database service where resiliency, scale, and maintenance are primarily handled by the platform.
References:
[AWS]:AWS RDS(MySQL and PostgreSQL-compatible relational database built for the cloud,), Aurora(MySQL and PostgreSQL-compatible relational database built for the cloud)
[Azure]:SQL Database, Azure Database for MySQL, Azure Database for PostgreSQL
[Google]:Cloud SQL
Tags: #AWSRDS, #AWSAUrora, #AzureSQlDatabase, #AzureDatabaseforMySQL, #GoogleCloudSQL
Differences: All three providers boast impressive relational database offering. RDS supports an impressive range of managed relational stores while Azure SQL Database is probably the most advanced managed relational database available today. Azure also has the best out-of-the-box support for cross-region geo-replication across its database offerings.

12

Category: NoSQL, Document Databases
Description:A globally distributed, multi-model database that natively supports multiple data models: key-value, documents, graphs, and columnar.
References:
[AWS]:DynamoDB (key-value and document database that delivers single-digit millisecond performance at any scale.), SimpleDB ( a simple web services interface to create and store multiple data sets, query your data easily, and return the results.), Managed Cassandra Services(MCS)
[Azure]:Table Storage, DocumentDB, Azure Cosmos DB
[Google]:Cloud Datastore (handles sharding and replication in order to provide you with a highly available and consistent database. )
Tags:#AWSDynamoDB, #SimpleDB, #TableSTorage, #DocumentDB, AzureCosmosDB, #GoogleCloudDataStore
Differences:DynamoDB and Cloud Datastore are based on the document store database model and are therefore similar in nature to open-source solutions MongoDB and CouchDB. In other words, each database is fundamentally a key-value store. With more workloads moving to the cloud the need for NoSQL databases will become ever more important, and again all providers have a good range of options to satisfy most performance/cost requirements. Of all the NoSQL products on offer it’s hard not to be impressed by DocumentDB; Azure also has the best out-of-the-box support for cross-region geo-replication across its database offerings.

13

Category:Caching
Description:An in-memory–based, distributed caching service that provides a high-performance store typically used to offload non transactional work from a database.
References:
[AWS]:AWS ElastiCache (works as an in-memory data store and cache to support the most demanding applications requiring sub-millisecond response times.)
[Azure]:Azure Cache for Redis (based on the popular software Redis. It is typically used as a cache to improve the performance and scalability of systems that rely heavily on backend data-stores.)
[Google]:Memcache (In-memory key-value store, originally intended for caching)
Tags:#Redis, #Memcached
<Differences: They all support horizontal scaling via sharding.They all improve the performance of web applications by allowing you to retrive information from fast, in-memory caches, instead of relying on slower disk-based databases.”, “Differences”: “ElastiCache supports Memcached and Redis. Memcached Cloud provides various data persistence options as well as remote backups for disaster recovery purposes. Redis offers persistence to disk, Memcache does not. This can be very helpful if you cache lots of data, since you remove the slowness around having a fully cold cache. Redis also offers several extra data structures that Memcache doesn’t— Lists, Sets, Sorted Sets, etc. Memcache only has Key/Value pairs. Memcache is multi-threaded. Redis is single-threaded and event driven. Redis is very fast, but it’ll never be multi-threaded. At hight scale, you can squeeze more connections and transactions out of Memcache. Memcache tends to be more memory efficient. This can make a big difference around the magnitude of 10s of millions or 100s of millions of keys. ElastiCache supports Memcached and Redis. Memcached Cloud provides various data persistence options as well as remote backups for disaster recovery purposes. Redis offers persistence to disk, Memcache does not. This can be very helpful if you cache lots of data, since you remove the slowness around having a fully cold cache. Redis also offers several extra data structures that Memcache doesn’t— Lists, Sets, Sorted Sets, etc. Memcache only has Key/Value pairs. Memcache is multi-threaded. Redis is single-threaded and event driven. Redis is very fast, but it’ll never be multi-threaded. At hight scale, you can squeeze more connections and transactions out of Memcache. Memcache tends to be more memory efficient. This can make a big difference around the magnitude of 10s of millions or 100s of millions of keys.

14

Category: Security, identity, and access
Description:Authentication and authorization: Allows users to securely control access to services and resources while offering data security and protection. Create and manage users and groups, and use permissions to allow and deny access to resources.
References:
[AWS]:Identity and Access Management (IAM), AWS Organizations, Multi-Factor Authentication, AWS Directory Service, Cognito(provides solutions to control access to backend resources from your app), Amazon Detective (Investigate potential security issues), AWS IAM Access Analyzer(Easily analyze resource accessibility)
[Azure]:Azure Active Directory, Azure Subscription Management + Azure RBAC, Multi-Factor Authentication, Azure Active Directory Domain Services, Azure Active Directory B2C, Azure Policy, Management Groups
[Google]:Cloud Identity, Identity Platform, Cloud IAM, Policy Intelligence, Cloud Resource Manager, Cloud Identity-Aware Proxy, Context-aware accessManaged Service for Microsoft Active Directory, Security key enforcement, Titan Security Key
Tags: #IAM, #AWSIAM, #AzureIAM, #GoogleIAM, #Multi-factorAuthentication
Differences: One unique thing about AWS IAM is that accounts created in the organization (not through federation) can only be used within that organization. This contrasts with Google and Microsoft. On the good side, every organization is self-contained. On the bad side, users can end up with multiple sets of credentials they need to manage to access different organizations. The second unique element is that every user can have a non-interactive account by creating and using access keys, an interactive account by enabling console access, or both. (Side note: To use the CLI, you need to have access keys generated.)

15

Category: Object Storage and Content delivery
Description:Object storage service, for use cases including cloud applications, content distribution, backup, archiving, disaster recovery, and big data analytics.
References:
[AWS]:Simple Storage Services (S3), Import/Export(used to move large amounts of data into and out of the Amazon Web Services public cloud using portable storage devices for transport.), Snowball( petabyte-scale data transport solution that uses devices designed to be secure to transfer large amounts of data into and out of the AWS Cloud), CloudFront( content delivery network (CDN) is massively scaled and globally distributed), Elastic Block Store (EBS: high performance block storage service), Elastic File System(shared, elastic file storage system that grows and shrinks as you add and remove files.), S3 Infrequent Access (IA: is for data that is accessed less frequently, but requires rapid access when needed. ), S3 Glacier( long-term storage of data that is infrequently accessed and for which retrieval latency times of 3 to 5 hours are acceptable.), AWS Backup( makes it easy to centralize and automate the back up of data across AWS services in the cloud as well as on-premises using the AWS Storage Gateway.), Storage Gateway(hybrid cloud storage service that gives you on-premises access to virtually unlimited cloud storage), AWS Import/Export Disk(accelerates moving large amounts of data into and out of AWS using portable storage devices for transport)
[Azure]:
Azure Blob storage, File Storage, Data Lake Store, Azure Backup, Azure managed disks, Azure Files, Azure Storage cool tier, Azure Storage archive access tier, Azure Backup, StorSimple, Import/Export
[Google]:
Cloud Storage, GlusterFS, CloudCDN
Tags:#S3, #AzureBlobStorage, #CloudStorage
Differences:
Source: All providers have good object storage options and so storage alone is unlikely to be a deciding factor when choosing a cloud provider. The exception perhaps is for hybrid scenarios, in this case Azure and AWS clearly win. AWS and Google’s support for automatic versioning is a great feature that is currently missing from Azure; however Microsoft’s fully managed Data Lake Store offers an additional option that will appeal to organisations who are looking to run large scale analytical workloads. If you are prepared to wait 4 hours for your data and you have considerable amounts of the stuff then AWS Glacier storage might be a good option. If you use the common programming patterns for atomic updates and consistency, such as etags and the if-match family of headers, then you should be aware that AWS does not support them, though Google and Azure do. Azure also supports blob leasing, which can be used to provide a distributed lock.

16

Category:Internet of things (IoT)
Description:A cloud gateway for managing bidirectional communication with billions of IoT devices, securely and at scale. Deploy cloud intelligence directly on IoT devices to run in on-premises scenarios.
References:
[AWS]:AWS IoT (Internet of Things), AWS Greengrass, Kinesis Firehose, Kinesis Streams, AWS IoT Things Graph
[Azure]:Azure IoT Hub, Azure IoT Edge, Event Hubs, Azure Digital Twins, Azure Sphere
[Google]:Google Cloud IoT Core, Firebase, Brillo, Weave, CLoud Pub/SUb, Stream Analysis, Big Query, Big Query Streaming API
Tags:#IoT, #InternetOfThings, #Firebase
Differences:AWS and Azure have a more coherent message with their products clearly integrated into their respective platforms, whereas Google Firebase feels like a distinctly separate product.

17

Category:Web Applications
Description:Managed hosting platform providing easy to use services for deploying and scaling web applications and services. API Gateway is a a turnkey solution for publishing APIs to external and internal consumers. Cloudfront is a global content delivery network that delivers audio, video, applications, images, and other files.
References:
[AWS]:Elastic Beanstalk (for deploying and scaling web applications and services developed with Java, .NET, PHP, Node.js, Python, Ruby, Go, and Docker on familiar servers such as Apache, Nginx, Passenger, and IIS), AWS Wavelength (for delivering ultra-low latency applications for 5G), API Gateway (makes it easy for developers to create, publish, maintain, monitor, and secure APIs at any scale.), CloudFront (web service that speeds up distribution of your static and dynamic web content, such as .html, .css, .js, and image files, to your users. CloudFront delivers your content through a worldwide network of data centers called edge locations.),Global Accelerator ( improves the availability and performance of your applications with local or global users. It provides static IP addresses that act as a fixed entry point to your application endpoints in a single or multiple AWS Regions, such as your Application Load Balancers, Network Load Balancers or Amazon EC2 instances.)AWS AppSync (simplifies application development by letting you create a flexible API to securely access, manipulate, and combine data from one or more data sources: GraphQL service with real-time data synchronization and offline programming features. )
[Azure]:App Service, API Management, Azure Content Delivery Network, Azure Content Delivery Network
[Google]:App Engine, Cloud API, Cloud Enpoint, APIGee
Tags: #AWSElasticBeanstalk, #AzureAppService, #GoogleAppEngine, #CloudEnpoint, #CloudFront, #APIgee
Differences: With AWS Elastic Beanstalk, developers retain full control over the AWS resources powering their application. If developers decide they want to manage some (or all) of the elements of their infrastructure, they can do so seamlessly by using Elastic Beanstalk’s management capabilities. AWS Elastic Beanstalk integrates with more apps than Google App Engines (Datadog, Jenkins, Docker, Slack, Github, Eclipse, etc..). Google App Engine has more features than AWS Elastic BEanstalk (App Identity, Java runtime, Datastore, Blobstore, Images, Go Runtime, etc..). Developers describe Amazon API Gateway as “Create, publish, maintain, monitor, and secure APIs at any scale”. Amazon API Gateway handles all the tasks involved in accepting and processing up to hundreds of thousands of concurrent API calls, including traffic management, authorization and access control, monitoring, and API version management. On the other hand, Google Cloud Endpoints is detailed as “Develop, deploy and manage APIs on any Google Cloud backend”. An NGINX-based proxy and distributed architecture give unparalleled performance and scalability. Using an Open API Specification or one of our API frameworks, Cloud Endpoints gives you the tools you need for every phase of API development and provides insight with Google Cloud Monitoring, Cloud Trace, Google Cloud Logging and Cloud Trace.

18

Category:Encryption
Description:Helps you protect and safeguard your data and meet your organizational security and compliance commitments.
References:
[AWS]:Key Management Service AWS KMS, CloudHSM
[Azure]:Key Vault
[Google]:Encryption By Default at Rest, Cloud KMS
Tags:#AWSKMS, #Encryption, #CloudHSM, #EncryptionAtRest, #CloudKMS
Differences: AWS KMS, is an ideal solution for organizations that want to manage encryption keys in conjunction with other AWS services. In contrast to AWS CloudHSM, AWS KMS provides a complete set of tools to manage encryption keys, develop applications and integrate with other AWS services. Google and Azure offer 4096 RSA. AWS and Google offer 256 bit AES. With AWs, you can bring your own key

19

Category:Internet of things (IoT)
Description:A cloud gateway for managing bidirectional communication with billions of IoT devices, securely and at scale. Deploy cloud intelligence directly on IoT devices to run in on-premises scenarios.
References:
[AWS]:AWS IoT, AWS Greengrass, Kinesis Firehose ( captures and loads streaming data in storage and business intelligence (BI) tools to enable near real-time analytics in the AWS cloud), Kinesis Streams (for rapid and continuous data intake and aggregation.), AWS IoT Things Graph (makes it easy to visually connect different devices and web services to build IoT applications.)
[Azure]:Azure IoT Hub, Azure IoT Edge, Event Hubs, Azure Digital Twins, Azure Sphere
[Google]:Google Cloud IoT Core, Firebase, Brillo, Weave, CLoud Pub/SUb, Stream Analysis, Big Query, Big Query Streaming API
Tags:#IoT, #InternetOfThings, #Firebase
Differences:AWS and Azure have a more coherent message with their products clearly integrated into their respective platforms, whereas Google Firebase feels like a distinctly separate product.

20

Category:Object Storage and Content delivery
Description: Object storage service, for use cases including cloud applications, content distribution, backup, archiving, disaster recovery, and big data analytics.
References:
[AWS]:Simple Storage Services (S3), Import/Export Snowball, CloudFront, Elastic Block Store (EBS), Elastic File System, S3 Infrequent Access (IA), S3 Glacier, AWS Backup, Storage Gateway, AWS Import/Export Disk, Amazon S3 Access Points(Easily manage access for shared data)
[Azure]:Azure Blob storage, File Storage, Data Lake Store, Azure Backup, Azure managed disks, Azure Files, Azure Storage cool tier, Azure Storage archive access tier, Azure Backup, StorSimple, Import/Export
[Google]:Cloud Storage, GlusterFS, CloudCDN
Tags:#S3, #AzureBlobStorage, #CloudStorage
Differences:All providers have good object storage options and so storage alone is unlikely to be a deciding factor when choosing a cloud provider. The exception perhaps is for hybrid scenarios, in this case Azure and AWS clearly win. AWS and Google’s support for automatic versioning is a great feature that is currently missing from Azure; however Microsoft’s fully managed Data Lake Store offers an additional option that will appeal to organisations who are looking to run large scale analytical workloads. If you are prepared to wait 4 hours for your data and you have considerable amounts of the stuff then AWS Glacier storage might be a good option. If you use the common programming patterns for atomic updates and consistency, such as etags and the if-match family of headers, then you should be aware that AWS does not support them, though Google and Azure do. Azure also supports blob leasing, which can be used to provide a distributed lock.

21

Category: Backend process logic
Description: Cloud technology to build distributed applications using out-of-the-box connectors to reduce integration challenges. Connect apps, data and devices on-premises or in the cloud.
References:
[AWS]:AWS Step Functions ( lets you build visual workflows that enable fast translation of business requirements into technical requirements. You can build applications in a matter of minutes, and when needs change, you can swap or reorganize components without customizing any code.)
[Azure]:Logic Apps (cloud service that helps you schedule, automate, and orchestrate tasks, business processes, and workflows when you need to integrate apps, data, systems, and services across enterprises or organizations.)
[Google]:Dataflow ( fully managed service for executing Apache Beam pipelines within the Google Cloud Platform ecosystem.)
Tags:#AWSStepFunctions, #LogicApps, #Dataflow
Differences: AWS Step Functions makes it easy to coordinate the components of distributed applications and microservices using visual workflows. Building applications from individual components that each perform a discrete function lets you scale and change applications quickly. AWS Step Functions belongs to \”Cloud Task Management\” category of the tech stack, while Google Cloud Dataflow can be primarily classified under \”Real-time Data Processing\”. According to the StackShare community, Google Cloud Dataflow has a broader approval, being mentioned in 32 company stacks & 8 developers stacks; compared to AWS Step Functions, which is listed in 19 company stacks and 7 developer stacks.

22

Category: Enterprise application services
Description:Fully integrated Cloud service providing communications, email, document management in the cloud and available on a wide variety of devices.
References:
[AWS]:Amazon WorkMail, Amazon WorkDocs, Amazon Kendra (Sync and Index)
[Azure]:Office 365
[Google]:G Suite
Tags: #AmazonWorkDocs, #Office365, #GoogleGSuite
Differences: G suite document processing applications like Google Docs are far behind Office 365 popular Word and Excel software, but G Suite User interface is intuite, simple and easy to navigate. Office 365 is too clunky. Get 20% off G-Suite Business Plan with Promo Code: PCQ49CJYK7EATNC

23

Category: Networking
Description: Provides an isolated, private environment in the cloud. Users have control over their virtual networking environment, including selection of their own IP address range, creation of subnets, and configuration of route tables and network gateways.
References:
[AWS]:Virtual Private Cloud (VPC), Cloud virtual networking, Subnets, Elastic Network Interface (ENI), Route Tables, Network ACL, Secutity Groups, Internet Gateway, NAT Gateway, AWS VPN Gateway, AWS Route 53, AWS Direct Connect, AWS Network Load Balancer, VPN CloudHub, AWS Local Zones, AWS Transit Gateway network manager (Centrally manage global networks)
[Azure]:Virtual Network(provide services for building networks within Azure.),Subnets (network resources can be grouped by subnet for organisation and security.), Network Interface (Each virtual machine can be assigned one or more network interfaces (NICs)), Network Security Groups (NSG: contains a set of prioritised ACL rules that explicitly grant or deny access), Azure VPN Gateway ( allows connectivity to on-premise networks), Azure DNS, Traffic Manager (DNS based traffic routing solution.), ExpressRoute (provides connections up to 10 Gbps to Azure services over a dedicated fibre connection), Azure Load Balancer, Network Peering, Azure Stack (Azure Stack allows organisations to use Azure services running in private data centers.), Azure Load Balancer , Azure Log Analytics, Azure DNS,
[Google]:Cloud Virtual Network, Subnets, Network Interface, Protocol fowarding, Cloud VPN, Cloud DNS, Virtual Private Network, Cloud Interconnect, CDN interconnect, Cloud DNS, Stackdriver, Google Cloud Load Balancing,
Tags:#VPC, #Subnets, #ACL, #VPNGateway, #CloudVPN, #NetworkInterface, #ENI, #RouteTables, #NSG, #NetworkACL, #InternetGateway, #NatGateway, #ExpressRoute, #CloudInterConnect, #StackDriver
Differences: Subnets group related resources, however, unlike AWS and Azure, Google do not constrain the private IP address ranges of subnets to the address space of the parent network. Like Azure, Google has a built in internet gateway that can be specified from routing rules.

24

Category: Management
Description: A unified management console that simplifies building, deploying, and operating your cloud resources.
References:
[AWS]: AWS Management Console, Trusted Advisor, AWS Usage and Billing Report, AWS Application Discovery Service, Amazon EC2 Systems Manager, AWS Personal Health Dashboard, AWS Compute Optimizer (Identify optimal AWS Compute resources)
[Azure]:Azure portal, Azure Advisor, Azure Billing API, Azure Migrate, Azure Monitor, Azure Resource Health
[Google]:Google CLoud Platform, Cost Management, Security Command Center, StackDriver
Tags: #AWSConsole, #AzurePortal, #GoogleCloudConsole, #TrustedAdvisor, #AzureMonitor, #SecurityCommandCenter
Differences: AWS Console categorizes its Infrastructure as a Service offerings into Compute, Storage and Content Delivery Network (CDN), Database, and Networking to help businesses and individuals grow. Azure excels in the Hybrid Cloud space allowing companies to integrate onsite servers with cloud offerings. Google has a strong offering in containers, since Google developed the Kubernetes standard that AWS and Azure now offer. GCP specializes in high compute offerings like Big Data, analytics and machine learning. It also offers considerable scale and load balancing – Google knows data centers and fast response time.

25

Category: DevOps and application monitoring
Description: Comprehensive solution for collecting, analyzing, and acting on telemetry from your cloud and on-premises environments; Cloud services for collaborating on code development; Collection of tools for building, debugging, deploying, diagnosing, and managing multiplatform scalable apps and services; Fully managed build service that supports continuous integration and deployment.
References:
[AWS]:AWS CodePipeline(orchestrates workflow for continuous integration, continuous delivery, and continuous deployment), AWS CloudWatch (monitor your AWS resources and the applications you run on AWS in real time. ), AWS X-Ray (application performance management service that enables a developer to analyze and debug applications in aws), AWS CodeDeploy (automates code deployments to Elastic Compute Cloud (EC2) and on-premises servers. ), AWS CodeCommit ( source code storage and version-control service), AWS Developer Tools, AWS CodeBuild (continuous integration service that compiles source code, runs tests, and produces software packages that are ready to deploy. ), AWS Command Line Interface (unified tool to manage your AWS services), AWS OpsWorks (Chef-based), AWS CloudFormation ( provides a common language for you to describe and provision all the infrastructure resources in your cloud environment.), Amazon CodeGuru (for automated code reviews and application performance recommendations)
[Azure]:Azure Monitor, Azure DevOps, Azure Developer Tools, Azure CLI Azure PowerShell, Azure Automation, Azure Resource Manager , VM extensions , Azure Automation
[Google]:DevOps Solutions (Infrastructure as code, Configuration management, Secrets management, Serverless computing, Continuous delivery, Continuous integration , Stackdriver (combines metrics, logs, and metadata from all of your cloud accounts and projects into a single comprehensive view of your environment)
Tags: #CloudWatch, #StackDriver, #AzureMonitor, #AWSXray, #AWSCodeDeploy, #AzureDevOps, #GoogleDevopsSolutions
Differences: CodeCommit eliminates the need to operate your own source control system or worry about scaling its infrastructure. Azure DevOps provides unlimited private Git hosting, cloud build for continuous integration, agile planning, and release management for continuous delivery to the cloud and on-premises. Includes broad IDE support.

SageMakerAzure Machine Learning Studio

A collaborative, drag-and-drop tool to build, test, and deploy predictive analytics solutions on your data.

Alexa Skills KitMicrosoft Bot Framework

Build and connect intelligent bots that interact with your users using text/SMS, Skype, Teams, Slack, Office 365 mail, Twitter, and other popular services.

Amazon LexSpeech Services

API capable of converting speech to text, understanding intent, and converting text back to speech for natural responsiveness.

Amazon LexLanguage Understanding (LUIS)

Allows your applications to understand user commands contextually.

Amazon Polly, Amazon Transcribe | Azure Speech Services

Enables both Speech to Text, and Text into Speech capabilities.
The Speech Services are the unification of speech-to-text, text-to-speech, and speech-translation into a single Azure subscription. It’s easy to speech enable your applications, tools, and devices with the Speech SDK, Speech Devices SDK, or REST APIs.
Amazon Polly is a Text-to-Speech (TTS) service that uses advanced deep learning technologies to synthesize speech that sounds like a human voice. With dozens of lifelike voices across a variety of languages, you can select the ideal voice and build speech-enabled applications that work in many different countries.
Amazon Transcribe is an automatic speech recognition (ASR) service that makes it easy for developers to add speech-to-text capability to their applications. Using the Amazon Transcribe API, you can analyze audio files stored in Amazon S3 and have the service return a text file of the transcribed speech.

Amazon RekognitionCognitive Services

Computer Vision: Extract information from images to categorize and process visual data.
Amazon Rekognition is a simple and easy to use API that can quickly analyze any image or video file stored in Amazon S3. Amazon Rekognition is always learning from new data, and we are continually adding new labels and facial recognition features to the service.

Face: Detect, identy, and analyze faces in photos.

Emotions: Recognize emotions in images.

Alexa Skill SetAzure Virtual Assistant

The Virtual Assistant Template brings together a number of best practices we’ve identified through the building of conversational experiences and automates integration of components that we’ve found to be highly beneficial to Bot Framework developers.

Big data and analytics

Data warehouse

AWS RedshiftSQL Data Warehouse

Cloud-based Enterprise Data Warehouse (EDW) that uses Massively Parallel Processing (MPP) to quickly run complex queries across petabytes of data.

Big data processing
EMR | Azure Databricks
Apache Spark-based analytics platform.

EMR HDInsight

Managed Hadoop service. Deploy and manage Hadoop clusters in Azure.

Data orchestration / ETL

AWS Data Pipeline, AWS Glue | Data Factory

Processes and moves data between different compute and storage services, as well as on-premises data sources at specified intervals. Create, schedule, orchestrate, and manage data pipelines.

AWS GlueData Catalog

A fully managed service that serves as a system of registration and system of discovery for enterprise data sources

Analytics and visualization

AWS Kinesis Analytics | Stream Analytics

Data Lake Analytics | Data Lake Store

Storage and analysis platforms that create insights from large quantities of data, or data that originates from many sources.

QuickSightPower BI

Business intelligence tools that build visualizations, perform ad hoc analysis, and develop business insights from data.

CloudSearchAzure Search

Delivers full-text search and related search analytics and capabilities.

Amazon AthenaAzure Data Lake Analytics

Provides a serverless interactive query service that uses standard SQL for analyzing databases.

Compute

Virtual servers

Elastic Compute Cloud (EC2)Azure Virtual Machines

Virtual servers allow users to deploy, manage, and maintain OS and server software. Instance types provide combinations of CPU/RAM. Users pay for what they use with the flexibility to change sizes.

AWS BatchAzure Batch

Run large-scale parallel and high-performance computing applications efficiently in the cloud.

AWS Auto ScalingVirtual Machine Scale Sets

Allows you to automatically change the number of VM instances. You set defined metric and thresholds that determine if the platform adds or removes instances.

VMware Cloud on AWSAzure VMware by CloudSimple

Redeploy and extend your VMware-based enterprise workloads to Azure with Azure VMware Solution by CloudSimple. Keep using the VMware tools you already know to manage workloads on Azure without disrupting network, security, or data protection policies.

Containers and container orchestrators

EC2 Container Service (ECS), FargateAzure Container Instances

Azure Container Instances is the fastest and simplest way to run a container in Azure, without having to provision any virtual machines or adopt a higher-level orchestration service.

EC2 Container RegistryAzure Container Registry

Allows customers to store Docker formatted images. Used to create all types of container deployments on Azure.

Elastic Container Service for Kubernetes (EKS)Azure Kubernetes Service (AKS)

Deploy orchestrated containerized applications with Kubernetes. Simplify monitoring and cluster management through auto upgrades and a built-in operations console.

App MeshService Fabric Mesh

Fully managed service that enables developers to deploy microservices applications without managing virtual machines, storage, or networking.
AWS App Mesh is a service mesh that provides application-level networking to make it easy for your services to communicate with each other across multiple types of compute infrastructure. App Mesh standardizes how your services communicate, giving you end-to-end visibility and ensuring high-availability for your applications.

Serverless

AWS Lambda | Azure Functions

Integrate systems and run backend processes in response to events or schedules without provisioning or managing servers.
AWS Lambda is an event-driven, serverless computing platform provided by Amazon as a part of the Amazon Web Services. It is a computing service that runs code in response to events and automatically manages the computing resources required by that code

Database

Relational database

AWS RDS | SQL Database Azure Database for MySQL Azure Database for PostgreSQL

Managed relational database service where resiliency, scale, and maintenance are primarily handled by the platform.
Amazon Relational Database Service is a distributed relational database service by Amazon Web Services. It is a web service running “in the cloud” designed to simplify the setup, operation, and scaling of a relational database for use in applications. Administration processes like patching the database software, backing up databases and enabling point-in-time recovery are managed automatically. Scaling storage and compute resources can be performed by a single API call as AWS does not offer an ssh connection to RDS instances.

NoSQL / Document

DynamoDB and SimpleDBAzure Cosmos DB

A globally distributed, multi-model database that natively supports multiple data models: key-value, documents, graphs, and columnar.

Caching

AWS ElastiCache | Azure Cache for Redis

An in-memory–based, distributed caching service that provides a high-performance store typically used to offload non transactional work from a database.
Amazon ElastiCache is a fully managed in-memory data store and cache service by Amazon Web Services. The service improves the performance of web applications by retrieving information from managed in-memory caches, instead of relying entirely on slower disk-based databases. ElastiCache supports two open-source in-memory caching engines: Memcached and Redis.

Database migration

AWS Database Migration ServiceAzure Database Migration Service

Migration of database schema and data from one database format to a specific database technology in the cloud.
AWS Database Migration Service helps you migrate databases to AWS quickly and securely. The source database remains fully operational during the migration, minimizing downtime to applications that rely on the database. The AWS Database Migration Service can migrate your data to and from most widely used commercial and open-source databases.

DevOps and application monitoring

AWS CloudWatch, AWS X-Ray | Azure Monitor

Comprehensive solution for collecting, analyzing, and acting on telemetry from your cloud and on-premises environments.
Amazon CloudWatch is a monitoring and observability service built for DevOps engineers, developers, site reliability engineers (SREs), and IT managers. CloudWatch provides you with data and actionable insights to monitor your applications, respond to system-wide performance changes, optimize resource utilization, and get a unified view of operational health. CloudWatch collects monitoring and operational data in the form of logs, metrics, and events, providing you with a unified view of AWS resources, applications, and services that run on AWS and on-premises servers.
AWS X-Ray is an application performance management service that enables a developer to analyze and debug applications in the Amazon Web Services (AWS) public cloud. A developer can use AWS X-Ray to visualize how a distributed application is performing during development or production, and across multiple AWS regions and accounts.

AWS CodeDeploy, AWS CodeCommit, AWS CodePipeline | Azure DevOps

A cloud service for collaborating on code development.
AWS CodeDeploy is a fully managed deployment service that automates software deployments to a variety of compute services such as Amazon EC2, AWS Fargate, AWS Lambda, and your on-premises servers. AWS CodeDeploy makes it easier for you to rapidly release new features, helps you avoid downtime during application deployment, and handles the complexity of updating your applications.
AWS CodePipeline is a fully managed continuous delivery service that helps you automate your release pipelines for fast and reliable application and infrastructure updates. CodePipeline automates the build, test, and deploy phases of your release process every time there is a code change, based on the release model you define.
AWS CodeCommit is a source code storage and version-control service for Amazon Web Services’ public cloud customers. CodeCommit was designed to help IT teams collaborate on software development, including continuous integration and application delivery.

AWS Developer ToolsAzure Developer Tools

Collection of tools for building, debugging, deploying, diagnosing, and managing multiplatform scalable apps and services.
The AWS Developer Tools are designed to help you build software like Amazon. They facilitate practices such as continuous delivery and infrastructure as code for serverless, containers, and Amazon EC2.

AWS CodeBuild | Azure DevOps

Fully managed build service that supports continuous integration and deployment.

AWS Command Line Interface | Azure CLI Azure PowerShell

Built on top of the native REST API across all cloud services, various programming language-specific wrappers provide easier ways to create solutions.
The AWS Command Line Interface (CLI) is a unified tool to manage your AWS services. With just one tool to download and configure, you can control multiple AWS services from the command line and automate them through scripts.

AWS OpsWorks (Chef-based)Azure Automation

Configures and operates applications of all shapes and sizes, and provides templates to create and manage a collection of resources.
AWS OpsWorks is a configuration management service that provides managed instances of Chef and Puppet. Chef and Puppet are automation platforms that allow you to use code to automate the configurations of your servers.

AWS CloudFormation | Azure Resource Manager , VM extensions , Azure Automation

Provides a way for users to automate the manual, long-running, error-prone, and frequently repeated IT tasks.
AWS CloudFormation provides a common language for you to describe and provision all the infrastructure resources in your cloud environment. CloudFormation allows you to use a simple text file to model and provision, in an automated and secure manner, all the resources needed for your applications across all regions and accounts.

Networking

Area

Cloud virtual networking, Virtual Private Cloud (VPC) | Virtual Network

Provides an isolated, private environment in the cloud. Users have control over their virtual networking environment, including selection of their own IP address range, creation of subnets, and configuration of route tables and network gateways.

Cross-premises connectivity

AWS VPN Gateway | Azure VPN Gateway

Connects Azure virtual networks to other Azure virtual networks, or customer on-premises networks (Site To Site). Allows end users to connect to Azure services through VPN tunneling (Point To Site).

DNS management

AWS Route 53 | Azure DNS

Manage your DNS records using the same credentials and billing and support contract as your other Azure services

Route 53 | Traffic Manager

A service that hosts domain names, plus routes users to Internet applications, connects user requests to datacenters, manages traffic to apps, and improves app availability with automatic failover.

Dedicated network

AWS Direct Connect | ExpressRoute

Establishes a dedicated, private network connection from a location to the cloud provider (not over the Internet).

Load balancing

AWS Network Load Balancer | Azure Load Balancer

Azure Load Balancer load-balances traffic at layer 4 (TCP or UDP).

Application Load Balancer | Application Gateway

Application Gateway is a layer 7 load balancer. It supports SSL termination, cookie-based session affinity, and round robin for load-balancing traffic.

Internet of things (IoT)

AWS IoT | Azure IoT Hub

A cloud gateway for managing bidirectional communication with billions of IoT devices, securely and at scale.

AWS Greengrass | Azure IoT Edge

Deploy cloud intelligence directly on IoT devices to run in on-premises scenarios.

Kinesis Firehose, Kinesis Streams | Event Hubs

Services that allow the mass ingestion of small data inputs, typically from devices and sensors, to process and route the data.

AWS IoT Things Graph | Azure Digital Twins

Azure Digital Twins is an IoT service that helps you create comprehensive models of physical environments. Create spatial intelligence graphs to model the relationships and interactions between people, places, and devices. Query data from a physical space rather than disparate sensors.

Management

Trusted Advisor | Azure Advisor

Provides analysis of cloud resource configuration and security so subscribers can ensure they’re making use of best practices and optimum configurations.

AWS Usage and Billing Report | Azure Billing API

Services to help generate, monitor, forecast, and share billing data for resource usage by time, organization, or product resources.

AWS Management Console | Azure portal

A unified management console that simplifies building, deploying, and operating your cloud resources.

AWS Application Discovery Service | Azure Migrate

Assesses on-premises workloads for migration to Azure, performs performance-based sizing, and provides cost estimations.

Amazon EC2 Systems Manager | Azure Monitor

Comprehensive solution for collecting, analyzing, and acting on telemetry from your cloud and on-premises environments.

AWS Personal Health Dashboard | Azure Resource Health

Provides detailed information about the health of resources as well as recommended actions for maintaining resource health.

Security, identity, and access

Authentication and authorization

Identity and Access Management (IAM) | Azure Active Directory

Allows users to securely control access to services and resources while offering data security and protection. Create and manage users and groups, and use permissions to allow and deny access to resources.

Identity and Access Management (IAM) | Azure Role Based Access Control

Role-based access control (RBAC) helps you manage who has access to Azure resources, what they can do with those resources, and what areas they have access to.

AWS Organizations | Azure Subscription Management + Azure RBAC

Security policy and role management for working with multiple accounts.

Multi-Factor Authentication | Multi-Factor Authentication

Safeguard access to data and applications while meeting user demand for a simple sign-in process.

AWS Directory Service | Azure Active Directory Domain Services

Provides managed domain services such as domain join, group policy, LDAP, and Kerberos/NTLM authentication that are fully compatible with Windows Server Active Directory.

Cognito | Azure Active Directory B2C

A highly available, global, identity management service for consumer-facing applications that scales to hundreds of millions of identities.

AWS Organizations | Azure Policy

Azure Policy is a service in Azure that you use to create, assign, and manage policies. These policies enforce different rules and effects over your resources, so those resources stay compliant with your corporate standards and service level agreements.

AWS Organizations | Management Groups

Azure management groups provide a level of scope above subscriptions. You organize subscriptions into containers called “management groups” and apply your governance conditions to the management groups. All subscriptions within a management group automatically inherit the conditions applied to the management group. Management groups give you enterprise-grade management at a large scale, no matter what type of subscriptions you have.

Encryption

Server-side encryption with Amazon S3 Key Management Service | Azure Storage Service Encryption

Helps you protect and safeguard your data and meet your organizational security and compliance commitments.

Key Management Service AWS KMS, CloudHSM | Key Vault

Provides security solution and works with other services by providing a way to manage, create, and control encryption keys stored in hardware security modules (HSM).

Firewall

Web Application Firewall | Application Gateway – Web Application Firewall

A firewall that protects web applications from common web exploits.

Web Application Firewall | Azure Firewall

Provides inbound protection for non-HTTP/S protocols, outbound network-level protection for all ports and protocols, and application-level protection for outbound HTTP/S.

Security

Inspector | Security Center

An automated security assessment service that improves the security and compliance of applications. Automatically assess applications for vulnerabilities or deviations from best practices.

Certificate Manager | App Service Certificates available on the Portal

Service that allows customers to create, manage, and consume certificates seamlessly in the cloud.

GuardDuty | Azure Advanced Threat Protection

Detect and investigate advanced attacks on-premises and in the cloud.

AWS Artifact | Service Trust Portal

Provides access to audit reports, compliance guides, and trust documents from across cloud services.

AWS Shield | Azure DDos Protection Service

Provides cloud services with protection from distributed denial of services (DDoS) attacks.

Storage

Object storage

Simple Storage Services (S3) | Azure Blob storage

Object storage service, for use cases including cloud applications, content distribution, backup, archiving, disaster recovery, and big data analytics.

Virtual server disks

Elastic Block Store (EBS) | Azure managed disks

SSD storage optimized for I/O intensive read/write operations. For use as high-performance Azure virtual machine storage.

Shared files

Elastic File System | Azure Files

Provides a simple interface to create and configure file systems quickly, and share common files. Can be used with traditional protocols that access files over a network.

Archiving and backup

S3 Infrequent Access (IA) | Azure Storage cool tier

Cool storage is a lower-cost tier for storing data that is infrequently accessed and long-lived.

S3 Glacier | Azure Storage archive access tier

Archive storage has the lowest storage cost and higher data retrieval costs compared to hot and cool storage.

AWS Backup | Azure Backup

Back up and recover files and folders from the cloud, and provide offsite protection against data loss.

Hybrid storage

Storage Gateway | StorSimple

Integrates on-premises IT environments with cloud storage. Automates data management and storage, plus supports disaster recovery.

Bulk data transfer

AWS Import/Export Disk | Import/Export

A data transport solution that uses secure disks and appliances to transfer large amounts of data. Also offers data protection during transit.

AWS Import/Export Snowball, Snowball Edge, Snowmobile | Azure Data Box

Petabyte- to exabyte-scale data transport solution that uses secure data storage devices to transfer large amounts of data to and from Azure.

Web applications

Elastic Beanstalk | App Service

Managed hosting platform providing easy to use services for deploying and scaling web applications and services.

API Gateway | API Management

A turnkey solution for publishing APIs to external and internal consumers.

CloudFront | Azure Content Delivery Network

A global content delivery network that delivers audio, video, applications, images, and other files.

Global Accelerator | Azure Front Door

Easily join your distributed microservice architectures into a single global application using HTTP load balancing and path-based routing rules. Automate turning up new regions and scale-out with API-driven global actions, and independent fault-tolerance to your back end microservices in Azure—or anywhere.

Miscellaneous

Backend process logic

AWS Step Functions | Logic Apps

Cloud technology to build distributed applications using out-of-the-box connectors to reduce integration challenges. Connect apps, data and devices on-premises or in the cloud.

Enterprise application services

Amazon WorkMail, Amazon WorkDocs | Office 365

Fully integrated Cloud service providing communications, email, document management in the cloud and available on a wide variety of devices.

Gaming

GameLift, GameSparks | PlayFab

Managed services for hosting dedicated game servers.

Media transcoding

Elastic Transcoder | Media Services

Services that offer broadcast-quality video streaming services, including various transcoding technologies.

Workflow

Simple Workflow Service (SWF) | Logic Apps

Serverless technology for connecting apps, data and devices anywhere, whether on-premises or in the cloud for large ecosystems of SaaS and cloud-based connectors.

Hybrid

Outposts | Azure Stack

Azure Stack is a hybrid cloud platform that enables you to run Azure services in your company’s or service provider’s datacenter. As a developer, you can build apps on Azure Stack. You can then deploy them to either Azure Stack or Azure, or you can build truly hybrid apps that take advantage of connectivity between an Azure Stack cloud and Azure.

Source: AWS to Azure services comparison – Azure Architecture

AWS Solution Architect Associate Certification Exam Prep: Facts and Summaries, Questions and Answers Dump

AWS Solution Architect Associate Exam Questions and Answers Dump

In this blog, we will help you prepare for the AWS Solution Architect Associate Certification Exam, give you some  facts and summaries, provide AWS Solution Architect Associate Top 65 Questions and Answers Dump

 

Definition 1: Solution architecture is a practice of defining and describing an architecture of a system delivered in context of a specific solution and as such it may encompass description of an entire system or only its specific parts. Definition of a solution architecture is typically led by a solution architect.

Definition 2: The AWS Certified Solutions Architect – Associate examination is intended for individuals who perform a solutions architect role and have one or more years of hands-on experience designing available, cost-efficient, fault-tolerant, and scalable distributed systems on AWS.

AWS Solution Architect Associate Exam Facts and Summaries

  1. This exam validates an examinee’s ability to effectively demonstrate knowledge of how to architect and deploy secure and robust applications on AWS technologies. It validates an examinee’s ability to:
    • Define a solution using architectural design principles based on customer requirements.
    • Provide implementation guidance based on best practices to the organization throughout the lifecycle of the project.
  2. There are two types of questions on the examination:
    • Multiple-choice: Has one correct response and three incorrect responses (distractors).
    • Multiple-response: Has two correct responses out of five options.

    Select one or more responses that best complete the statement or answer the question. Distractors, or incorrect answers, are response options that an examinee with incomplete knowledge or skill would likely choose. However, they are generally plausible responses that fit in the content area defined by the test objective. Unanswered questions are scored as incorrect; there is no penalty for guessing.  

  3. The table below lists the main content domains and their weightings:
  4. Domain 1: Design Resilient Architectures
    • Choose reliable/resilient storage.
    • Determine how to design decoupling mechanisms using AWS services.
    • Determine how to design a multi-tier architecture solution.
    • Determine how to design high availability and/or fault tolerant architectures
  5. Domain 2: Define Performant Architectures
    • Choose performant storage and databases.
    • Apply caching to improve performance.
    • Design solutions for elasticity and scalability.
  6. Domain 3: Specify Secure Applications and Architectures.
    • Determine how to secure application tiers.
    • Determine how to secure data.
    • Define the networking infrastructure for a single VPC application.
  7.  Domain 4: Design Cost-Optimized Architectures
    • Determine how to design cost-optimized storage.
    • Determine how to design cost-optimized compute.
  8. Domain 5: Define Operationally-Excellent Architectures
    • Choose design features in solutions that enable operational excellence.
  9. Take an AWS Training Class
  10. Study AWS Whitepapers and FAQs: AWS Well-Architected webpage (various whitepapers linked)
  11. If you are running an application in a production environment and must add a new EBS volume with data from a snapshot, what could you do to avoid degraded performance during the volume’s first use?
    Initialize the data by reading each storage block on the volume.
    Volumes created from an EBS snapshot must be initialized. Initializing occurs the first time a storage block on the volume is read, and the performance impact can be impacted by up to 50%. You can avoid this impact in production environments by pre-warming the volume by reading all of the blocks.
  12. If you are running a legacy application that has hard-coded static IP addresses and it is running on an EC2 instance; what is the best failover solution that allows you to keep the same IP address on a new instance?
    Elastic IP addresses (EIPs) are designed to be attached/detached and moved from one EC2 instance to another. They are a great solution for keeping a static IP address and moving it to a new instance if the current instance fails. This will reduce or eliminate any downtime uses may experience.
  13. Which feature of Intel processors help to encrypt data without significant impact on performance?
    AES-NI
  14. You can mount to EFS from which two of the following?
    • On-prem servers running Linux
    • EC2 instances running Linux

    EFS is not compatible with Windows operating systems.

  15. When a file(s) is encrypted and the stored data is not in transit it’s known as encryption at rest. What is an example of encryption at rest? 

  16. When would vertical scaling be necessary? When an application is built entirely into one source code, otherwise known as a monolithic application.

  17. Fault-Tolerance allows for continuous operation throughout a failure, which can lead to a low Recovery Time Objective.  RPO vs. RTO

  18. High-Availability means automating tasks so that an instance will quickly recover, which can lead to a low Recovery Time Objective.  RPO vs. RTO
  19. Frequent backups reduce the time between the last backup and recovery point, otherwise known as the Recovery Point Objective.  RPO vs. RTO
  20. Which represents the difference between Fault-Tolerance and High-Availability? High-Availability means the system will quickly recover from a failure event, and Fault-Tolerance means the system will maintain operations during a failure.
  21. From a security perspective, what is a principal? An anonymous user falls under the definition of a principal. A principal can be an anonymous user acting on a system.

    An authenticated user falls under the definition of a principal. A principal can be an authenticated user acting on a system.

  22. What are two types of session data saving for an Application Session State? Stateless and Stateful

 

23. It is the customer’s responsibility to patch the operating system on an EC2 instance.

24. In designing an environment, what four main points should a Solutions Architect keep in mind? Cost-efficient, secure, application session state, undifferentiated heavy lifting: These four main points should be the framework when designing an environment.

25. In the context of disaster recovery, what does RPO stand for? RPO is the abbreviation for Recovery Point Objective.

26. What are the benefits of horizontal scaling?

Vertical scaling can be costly while horizontal scaling is cheaper.

Horizontal scaling suffers from none of the size limitations of vertical scaling.

Having horizontal scaling means you can easily route traffic to another instance of a server.

Top
Reference: AWS Solution Architect Associate Exam Prep

AWS Solution Architect Associate Exam Prep Questions and Answers Dump

Q0: A company is developing a highly available web application using stateless web servers. Which services are suitable for storing session state data? (Select TWO.)

  • A. CloudWatch
  • B. DynamoDB
  • C. Elastic Load Balancing
  • D. ElastiCache
  • E. Storage Gateway

B. and D.

Reference: AWS Session management

Top

Q1: A Solutions Architect is designing a critical business application with a relational database that runs on an EC2 instance. It requires a single EBS volume that can support up to 16,000 IOPS.
Which Amazon EBS volume type can meet the performance requirements of this application?

  • A. EBS Provisioned IOPS SSD
  • B. EBS Throughput Optimized HDD
  • C. EBS General Purpose SSD
  • D. EBS Cold HDD

A.
EBS Provisioned IOPS SSD provides sustained performance for mission-critical low-latency workloads. EBS General Purpose SSD can provide bursts of performance up to 3,000 IOPS and have a maximum baseline performance of 10,000 IOPS for volume sizes greater than 3.3 TB. The 2 HDD options are lower cost, high throughput volumes.

Reference: Amazon EBS Performance Tips

Top

Q2: An application running on EC2 instances processes sensitive information stored on Amazon S3. The information is accessed over the Internet. The security team is concerned that the Internet connectivity to Amazon S3 is a security risk.
Which solution will resolve the security concern?

  • A. Access the data through an Internet Gateway.
  • B. Access the data through a VPN connection.
  • C. Access the data through a NAT Gateway.
  • D.Access the data through a VPC endpoint for Amazon S3

D.
VPC endpoints for Amazon S3 provide secure connections to S3 buckets that do not require a gateway or NAT instances. NAT Gateways and Internet Gateways still route traffic over the Internet to the public endpoint for Amazon S3. There is no way to connect to Amazon S3 via VPN.

Reference: S3 VPC Endpoints

Top

Q3: An organization is building an Amazon Redshift cluster in their shared services VPC. The cluster will host sensitive data.
How can the organization control which networks can access the cluster?

  • A. Run the cluster in a different VPC and connect through VPC peering.
  • B. Create a database user inside the Amazon Redshift cluster only for users on the network.
  • C. Define a cluster security group for the cluster that allows access from the allowed networks.
  • D. Only allow access to networks that connect with the shared services network via VPN.

C
A security group can grant access to traffic from the allowed networks via the CIDR range for each network. VPC peering and VPN are connectivity services and cannot control traffic for security. Amazon Redshift user accounts address authentication and authorization at the user level and have no control over network traffic.

Reference: AWS Security best practice

Top

Q4: A web application allows customers to upload orders to an S3 bucket. The resulting Amazon S3 events trigger a Lambda function that inserts a message to an SQS queue. A single EC2 instance reads messages from the queue, processes them, and stores them in an DynamoDB table partitioned by unique order ID. Next month traffic is expected to increase by a factor of 10 and a Solutions Architect is reviewing the architecture for possible scaling problems.
Which component is MOST likely to need re-architecting to be able to scale to accommodate the new traffic?

  • A. Lambda function
  • B. SQS queue
  • C. EC2 instance
  • D. DynamoDB table

C.
A single EC2 instance will not scale and is a single point of failure in the architecture. A much better solution would be to have EC2 instances in an Auto Scaling group across 2 availability zones read messages from the queue. The other responses are all managed services that can be configured to scale or will scale automatically.

Reference: Eliminating Single Points of Failures on AWS Cloud

Top

Q5: An application requires a highly available relational database with an initial storage capacity of 8 TB. The database will grow by 8 GB every day. To support expected traffic, at least eight read replicas will be required to handle database reads.
Which option will meet these requirements?

  • A. DynamoDB
  • B. Amazon S3
  • C. Amazon Aurora
  • D. Amazon Redshift

C.
Amazon Aurora is a relational database that will automatically scale to accommodate data growth. Amazon Redshift does not support read replicas and will not automatically scale. DynamoDB is a NoSQL service, not a relational database. Amazon S3 is object storage, not a relational database.

Reference: Replication with Amazon Aurora

Top

Q6: How can you improve the performance of EFS?

  • A. Use an instance-store backed EC2 instance.
  • B. Provision more throughput than is required.
  • C. Divide your files system into multiple smaller file systems.
  • D. Provision higher IOPs for your EFS.

B.
Amazon EFS now allows you to instantly provision the throughput required for your applications independent of the amount of data stored in your file system. This allows you to optimize throughput for your application’s performance needs.

Reference: Amazon EFS Performance

Top

Q7:
If you are designing an application that requires fast (10 – 25Gbps), low-latency connections between EC2 instances, what EC2 feature should you use?

  • A. Snapshots
  • B. Instance store volumes
  • C. Placement groups
  • D. IOPS provisioned instances.

C.
Placement groups are a clustering of EC2 instances in one Availability Zone with fast (up to 25Gbps) connections between them. This feature is used for applications that need extremely low-latency connections between instances.

Reference: Placement Groups

Top

Q8: A Solution Architect is designing an online shopping application running in a VPC on EC2 instances behind an ELB Application Load Balancer. The instances run in an Auto Scaling group across multiple Availability Zones. The application tier must read and write data to a customer managed database cluster. There should be no access to the database from the Internet, but the cluster must be able to obtain software patches from the Internet.

 

Which VPC design meets these requirements?

  • A. Public subnets for both the application tier and the database cluster
  • B. Public subnets for the application tier, and private subnets for the database cluster
  • C. Public subnets for the application tier and NAT Gateway, and private subnets for the database cluster
  • D. Public subnets for the application tier, and private subnets for the database cluster and NAT Gateway

Answer: C.
The online application must be in public subnets to allow access from clients’ browsers. The database cluster must be in private subnets to meet the requirement that there be no access from the Internet.
A NAT Gateway is required to give the database cluster the ability to download patches from the Internet. NAT Gateways must be deployed in public subnets.

Reference: Public and Private Subnets

Top

Q9: What command should you run on a running instance if you want to view its user data (that is used at launch)?

  • A. curl http://254.169.254.169/latest/user-data
  • B. curl http://localhost/latest/meta-data/bootstrap
  • C. curl http://localhost/latest/user-data
  • D. curl http://169.254.169.254/latest/user-data

Answer: D.
Retrieve Instance User Data
To retrieve user data from within a running instance, use the following URI:
http://169.254.169.254/latest/user-data

Reference: Instance Metadata and User Data

Get user data from AWS Ec2 running instance
Get user data from AWS Ec2 running instance

Top

Q10: A company is developing a highly available web application using stateless web servers. Which
services are suitable for storing session state data? (Select TWO.)

  • A. CloudWatch
  • B. DynamoDB
  • C. Elastic Load Balancing
  • D. ElastiCache
  • E. Storage Gateway

Answer: B. and D.
Both DynamoDB and ElastiCache provide high performance storage of key-value pairs.
CloudWatch and ELB are not storage services. Storage Gateway is a storage service, but it is a hybrid
Storage service that enables on-premises applications to use cloud storage.

A stateful web service will keep track of the “state” of a client’s connection and data over several requests. So for example, the client might login, select a users account data, update their address, attach a photo, and change the status flag, then disconnect.

In a stateless web service, the server doesn’t keep any information from one request to the next. The client needs to do it’s work in a series of simple transactions, and the client has to keep track of what happens between requests. So in the above example, the client needs to do each operation separately: connect and update the address, disconnect. Connect and attach the photo, disconnect. Connect and change the status flag, disconnect.

A stateless web service is much simpler to implement, and can handle greater volume of clients.

Reference: Stateful & Stateless web service

Top

Q11: From a security perspective, what is a principal?

  • A. An identity
  • B. An anonymous user 
  • C. An authenticated user
  • D. A resource
  • E. 

Answer: B. and C.

An anonymous user falls under the definition of a principal. A principal can be an anonymous user acting on a system.  An authenticated user falls under the definition of a principal. A principal can be an authenticated user acting on a system.

Reference: Access management

Q12: What are the characteristics of a tiered application?

  • A. All three application layers are on the same instance
  • B. The presentation tier is on an isolated instance than the logic layer
  • C. None of the tiers can be cloned
  • D. The logic layer is on an isolated instance than the data layer
  • E. Additional machines can be added to help the application by implementing horizontal scaling
  • F.  Incapable of horizontal scaling

Answer: B. D. and E.

In a tiered application, the presentation layer is separate from the logic layer; the logic layer is separate from the data layer. Since parts of the application are isolated, they can scale horizontally.

Reference: Tiered Application

Q13: When using horizontal scaling, how can a server’s capacity closely match it’s rising demand?

A. By frequently purchasing additional instances and smaller resources

 

B. By purchasing more resources very far in advance

C. By purchasing more resources after demand has risen

D. It is not possible to predict demand

Answer: A

Reference: AWS Horizontal Scaling

 

Q14: What is the concept behind AWS’ Well-Architected Framework?

A. It’s a set of best practice areas, principles, and concepts that can help you implement effective AWS solutions.

B. It’s a set of best practice areas, principles, and concepts that can help you implement effective solutions tailored to your specific business.

C. It’s a set of best practice areas, principles, and concepts that can help you implement effective solutions from another web host.

D. It’s a set of best practice areas, principles, and concepts that can help you implement effective E-Commerce solutions.

Answer: A.

 
Q15: Select the true statements regarding AWS Regions.

 

A. Availability Zones are isolated locations within regions

B. Region codes identify specific regions (example: US-EAST-2)

C. All AWS Regions contain the full set of AWS services.

D. An AWS Region is assigned based on the user’s location when creating an AWS account.

Answer: (A, B, D)
Reference: AWS Regions
Q16: Which is not one of the five pillars of a well-architected framework?

 

A. Reliability

B. Performance Efficiency

C. Structural Simplicity

D. Security

E. Operational Excellence

Answer: C

 

What are the 5 pillars of a well architected framework:
1. Operational Excellence
The operational excellence pillar includes the ability to run and monitor systems to deliver business value and to continually improve supporting processes and procedures. You can find prescriptive guidance on implementation in the Operational Excellence Pillar whitepaper.

2. Security
The security pillar includes the ability to protect information, systems, and assets while delivering business value through risk assessments and mitigation strategies. You can find prescriptive guidance on implementation in the Security Pillar whitepaper.

 

 

 

3. Reliability
The reliability pillar includes the ability of a system to recover from infrastructure or service disruptions, dynamically acquire computing resources to meet demand, and mitigate disruptions such as misconfigurations or transient network issues. You can find prescriptive guidance on implementation in the Reliability Pillar whitepaper.

4. Performance Efficiency
The performance efficiency pillar includes the ability to use computing resources efficiently to meet system requirements and to maintain that efficiency as demand changes and technologies evolve. You can find prescriptive guidance on implementation in the Performance Efficiency Pillar whitepaper.

5. Cost Optimization
The cost optimization pillar includes the ability to avoid or eliminate unneeded cost or suboptimal resources. You can find prescriptive guidance on implementation in the Cost Optimization Pillar whitepaper.

The AWS Well-Architected Framework provides architectural best practices across the five pillars for designing and operating reliable, secure, efficient, and cost-effective systems in the cloud.
The framework provides a set of questions that allows you to review an existing or proposed architecture. It also provides a set of AWS best practices for each pillar.
Using the Framework in your architecture helps you produce stable and efficient systems, which allows you to focus on functional requirements.

 

 

Other AWS Facts and Summaries and Questions/Answers Dump

What means undifferentiated heavy lifting?

The reality, of course, today is that if you come up with a great idea you don’t get to go quickly to a successful product. There’s a lot of undifferentiated heavy lifting that stands between your idea and that success. The kinds of things that I’m talking about when I say undifferentiated heavy lifting are things like these: figuring out which servers to buy, how many of them to buy, what time line to buy them.

 

Eventually you end up with heterogeneous hardware and you have to match that. You have to think about backup scenarios if you lose your data center or lose connectivity to a data center. Eventually you have to move facilities. There’s negotiations to be done. It’s a very complex set of activities that really is a big driver of ultimate success.

 

But they are undifferentiated from, it’s not the heart of, your idea. We call this muck. And it gets worse because what really happens is you don’t have to do this one time. You have to drive this loop. After you get your first version of your idea out into the marketplace, you’ve done all that undifferentiated heavy lifting, you find out that you have to cycle back. Change your idea. The winners are the ones that can cycle this loop the fastest.

 

On every cycle of this loop you have this undifferentiated heavy lifting, or muck, that you have to contend with. I believe that for most companies, and it’s certainly true at Amazon, that 70% of your time, energy, and dollars go into the undifferentiated heavy lifting and only 30% of your energy, time, and dollars gets to go into the core kernel of your idea.

 

I think what people are excited about is that they’re going to get a chance they see a future where they may be able to invert those two. Where they may be able to spend 70% of their time, energy and dollars on the differentiated part of what they’re doing.

— Jeff Bezos, 2006

AWS Certified Cloud Practitioner Exam Preparation: Questions and Answers Dump

AWS Certified Cloud Practitioner Exam

Welcome to AWS Certified Cloud Practitioner Exam Preparation: Definition and Objectives, Top 100 Questions and Answers Dump, White papers, Courses, Labs and Training Materials, Exam info and details, References, Jobs, Others AWS Certificates, 

Download the mobile version here

What is the AWS Certified Cloud Practitioner Exam?

The AWS Certified Cloud Practitioner Exam is an introduction to AWS services and the intention is to examine the candidates ability to define what the AWS cloud is and its global infrastructure. It provides an overview of AWS core services security aspects, pricing and support services. The main objective is to provide an overall understanding about the Amazon Web Services Cloud platform. The course helps you get the conceptual understanding of the AWS and can help you know about the basics of AWS and cloud computing, including the services, cases and benefits.

To succeed with the real exam, do not memorize the answers below. It is very important that you understand why a question is right or wrong and the concepts behind it by carefully reading the reference documents in the answers.

Top

AWS Certified Cloud Practitioner Exam Prep Questions and Answers (Get the Free Mobile App Here for a better mobile experience)

Below we are providing you with:

  • aws cloud practitioner exam questions
  • aws cloud practitioner sample questions
  • aws cloud practitioner exam dumps
  • aws cloud practitioner practice questions and answers
  • aws cloud practitioner practice exam questions and references

For auditing purposes, your company now wants to monitor all API activity for all regions in your AWS environment. What can you use to fulfill this new requirement?

  • A. For each region, enable CloudTrail and send all logs to a bucket in each region.
  • B. Enable CloudTrail for all regions.
  • C. Ensure one CloudTrail is enabled for all regions.
  • D. Use AWS Config to enable the trail for all regions.

Answer:

C. Ensure one CloudTrail is enabled for all regions.
Turn on CloudTrail for all regions in your environment and CloudTrail will deliver log files from all regions to one S3 bucket.
AWS CloudTrail is a service that enables governance, compliance, operational auditing, and risk auditing of your AWS account. With CloudTrail, you can log, continuously monitor, and retain account activity related to actions across your AWS infrastructure. CloudTrail provides event history of your AWS account activity, including actions taken through the AWS Management Console, AWS SDKs, command line tools, and other AWS services. This event history simplifies security analysis, resource change tracking, and troubleshooting.

Reference:
AWS CloudTrail

Top

What is the best solution to provide secure access to an S3 bucket not using the internet?

  • A. Use a VPN connection.
  • B. Use an Internet Gateway.
  • C. Use a VPC Endpoint to access S3.
  • D. Use a NAT Gateway.

Answer:

C. Use a VPC Endpoint to access S3.
A VPC endpoint enables you to privately connect your VPC to supported AWS services and VPC endpoint services powered by PrivateLink without requiring an internet gateway, NAT device, VPN connection, or AWS Direct Connect connection. Instances in your VPC do not require public IP addresses to communicate with resources in the service. Traffic between your VPC and the other service does not leave the Amazon network.

AWS PrivateLink simplifies the security of data shared with cloud-based applications by eliminating the exposure of data to the public Internet.

Reference:
VPC Endpoint

Top

In the AWS Shared Responsibility Model, which of the following are the responsibility of AWS?

  • A. Securing Edge Locations
  • B. Encrypting data
  • C. Password policies
  • D. Decomissioning data

Answer:

A. and D.
It is AWS responsibility to secure Edge locations and decommission the data.
AWS responsibility “Security of the Cloud” – AWS is responsible for protecting the infrastructure that runs all of the services offered in the AWS Cloud. This infrastructure is composed of the hardware, software, networking, and facilities that run AWS Cloud services.

Reference:
AWS Shared Responsibility Model

Top

You have EC2 instances running at 90% utilization and you expect this to continue for at least a year. What type of EC2 instance would you choose to ensure your cost stay at a minimum?

  • A. Dedicated host instances
  • B. On-demand instances
  • C. Spot instances
  • D. Reserved instances

Answer:

D. Reserved instances:
Reserved instances are the best choice for instances with continuous usage and offer a reduced cost because you purchase the instance for the entire year.
Amazon EC2 Reserved Instances (RI) provide a significant discount (up to 75%) compared to On-Demand pricing and provide a capacity reservation when used in a specific Availability Zone.

Reference:
AWS Reserved instances.

Top

What tool would you use to get an estimated monthly cost for your environment?

  • A. TCO Calculator
  • B. Simply Monthly Calculator
  • C. Cost Explorer
  • D. Consolidated Billing

Answer:

B. Simply Monthly Calculator:
The AWS Simple Monthly Calculator helps customers and prospects estimate their monthly AWS bill more efficiently. Using this tool, they can add, modify and remove services from their ‘bill’ and it will recalculate their estimated monthly charges automatically.

Reference:
AWS Simply Monthly Calculator

Top

How do you make sure your organization does not exceed its monthly budget?

  • A. Sign up for the free alert under filing preferences in the AWS Management Console.
  • B. Set a schedule to regularly review the Billing an Cost Management dashboard each month.
  • C. Create an email alert in AWS Budget
  • D. In CloudWatch, create an alarm that triggers each time the limit is exceeded.

Answer:

C. Create an email alert in AWS Budget.
AWS Budgets gives you the ability to set custom budgets that alert you when your costs or usage exceed (or are forecasted to exceed) your budgeted amount.
You can also use AWS Budgets to set reservation utilization or coverage targets and receive alerts when your utilization drops below the threshold you define. Reservation alerts are supported for Amazon EC2, Amazon RDS, Amazon Redshift, Amazon ElastiCache, and Amazon Elasticsearch reservations.

Reference:
AWS Budget.

Top

An Edge Location is a specialization AWS data centre that works with which services?

  • A. Lambda
  • B. CloudWatch
  • C. CloudFront
  • D. Route 53

Answer:

A. C. D. : Lambda, CloudFront and Route 53
Lambda@Edge lets you run Lambda functions to customize the content that CloudFront delivers, executing the functions in AWS locations closer to the viewer.
Amazon CloudFront is a web service that speeds up distribution of your static and dynamic web content, such as .html, .css, .js, and image files, to your users. CloudFront delivers your content through a worldwide network of data centers called edge locations. When a user requests content that you’re serving with CloudFront, the user is routed to the edge location that provides the lowest latency (time delay), so that content is delivered with the best possible performance.

CloudFront speeds up the distribution of your content by routing each user request through the AWS backbone network to the edge location that can best serve your content. Typically, this is a CloudFront edge server that provides the fastest delivery to the viewer. Using the AWS network dramatically reduces the number of networks that your users’ requests must pass through, which improves performance. Users get lower latency—the time it takes to load the first byte of the file—and higher data transfer rates.

You also get increased reliability and availability because copies of your files (also known as objects) are now held (or cached) in multiple edge locations around the world.

Reference:
AWS Edge Locations

Top

What is the preferred method of linking 2 AWS accounts?

  • A. AWS Organizations
  • B. Cost Explorer
  • C. VPC Peering
  • D. Consolidated billing

Answer:

A. AWS Organizations
AWS Organizations is an account management service that enables you to consolidate multiple AWS accounts into an organization that you create and centrally manage. AWSOrganizations includes account management and consolidated billing capabilities that enable you to better meet the budgetary, security, and compliance needs of your business.

Reference:
AWS Organizations.

Top

Which of the following service is most useful when a Disaster Recovery method is triggered in AWS.

  • A. Amazon Route 53
  • B. Amazon SNS
  • C. Amazon SQS
  • D. Amazon Inspector

Answer:

A. Route 53 is a domain name system service by AWS. When a Disaster does occur , it can be easy to switch to secondary sites using the Route53 service.
Amazon Route 53 is a highly available and scalable cloud Domain Name System (DNS) web service. It is designed to give developers and businesses an extremely reliable and cost effective way to route end users to Internet applications by translating names like www.example.com into the numeric IP addresses like 192.0.2.1 that
computers use to connect to each other. Amazon Route 53 is fully compliant with IPv6 as well.

Reference: AWS Route 53/

Top

Which of the following disaster recovery deployment mechanisms that has the highest downtime

  • A. Pilot light
  • B. Warm standby
  • C. Multi Site
  • D. Backup and Restore

Answer:

D. The below snapshot from the AWS Documentation shows the spectrum of the Disaster recovery methods. If you go to the further end of the spectrum you have the least time for downtime for the users.

AWS Certified Cloud Practitioner Exam: AWS Disaster Recovery Techniques

AWS Disaster Recovery Techniques

Reference: AWS Route 53/

Top

Your company is planning to host resources in the AWS Cloud. They want to use services which can be used to decouple resources hosted on the cloud. Which of the following services can help fulfil this requirement?

  • A. AWS EBS Volumes
  • B. AWS EBS Snapshots
  • C. AWS Glacier
  • D. AWS SQS

Answer:

D. AWS SQS: Amazon Simple Queue Service (Amazon SQS) offers a reliable, highly-scalable hosted queue for storing messages as they travel between applications or microservices. It moves data between distributed application components and helps you decouple these components.

Reference: AWS Simple Queue Service Developer Guive

Top

If you have a set of frequently accessed files that are used on a daily basis, what S3 storage class should you store them in?

  • A. Infrequent Access
  • B. Fast Access
  • C. Reduced Redundancy
  • D. Standard

Answer:

D. Standard: The Standard storage class should be used for files that you access on a daily or very frequent basis.

Reference: AWS storage-classes/

What is the availability and durability rating of S3 Standard Storage Class?

Choose the correct answer:

  • A. 99.999999999% Durability and 99.99% Availability
  • B. 99.999999999% Availability and 99.90% Durability
  • C. 99.999999999% Durability and 99.00% Availability
  • D. 99.999999999% Availability and 99.99% Durability

Answer:

A. 99.999999999% Durability and 99.99% Availability
S3 Standard Storage class has a rating of 99.999999999% durability (referred to as 11 nines) and 99.99% availability.

Reference: AWS storage classes/

Top

What AWS database is primarily used to analyze data using standard SQL formatting with compatibility for your existing business intelligence tools

  • A. Redshift
  • B. RDS
  • C. DynamoDB
  • D. ElastiCache

Answer:

A. Redshift is a database offering that is fully-managed and used for data warehousing and analytics, including compatibility with existing business intelligence tools.

Reference: AWS redshift/

Top

What are the benefits of DynamoDB?

Choose the 3 correct answers:

  • A. Single-digit millisecond latency.
  • B. Supports multiple known NoSQL database engines like MariaDB and Oracle NoSQL.
  • C. Supports both document and key-value store data models.
  • D. Automatic scaling of throughput capacity.

Answer:

A. C. D. DynamoDB does not use/support other NoSQL database engines. You only have access to use DynamoDB’s built-in engine.

Reference: AWS DynamoDB

Top

Which of the following are the benefits of AWS Organizations?

Choose the 2 correct answers:

  • A. Analyze cost before migrating to AWS.
  • B. Centrally manage access polices across multiple AWS accounts.
  • C. Automate AWS account creation and management.
  • D. Provide technical help (by AWS) for issues in your AWS account.

Answer:

B. and C.:
CENTRALLY MANAGE POLICIES ACROSS MULTIPLE AWS ACCOUNTS
AUTOMATE AWS ACCOUNT CREATION AND MANAGEMENT
CONTROL ACCESS TO AWS SERVICES
CONSOLIDATE BILLING ACROSS MULTIPLE AWS ACCOUNTS

Reference: AWS organizations/

There is a requirement hosting a set of servers in the Cloud for a short period of 3 months. Which of the following types of instances should be chosen to be cost effective.

  • A. Spot Instances
  • B. On-Demand
  • C. No Upfront costs Reserved
  • D. Partial Upfront costs Reserved

Answer:

B. Since the requirement is just for 3 months, then the best cost effective option is to use On-Demand Instances.

Reference: AWS pricing on-demand/

Top

Which of the following is not a disaster recovery deployment technique.

  • A. Pilot light
  • B. Warm standby
  • C. Single Site
  • D. Multi-Site

Answer:

C. The following figure shows a spectrum for the four scenarios, arranged by how quickly a system can be available to users after a DR event.

AWS Disaster Recovery Techniques
AWS Disaster Recovery Techniques

Reference: https://aws.amazon.com/blogs/aws/new-whitepaper-use-aws-for-disaster-recovery/

Top

Which of the following are attributes to the costing for using the Simple Storage Service. Choose 2 answers from the options given below

  • A. The storage class used for the objects stored.
  • B. Number of S3 buckets.
  • C. The total size in gigabytes of all objects stored.
  • D. Using encryption in S3

Answer:

A. and C: Below is a snapshot of the costing calculator for AWS S3.

AWS Certified Cloud Practitioner Exam: S3 storage cost estimator
Amazon S3 is storage for the Internet. It is designed to make web-scale computing easier for developers.

Reference: http://calculator.s3.amazonaws.com/index.html ; S3 storage classes

What endpoints are possible to send messages to with Simple Notification Service?

Choose the 3 correct answers:

  • A. SQS
  • B. SMS
  • C. FTP
  • D. Lambda

Answer:

Top

What service helps you to aggregate logs from your EC2 instance? Choose one answer from the options below:

  • A. SQS
  • B. S3
  • C. Cloudtrail
  • D. Cloudwatch Logs

Answer:

D. You can use Amazon CloudWatch Logs to monitor, store, and access your log files from Amazon Elastic Compute Cloud (Amazon EC2) instances, AWS CloudTrail, and other sources. You can then retrieve the associated log data from CloudWatch Log.

Reference: AWS CloudWatch Logs

Top

A company is deploying a new two-tier web application in AWS. The company wants to store their most frequently used data so that the response time for the application is improved. Which AWS service provides the solution for the company’s requirements?

  • A. MySQL Installed on two Amazon EC2 Instances in a single Availability Zone
  • B. Amazon RDS for MySQL with Multi-AZ
  • C. Amazon ElastiCache
  • D. Amazon DynamoDB

Answer:

C. Amazon ElastiCache is a web service that makes it easy to deploy, operate, and scale an in-memory data store or cache in the cloud. The service improves the performance of web applications by allowing you to retrieve information from fast, managed, in-memory data stores, instead of relying entirely on slower disk-based databases.

Reference: AWS elasticache/

Top

You have a distributed application that periodically processes large volumes of data across multiple Amazon EC2 Instances. The application is designed to recover gracefully from Amazon EC2 instance failures. You are required to accomplish this task in the most cost-effective way. Which of the following will meet
your requirements?

  • A. Spot Instances
  • B. Reserved Instances
  • C. Dedicated Instances

On-Demand Instances

Answer:

A. When you think of cost effectiveness, you can either have to choose Spot or Reserved instances. Now when you have a regular processing job, the best is to use spot instances and since your application is designed recover gracefully from Amazon EC2 instance failures, then even if you lose the Spot instance , there is no issue because your application can recover.

Reference: AWS EC2 spot instances

Top

Which of the following features is associated with a Subnet in a VPC to protect against Incoming traffic requests?

  • A. AWS Inspector
  • B. Subnet Groups
  • C. Security Groups
  • D. NACL

Answer:

D. A network access control list (ACL) is an optional layer of security for your VPC that acts as a firewall for controlling traffic in and out of one or more subnets. You might set up network ACLs with rules similar to your security groups in order to add an additional layer of security to your VPC.

Reference: AWS VPC ACLs

Top

A company is deploying a two-tier, highly available web application to AWS. Which service provides durable storage for static content while utilizing Overall CPU resources for the web tier?

  • A. Amazon EBC volume.
  • B. Amazon S3
  • C. Amazon EC2 instance store
  • D. Amazon RDS instance

Answer:

B. Amazon S3 is the default storage service that should be considered for companies. It provides durable storage for all static content.

Reference: S3 faqs

Top

What are characteristics of Amazon S3?
Choose 2 answers from the options given below.

  • A. S3 allows you to store objects of virtually unlimited size.
  • B. S3 allows you to store unlimited amounts of data.
  • C. S3 should be used to host relational database.
  • D. Objects are directly accessible via a URL.

Answer:

B. and D.: Each object does have a limitation in S3, but you can store virtually unlimited amounts of data. Also each object gets a directly accessible URL

Reference: AWS s3 faqs

Top

When working on the costing for on-demand EC2 instances , which are the following are attributes which determine the costing of the EC2 Instance. Choose 3 answers from the options given below

  • A. Instance Type
  • B. AMI Type
  • C. Region
  • D. Edge location

Answer:

A. B. C. : See components making up the pricing below.

AWS AMI Pricing
AWS AMI Pricing

Reference: AWS ec2 pricing on-demand/

Top

You have a mission-critical application which must be globally available at all times. If this is the case, which of the below deployment mechanisms would you employ

  • A. Deployment to multiple edge locations
  • B. Deployment to multiple Availability Zones
  • D. Deployment to multiple Data Centers
  • D. Deployment to multiple Regions

Answer:

D. Regions represent different geographic locations and it is best to host your application across multiple regions for disaster recovery.

Reference: AWS regions availability zones

Top

Which of the following are right principles when designing cloud based systems. Choose 2 answers from the options below

  • A. Build Tightly-coupled components
  • B. Build loosely-coupled components
  • C. Assume everything will fail
  • D. Use as many services as possible

Answer:

B. and C. Always build components which are loosely coupled. This is so that even if one component does fail, the entire system does not fail. Also if you build with the assumption that everything will fail, then you will ensure that the right measures are taken to build a highly available and fault tolerant system.

Reference: AWS Well architected networks

Top

You have 2 accounts in your AWS account. One for the Dev and the other for QA. All are part of
consolidated billing. The master account has purchase 3 reserved instances. The Dev department is currently using 2 reserved instances. The QA team is planning on using 3 instances which of the same instance type. What is the pricing tier of the instances that can be used by the QA Team?

  • A. No Reserved and 3 on-demand
  • B. One Reserved and 2 on-demand
  • C. Two Reserved and 1 on-demand
  • D. Three Reserved and no on-demand

Answer:

B. Since all are a part of consolidating billing, the pricing of reserved instances can be shared by All. And since 2 are already used by the Dev team , another one can be used by the QA team. The rest of the instances can be on-demand instances.

Reference: AWS ec2 pricing reserved instances/

Top

Which one of the following features is normally present in all of AWS Support plans

  • A. 24/7 access to Customer Service
  • B. Access to all features in the Trusted Advisor
  • C. A technical Account Manager
  • D. A dedicated support person

Answer:

A.

AWS Support plans
AWS Support plans

Reference: AWS premium support compare plans

Top

Which of the following storage mechanisms can be used to store messages effectively which can be used across distributed systems?

  • A. Amazon Glacier
  • B. Amazon EBS Volumes
  • C. Amazon EBS Snapshots
  • D. Amazon SQS

Answer:

D. Amazon Simple Queue Service (Amazon SQS) offers a reliable, highly-scalable hosted queue for storing messages as they travel between applications or microservices. It moves data between distributed application components and helps you decouple these components.

Reference: AWS Simple Queue Service

Top

You are exploring what services AWS has off-hand. You have a large number of data sets that need to be processed. Which of the following services can help fulfil this requirement.

  • A. EMR
  • B. S3
  • C. Glacier
  • D. Storage Gateway

Answer:

A. Amazon EMR helps you analyze and process vast amounts of data by distributing the computational work across a cluster of virtual servers running in the AWS Cloud. The cluster is managed using an open-source framework called Hadoop. Amazon EMR lets you focus on crunching or analyzing your data without having to worry about time-consuming setup, management, and tuning of Hadoop clusters or the compute capacity they rely on.

Reference: AWS Emr

Top

Which of the following services allows you to analyze EC2 Instances against pre-defined security templates to check for vulnerabilities

  • A. AWS Trusted Advisor
  • B. AWS Inspector
  • C. AWS WAF
  • D. AWS Shield

Answer:

B. Amazon Inspector enables you to analyze the behaviour of your AWS resources and helps you to identify potential security issues. Using Amazon Inspector, you can define a collection of AWS resources that you want to include in an assessment target. You can then create an assessment template and launch a security
assessment run of this target.

Reference: AWS inspector introduction

Top

Your company is planning to offload some of the batch processing workloads on to AWS. These jobs can be interrupted and resumed at any time. Which of the following instance types would be the most cost effective to use for this purpose.

  • A. On-Demand
  • B. Spot
  • C. Full Upfront Reserved
  • D. Partial Upfront Reserved

Answer:

B. Spot Instances are a cost-effective choice if you can be flexible about when your applications run and if your applications can be interrupted. For example, Spot Instances are well-suited for data analysis, batch jobs, background processing, and optional tasks

Reference: AWS Spot Instances

Top

Which of the following is not a category recommendation given by the AWS Trusted Advisor?

  • A. Security
  • B. High Availability
  • C. Performance
  • D. Fault tolerance

Answer:

B.

AWS Trusted advisor

Reference: AWS Trust Advisor

Top

Which of the below cannot be used to get data onto Amazon Glacier.

  • A. AWS Glacier API
  • B. AWS Console
  • C. AWS Glacier SDK
  • D. AWS S3 Lifecycle policies

Answer:

B. Note that the AWS Console cannot be used to upload data onto Glacier. The console can only be used to create a Glacier vault which can be used to upload the data.

Reference: Uploading an archive in AWS

Top

Which of the following from AWS can be used to transfer petabytes of data from on-premise locations to the AWS Cloud.

  • A. AWS Import/Export
  • B. AWS EC2
  • C. AWS Snowball
  • D. AWS Transfer

Answer:

C. Snowball is a petabyte-scale data transport solution that uses secure appliances to transfer large amounts of data& into and out of the AWS cloud. Using Snowball addresses common challenges with large-scale data transfers including high network costs, long transfer times, and security concerns. Transferring data with Snowball is simple, fast, secure, and can be as little as one-fifth the cost of high-speed Internet.

Reference: AWS snowball

Top

Which of the following services allows you to analyze EC2 Instances against pre-defined security templates to check for vulnerabilities

  • A. AWS Trusted Advisor
  • B. AWS Inspector
  • C. AWS WAF
  • D. AWS Shield

Answer:

B. Amazon Inspector enables you to analyze the behavior of your AWS resources and helps you to identify potential security issues. Using Amazon Inspector, you can define a collection of AWS resources that you want to include in an assessment target. You can then create an assessment template and launch a security
assessment run of this target.

Reference: AWS Inspector

Top

Your company wants to move an existing Oracle database to the AWS Cloud. Which of the following services can help facilitate this move.

  • A. AWS Database Migration Service
  • B. AWS VM Migration Service
  • C. AWS Inspector
  • D. AWS Trusted Advisor

Answer:

A. AWS Database Migration Service helps you migrate databases to AWS quickly and securely. The source database remains fully operational during the migration, minimizing downtime to applications that rely on the database. The AWS Database Migration Service can migrate your data to and from most widely used commercial and open source databases.

Reference: AWS dms

Top

Which of the following features of AWS RDS allows for offloading reads of the database.

  • A. Cross region replication
  • B. Creating Read Replica’s
  • C. Using snapshots
  • D. Using Multi-AZ feature

Answer:

B. You can reduce the load on your source DB Instance by routing read queries from your applications to the read replica. Read replicas allow you to elastically scale out beyond the capacity constraints of a single DB instance for read-heavy database workloads.

Reference: AWS read replicas

Top

Which of the following does AWS perform on its behalf for EBS volumes to make it less prone to failure?

  • A. Replication of the volume across Availability Zones
  • B. Replication of the volume in the same Availability Zone
  • C. Replication of the volume across Regions
  • D. Replication of the volume across Edge locations

Answer:

B. When you create an EBS volume in an Availability Zone, it is automatically replicated within that zone to prevent data loss due to failure of any single hardware component

Reference: AWS EBS Volumes

Top

Your company is planning to host a large e-commerce application on the AWS Cloud. One of their major concerns is Internet attacks such as DDos attacks. Which of the following services can help mitigate this concern. Choose 2 answers from the options given below

  • A. A. Cloudfront
  • B. AWS Shield
  • C. C. AWS EC2
  • D. AWS Config

Answer:

A. and B. : One of the first techniques to mitigate DDoS attacks is to minimize the surface area that can be attacked thereby limiting the options for attackers and allowing you to build protections in a single place. We want to ensure that we do not expose our application or resources to ports, protocols or applications from where they do not expect any communication. Thus, minimizing the possible points of attack and letting us concentrate our mitigation efforts. In some cases, you can do this by placing your computation resources behind Content Distribution
Networks (CDNs), Load Balancers and restricting direct Internet traffic to certain parts of your infrastructure
like your database servers. In other cases, you can use firewalls or Access Control Lists (ACLs) to control what traffic reaches your applications.

Reference: ddos attack protection/

Top

Which of the following are 2 ways that AWS allows to link accounts

  • A. Consolidating billing
  • B. AWS Organizations
  • C. Cost Explorer
  • D. IAM

Answer:

A. and B. : You can use the consolidated billing feature in AWS Organizations to consolidate payment for multiple AWS accounts or multiple AISPL accounts. With consolidated billing, you can see a combined view of AWS charges incurred by all of your accounts. You also can get a cost report for each member account that is associated with your master account. Consolidated billing is offered at no additional charge.

Reference: AWS Consolidated billing

Top

Which of the following helps in DDos protection. Choose 2 answers from the options given below

  • A. Cloudfront
  • B. AWS Shield
  • C. AWS EC2
  • D. AWS Config

Answer:

A. and B. : One of the first techniques to mitigate DDoS attacks is to minimize the surface area that can be attacked thereby limiting the options for attackers and allowing you to build protections in a single place. We want to ensure that we do not expose our application or resources to ports, protocols or applications from where they do not expect any communication. Thus, minimizing the possible points of attack and letting us concentrate our mitigation efforts. In some cases, you can do this by placing your computation resources behind; Content Distribution Networks (CDNs), Load Balancers and restricting direct Internet traffic to certain parts of your infrastructure like your database servers. In other cases, you can use firewalls or Access Control Lists (ACLs) to control what traffic reaches your applications.

Reference: AWS shield – ddos attack protection/

Top

Which of the following can be used to call AWS services from programming languages

  • A. AWS SDK
  • B. AWS Console
  • C. AWS CLI
  • D. AWS IAM

Answer:

AWS SDK can be plugged in for various programming languages. Using the SDK you can then call the required AWS services.

Reference: AWS tools

A company wants to host a self-managed database in AWS. How would you ideally implement this solution?

  • A. Using the AWS DynamoDB service
  • B. Using the AWS RDS service
  • C. Hosting a database on an EC2 Instance
  • D. Using the Amazon Aurora service

Answer:

C. If you want a self-managed database, that means you want complete control over the database engine and the underlying infrastructure. In such a case you need to host the database on an EC2 Instance

Reference: AWS ec2

Top

When creating security groups, which of the following is a responsibility of the customer. Choose 2 answers from the options given below.

  • A. Giving a name and description for the security group
  • B. Defining the rules as per the customer requirements.
  • C. Ensure the rules are applied immediately
  • D. Ensure the security groups are linked to the Elastic Network interface

Answer:

A. and B. : When you define security rules for EC2 Instances, you give a name, description and write the rules for the security group

Reference: AWS using Network Security Groups

Top

There is a requirement to host a database server for a minimum period of one year. Which of the following would result in the least cost?

  • A. Spot Instances
  • B. On-Demand
  • C. No Upfront costs Reserved
  • D. Partial Upfront costs Reserved

Answer:

D. : If the database is going to be used for a minimum of one year at least , then it is better to get Reserved Instances. You can save on costs , and if you use a partial upfront options , you can get a better discount

Reference: AWS Reserved Instances

Top

which of the below can be used to import data into Amazon Glacier?
Choose 3 answers from the options given below:

  • A. AWS Glacier API
  • B. AWS Console
  • C. AWS Glacier SDK
  • D. AWS S3 Lifecycle policies

Answer:

A. C. and D. : The AWS Console cannot be used to upload data onto Glacier. The console can only be used to create a Glacier vault which can be used to upload the data.

Reference: Uploading an archive in AWS

Top

Which of the following can be used to secure EC2 Instances hosted in AWS. Choose 2 answers

  • A. Usage of Security Groups
  • B. Usage of AMI’s
  • C. Usage of Network Access Control Lists
  • D. Usage of the Internet gateway

Answer:

A and C: Security groups acts as a virtual firewall for your instance to control inbound and outbound traffic. Network access control list (ACL) is an optional layer of security for your VPC that acts as a firewall for
controlling traffic in and out of one or more subnets.

Reference: VPC Security Groups and Network Access Control List

Top

Which of the following can be used to host virtual servers on AWS

  • A. AWS IAM
  • B. AWS Server
  • C. AWS EC2
  • D. AWS Regions

Answer:

C. AWS EC2

Reference: AWS ec2

Top

You plan to deploy an application on AWS. This application needs to be PCI Compliant. Which of the below steps are needed to ensure the compliance? Choose 2 answers from the below list:

  • A. Choose AWS services which are PCI Compliant
  • B. Ensure the right steps are taken during application development for PCI Compliance
  • C. Encure the AWS Services are made PCI Compliant
  • D. Do an audit after the deployment of the application for PCI Compliance.

Answer:

A. and B.

Reference: pci dss level-1 faqs/

Top

Top

Which tool can you use to forecast your AWS spending?

  • A. AWS organizations
  • B. Amazon Dev pay
  • C. AWS Trusted Advisor
  • D. AWS Cost explorer

Answer:

D. AWS Cost Explorer lets you dive deeper into your cost and usage data to identify trends, pinpoint cost drivers, and detect anomalies.

Reference: AWS Cost Explorer Docs

The Trusted Advisor service provides insight regarding which four categories of an AWS account?

  • A. Security, fault tolerance, high availability, performance and Service Limits
  • B. Security, access control, high availability, performance and Service Limits
  • C. Performance, cost optimization, Security, fault tolerance and Service Limits
  • D. Performance, cost optimization, Access Control, Connectivity, and Service Limits

Answer:

C. Performance, cost optimization, Security, fault tolerance and Service Limits

Reference: AWS trusted advisor

Top

As per the AWS Acceptable Use Policy, penetration testing of EC2 instances

  • A. May be performed by AWS, and will be performed by AWS upon customer request
  • B. May be performed by AWS, and is periodically performed by AWS
  • C. Are expressly prohibited under all circumtances
  • D. May be performed by the customer on their own instances with prior authorization from AWS
  • E. May be performed by the customer on their own instances, only if performed from EC2 instances

Answer:

D. You need to take authorization from AWS before doing a penetration test on EC2 instances.

Reference: AWS pen testing

Top

What is the AWS feature that enables fast, easy, and secure transfers of files over long distances between your client and your Amazon S3 bucket

  • A. File Transfer
  • B. HTTP Transfer
  • C. Transfer Acceleration
  • D. S3 Acceleration

Answer:

C. Transfer Acceleration

Reference: AWS transfer acceleration examples

Top

What best describes an AWS region?

Choose the correct answer:

  • A. The physical networking connections between Availability Zones.
  • B. A specific location where an AWS data center is located.
  • C. A collection of DNS servers.
  • D. An isolated collection of AWS Availability Zones, of which there are many placed all around the world.

Answer:

D: An AWS region is an isolated geographical area that is is comprised of three or more AWS Availability Zones.

Reference:Concepts Regions And AvailabilityZones

Top

Question: Which of the following is a factor when calculating Total Cost of Ownership (TCO) for the AWS Cloud?

  • A. The number of servers migrated to AWS
  • B. The number of users migrated to AWS
  • C. The number of passwords migrated to AWS
  • D. The number of keys migrated to AWS

Answer:

A. Running servers will incur costs. The number of running servers is one factor of Server Costs; a key component of AWS’s Total Cost of Ownership (TCO). Reference: AWS cost calculator

Top

Which AWS Services can be used to store files? Choose 2 answers from the options given below:

  • A. Amazon CloudWatch
  • B. Amazon Simple Storage Service (Amazon S3)
  • C. Amazon Elastic Block Store (Amazon EBS)
  • D. AWS COnfig
  • D. AWS Amazon Athena

Answer:

B. and C. Amazon S3 is a Object storage built to store and retrieve any amount of data from anywhere. Amazon Elastic Block Store is a Persistent block storage for Amazon EC2.

Reference: AWS s3 and AWS EBS

Question: What best describes Amazon Web Services (AWS)?

Choose the correct answer:

  • A. AWS is the cloud.
  • B. AWS only provides compute and storage services.
  • C. AWS is a cloud services provider.
  • D. None of the above.

Answer:

C: AWS is defined as a cloud services provider. They provide hundreds of services of which compute and storage are included (not not limited to).
Reference: AWS

Question: Which AWS service can be used as a global content delivery network (CDN) service?

  • A. Amazon SES
  • B. Amazon CouldTrail
  • C. Amazon CloudFront
  • D. Amazon S3

Answer:

C: Amazon CloudFront is a web service that gives businesses and web application developers an easy
and cost effective way to distribute content with low latency and high data transfer speeds. Like other AWS services, Amazon CloudFront is a self-service, pay-per-use offering, requiring no long term commitments or minimum fees. With CloudFront, your files are delivered to end-users using a global network of edge locations.Reference: AWS cloudfront

Top

What best describes the concept of fault tolerance?

Choose the correct answer:

  • A. The ability for a system to withstand a certain amount of failure and still remain functional.
  • B. The ability for a system to grow in size, capacity, and/or scope.
  • C. The ability for a system to be accessible when you attempt to access it.
  • D. The ability for a system to grow and shrink based on demand.

Answer:

A: Fault tolerance describes the concept of a system (in our case a web application) to have failure in some of its components and still remain accessible (highly available). Fault tolerant web applications will have at least two web servers (in case one fails).

Reference:Designing fault tolerant applications/

Question: The firm you work for is considering migrating to AWS. They are concerned about cost and the initial investment needed. Which of the following features of AWS pricing helps lower the initial investment amount needed? Choose 2 answers from the options given below:

  • A. The ability to choose the lowest cost vendor.
  • B. The ability to pay as you go
  • C. No upfront costs
  • D. Discounts for upfront payments

Answer:

B and C: The best features of moving to the AWS Cloud is: No upfront cost and The ability to pay as you go where the customer only pays for the resources needed. Reference: AWS pricing

Top

What best describes the concept of elasticity?

Choose the correct answer:

  • A. The ability for a system to grow in size, capacity, and/or scope.
  • B. The ability for a system to grow and shrink based on demand.
  • C. The ability for a system to withstand a certain amount of failure and still remain functional.
  • D. ability for a system to be accessible when you attempt to access it.

Answer:

B: Elasticity (think of a rubber band) defines a system that can easily (and cost-effectively) grow and shrink based on required demand.

Reference:Cost optimization automating elasticity

Question: Your company has
started using AWS. Your IT Security team is concerned with the
security of hosting resources in the Cloud. Which AWS service provides security optimization recommendations that could help the IT Security team secure resources using AWS?

  • A. AWS API Gateway
  • B. Reserved Instances
  • C. AWS Trusted Advisor
  • D. AWS Spot Instances

Answer:

C: An online resource to help you reduce cost, increase performance, and improve security by optimizing your AWS environment, Trusted Advisor provides real time guidance to help you provision your resources following AWS best practices. Reference: AWS trusted advisor

What is the relationship between AWS global infrastructure and the concept of high availability?

Choose the correct answer:

  • A. AWS is centrally located in one location and is subject to widespread outages if something happens at that one location.
  • B. AWS regions and Availability Zones allow for redundant architecture to be placed in isolated parts of the world.
  • C. Each AWS region handles a different AWS services, and you must use all regions to fully use AWS.
  • D. None of the above

Answer

B: As an AWS user, you can create your applications infrastructure and duplicate it. By placing duplicate infrastructure in multiple regions, high availability is created because if one region fails you have a backup (in a another region) to use.

Reference:RDS Concepts MultiAZ

Question: You are hosting a number of EC2 Instances on AWS. You are looking to monitor CPU Utilization on the Instance. Which service would you use to collect and track performance metrics for AWS services?

  • A. Amazon CloudFront
  • B. Amazon CloudSearch
  • C. Amazon CloudWatch
  • D. AWS Managed Services

Top

Answer:

C: Amazon CloudWatch is a monitoring service for AWS cloud resources and the applications you run on AWS. You can use Amazon CloudWatch to collect and track metrics, collect and monitor log files, set alarms, and automatically react to changes in your AWS resources. Reference: AWS cloudwatch/

Question: Which of the following support plans give access to all the checks in the Trusted Advisor service. Choose 2 answers from the options given below:

  • A. Basic
  • B. Business
  • C. Enterprise

Answer:

Question: Which of the following in AWS maps to a separate geographic location?

  • A. AWS Region
  • B. AWS Data Centers
  • C. AWS Availability Zone

Answer:

A: Amazon cloud computing resources are hosted in multiple locations world-wide. These locations are composed of AWS Regions and Availability Zones. Each AWS Region is a separate geographic area. Reference: AWS Regions And Availability Zone

Top

What best describes the concept of scalability?

Choose the correct answer:

  • A. The ability for a system to grow and shrink based on demand.
  • B. The ability for a system to grow in size, capacity, and/or scope.
  • C. The ability for a system be be accessible when you attempt to access it.
  • D. The ability for a system to withstand a certain amount of failure and still remain functional.

Answer

B: Scalability refers to the concept of a system being able to easily (and cost-effectively) scale UP. For web applications, this means the ability to easily add server capacity when demand requires.

Reference:AWS autoscaling

Question: If you wanted to monitor all events in your AWS account, which of the below services would you use?

  • A. AWS CloudWatch
  • B. AWS CloudWatch logs
  • C. AWS Config
  • D. AWS CloudTrail

Answer:

D: AWS CloudTrail is a service that enables governance, compliance, operational auditing, and risk
auditing of your AWS account. With CloudTrail, you can log, continuously monitor, and retain account activity related to actions across your AWS infrastructure. CloudTrail provides event history of your AWS account activity, including actions taken through the AWS Management Console, AWS SDKs, command line tools, and other AWS services. This event history simplifies security analysis, resource change tracking, and troubleshooting. Reference: Cloudtrail

Top

What are the four primary benefits of using the cloud/AWS?

Choose the correct answer:

  • A. Fault tolerance, scalability, elasticity, and high availability.
  • B. Elasticity, scalability, easy access, limited storage.
  • C. Fault tolerance, scalability, sometimes available, unlimited storage
  • D. Unlimited storage, limited compute capacity, fault tolerance, and high availability.

Answer:

A: Fault tolerance, scalability, elasticity, and high availability are the four primary benefits of AWS/the cloud.

What best describes a simplified definition of the “cloud”?

Choose the correct answer:

  • A. All the computers in your local home network.
  • B. Your internet service provider
  • C. A computer located somewhere else that you are utilizing in some capacity.
  • D. An on-premise data center that your company owns.

Answer

D: The simplest definition of the cloud is a computer that is located somewhere else that you are utilizing in some capacity. AWS is a cloud services provider, as the provide access to computers they own (located at AWS data centers), that you use for various purposes.

Top

Question: Your development team is planning to host a development environment on the cloud. This consists of EC2 and RDS instances. This environment will probably only be required for 2 months. Which types of instances would you use for this purpose?

  • A. On-Demand
  • B. Spot
  • C. Reserved
  • D. Dedicated

Answer:

A: The best and cost effective option would be to use On-Demand Instances. The AWS documentation gives the following additional information on On-Demand EC2 Instances. With On-Demand instances you only pay for
EC2 instances you use. The use of On-Demand instances frees you from the costs and complexities of planning, purchasing, and maintaining hardware and transforms what are commonly large fixed costs into much smaller variable costs. Reference: AWS ec2 pricing on-demand

Question: Which of the following can be used to secure EC2 Instances?

  • A. Security Groups
  • B. EC2 Lists
  • C. AWS Configs
  • D. AWS CloudWatch

Answer:

A: security group< acts as a virtual firewall for your instance to control inbound and outbound traffic. When you launch an instance in a VPC, you can assign up to five security groups to the instance. Security groups act at the instance level, not the subnet level. Therefore, each instance in a subnet in your VPC could be assigned to a different set of security groups. If you don’t specify a particular group at launch time, the instance is automatically assigned to the default security group for the VPC. Reference: VPC Security Groups

Exam Topics:

The AWS Cloud Practitioner exam is broken down into 4 domains

  • Cloud Concepts
  • Security
  • Technology
  • Billing and Pricing.

What is the purpose of a DNS server?

Choose the correct answer:

  • A. To act as an internet search engine.
  • B. To protect you from hacking attacks.
  • C. To convert common language domain names to IP addresses.
  • D. To serve web application content.

Answer:

C: Domain name system servers act as a “third party” that provides the service of converting common language domain names to IP addresses (which are required for a web browser to properly make a request for web content).

Top

What best describes the concept of high availability?

Choose the correct answer:

  • A. The ability for a system to grow in size, capacity, and/or scope.
  • B. The ability for a system to withstand a certain amount of failure and still remain functional.
  • C. The ability for a system to grow and shrink based on demand.
  • D. The ability for a system to be accessible when you attempt to access it.

Answer:

D: High availability refers to the concept that something will be accessible when you try to access it. An object or web application is “highly available” when it is accessible a vast majority of the time.

Top

What is the major difference between AWS’s RDS and DynamoDB database services?

Choose the correct answer:

  • A. RDS offers NoSQL database options, and DynamoDB offers SQL database options.
  • B. RDS offers one SQL database option, and DynamoDB offers many NoSQL database options.
  • C. RDS offers SQL database options, and DynamoDB offers a NoSQL database option.
  • D. None of the above

Answer:

C. RDS is a SQL database service (that offers several database engine options), and DynamoDB is a NoSQL database option that only offers one NoSQL engine.

Reference:

What are two open source in-memory engines supported by ElastiCache?

Choose the 2 correct answers:

  • A. CacheIt
  • B. Aurora
  • C. MemcacheD
  • D. Redis

Answer:

C. and D. Redis, MemcacheD

Reference: AWS Elasticache/

Top

What AWS database service is used for data warehousing of petabytes of data?

Choose the correct answer:

  • A. RDS
  • B. Elasticache
  • C. Redshift
  • D. DynamoDB

Answer:

C. Redshift is a fully-managed data warehouse that is perfect for storing petabytes worth of data.

Reference: AWS Redshift

Which AWS service uses a combination of publishers and subscribers?

Choose the correct answer:

  • A. Lambda
  • B. RDS
  • C. EC2
  • D. SNS

Answer:

D. In SNS, there are two types of clients: publishers and subscribers. Publishers send the message, and subscribers receive the message.

Reference: AWS SNS

What SQL database engine options are available in RDS?

Choose the 3 correct answers:

  • A. MySQL
  • B. MongoDB
  • C. PostgreSQL
  • D. MariaDB

Answer:

A. C. and D. RDS offers the following SQL options: Aurora MySQL MariaDB PostgreSQL Oracle Microsoft SQLServer

Reference:

What is the name of AWS’s RDS SQL database engine?

Choose the correct answer:

  • A. Lightsail
  • B. Aurora
  • C. MySQL
  • D. SNS

Answer:

B. AWS created their own custom SQL database engine, which is called Aurora.

Reference: AWS Aurora

Under what circumstances would you choose to use the AWS service CloudTrail?

Choose the correct answer:

  • A. When you want to log what actions various IAM users are taking in your AWS account.
  • B. When you want a serverless compute platform.
  • C. When you want to collect and view resource metrics.
  • D. When you want to send SMS notifications based on events that occur in your account.

Answer:

A. When you want to log what actions various IAM users are taking in your AWS account.

Reference: AWS Cloudtrail

If you want to monitor the average CPU usage of your EC2 instances, which AWS service should you use?

Choose the correct answer:

  • A. CloudMonitor
  • B. CloudTrail
  • C. CloudWatch
  • D. None of the above

Answer:

C. CloudWatch is used to collect, view, and track metrics for resources (such as EC2 instances) in your AWS account.

Reference: AWS CloudWatch

What is AWS’s relational database service?

Choose the correct answer:

  • A. ElastiCache
  • B. DymamoDB
  • C. RDS
  • D. Redshift

Answer:

C. RDS offers SQL database options – otherwise known as relational databases.

Reference: AWS RDS

Top

If you want to have SMS or email notifications sent to various members of your department with status updates on resources in your AWS account, what service should you choose?

Choose the correct answer:

  • A. SNS
  • B. GetSMS
  • C. RDS
  • D. STS

Answer:

A. Simple Notification Service (SNS) is what publishes messages to SMS and/or email endpoints.

Reference: AWS SNS

AWS Certified Cloud Practitioner Exam Whitepapers:

AWS has provided whitepapers to help you understand the technical concepts. Below are the recommended whitepapers.

Top

Online Training and Labs for AWS Cloud Certified Practitioner Exam

Top

AWS Cloud Practitioners Jobs

Top

AWS Certified Cloud Practitioner Exam info and details, How To:

The AWS Certified Cloud Practitioner Exam is a multiple choice, multiple answer exam. Here is the Exam Overview:

Top

Additional Information for reference

Below are some useful reference links that would help you to learn about AWS Practitioner Exam.

Other Relevant and Recommended AWS Certifications

AWS Certification Exams Roadmap
AWS Certification Exams Roadmap

Top

Other AWS Facts and Summaries and Questions/Answers Dump