WGU D341 AWS Questions fully solved & updated 2026-2027
Call Kai
Learn
Practice Test
Spaced Repetition
Match
Flashcards1/100
There's no tags or description
Looks like no tags are added yet.
Name | Mastery | Learn | Test | Matching | Spaced | Call with Kai |
|---|
No analytics yet
Send a link to your students to track their progress
101 Terms
Amazon Elastic Cloud Computing (EC2)
Amazon Elastic Cloud Computing (EC2): Provides the ability to deploy and operate virtual machines running Linux and Windows in the AWS cloud.
Amazon Elastic Load Balancing (ELB):
Amazon Elastic Load Balancing (ELB): This service allows load balancing of traffic across multiple EC2 instances, ECS containers, or other IP addressable targets.
Amazon Virtual Private Cloud (VPC)
This service allows you to connect applications with private network ranges, connect those private ranges with the Internet, and assign public IP addresses.
AWS Direct Connect:
This private optical fiber connection service connects on-premise sites with AWS.
AWS Site-to-Site VPN
This component of the VPC provides the capability for establishing VPN connections with on-premises sites.
Amazon Route 53:
This is the next-generation, API-addressable DNS service from AWS.
Amazon CloudFront:
This caching and CDN service is available in the AWS cloud.
Amazon Elastic Container Service (ECS):
Amazon Elastic Container Service (ECS): Provides the ability to deploy, orchestrate, and operate containers in the AWS cloud.
Amazon Elastic Kubernetes Service (EKS):
Amazon Elastic Kubernetes Service (EKS): Provides the ability to deploy, orchestrate, and operate Kubernetes clusters in the AWS cloud.
Amazon Lambda:
Amazon Lambda: Provides the ability to process simple functions in the AWS cloud.
Amazon Elastic Block Storage (EBS):
Amazon Elastic Block Storage (EBS): This solution provides block-accessible, network-attached, persistent storage for volumes that you can connect to EC2 instances and ECS containers.
Amazon Elastic File System (EFS):
Amazon Elastic File System (EFS): This solution provides a network-attached file system that supports the NFS protocol and allows you to share files among EC2 instances, ECS containers, and other services.
Amazon Simple Storage Service (S3):
Amazon Simple Storage Service (S3): This solution is designed to store unlimited amounts of data; S3 is the ultimate object storage system. All objects in S3 are accessible via standard HTTP requests.
Amazon Glacier
Amazon Glacier: This archive storage solution can be automatically integrated with S3.
AWS Storage Gateway
AWS Storage Gateway: This hybrid storage solution exposes AWS as storage services to on-premises servers.
AWS Snow Family
AWS Snow Family: These data transfer devices allow for physically moving data from on-premises to the cloud at any scale.
Amazon Identity and Access Management (IAM)
Amazon Identity and Access Management (IAM): This service allows for control of access to AWS as well as access to an application in one place.
Amazon Key Management Service (KMS):
Amazon Key Management Service (KMS): This service enables you to define a unified way to manage encryption keys for AWS services and applications.
Amazon Cloud Hardware Security Module (CloudHSM):
Amazon Cloud Hardware Security Module (CloudHSM): This is a cloud-enabled hardware security device.
Amazon Inspector:
Amazon Inspector: This tool provides an assessment of services running in AWS with a prioritized, actionable list for remediation.
Amazon Web Application Firewall (WAF):
Amazon Web Application Firewall (WAF): This service protects web applications from attacks using exploits and security vulnerabilities.
Amazon Relational Database Service (RDS):
Amazon Relational Database Service (RDS): A fully managed instance-based relational database service for deployment and managing of Amazon Aurora, PostgreSQL, MySQL, MariaDB, Oracle, and Microsoft SQL Server databases in AWS.
Amazon ElastiCache:
Amazon ElastiCache: A fully managed instance-based caching service for deployment of Redis or Memcached in-memory data stores in AWS.
Amazon DynamoDB:
Amazon DynamoDB: A fully managed cloud native, serverless nonrelational key-value and document database service in AWS.
Amazon DocumentDB:
Amazon DocumentDB: A fully managed instance-based nonrelational document database service in AWS.
Amazon Keyspaces:
Amazon Keyspaces: A fully managed serverless Cassandra nonrelational database service in AWS.
Amazon Neptune:
Amazon Neptune: A fully managed instance-based graphing database service in AWS.
Amazon QLDB:
Amazon QLDB: A fully managed serverless ledger database service in AWS.
Amazon RedShift:
Amazon RedShift: A fully managed instance-based data warehousing service for deployment of petabyte-scale data clusters at very low cost.
AWS Glue:
AWS Glue: A serverless ETL and catalog service that provides the ability to manage data at scale and execute data transformation at a very low cost.
Amazon Athena:
Amazon Athena: A serverless interactive query service that gives you the ability to query static data on S3 via SQL.
Amazon Kinesis:
Amazon Kinesis: A fully managed set of services that offer the ability to capture, process, and store streaming data at any scale.
Amazon Elastic Map Reduce (EMR):
Amazon Elastic Map Reduce (EMR): A service that provides the ability to run open-source big data workloads in the AWS cloud.
Amazon API Gateway
Amazon API Gateway: A fully managed API management and deployment service.
Amazon Elastic Transcoder:
Amazon Elastic Transcoder: A cost-effective and scalable fully managed media transcoding service.
AWS Pinpoint:
AWS Pinpoint: A service that allows developers to easily engage users on their devices with targeted, segmented (ML) marketing using email, SMS, and mobile push.
AWS Device Farm:
AWS Device Farm: A tool for testing an application on mobile devices in the Amazon cloud at scale before deploying them to production.
AWS Cognito:
AWS Cognito: A centralized authentication service for mobile and web users that can easily be federated with external directories through OpenID Connect, OAuth 2.0, and SAML 2.0.
AWS Internet of Things (IoT) Services
AWS Internet of Things (IoT) Services: A set of services designed to provide everything required to run IoT, including the FreeRTOS operating system and components that help manage and work with IoT devices at any scale.
AWS SageMaker:
AWS SageMaker: Powerful tools that allow developers to design, build, and train machine learning models quickly
Amazon CloudWatch:
Amazon CloudWatch: The AWS cloud monitoring service, which allows for storing metrics and logs from any device running on AWS or on-premises.
Amazon CloudTrail:
Amazon CloudTrail: The API call logging service. Every call in the AWS environment is an API call; thus, CloudTrail enables you to maintain a complete record of actions against your AWS infrastructure.
AWS Config:
AWS Config: A configuration state recording service that can detect state changes, perform alerting based on rules, and provide resource inventory and relationship mapping.
AWS CloudFormation:
AWS CloudFormation: The standard way to interact with the AWS services through a specification document. CloudFormation provides the ability to implement an Infrastructure as Code (IaC) approach when deploying your applications.
AWS OpsWorks
AWS OpsWorks: A managed service for running Chef- and Puppet-compatible configuration management services in the AWS cloud.
AWS Systems Manager
AWS Systems Manager: A managed service for deployment, maintenance, and management of fleets of Linux and Windows servers in the AWS cloud as well as on-premises.
What two services does AWS provide that enable you to capture metrics and logs to perform monitoring and alerting?
Cloud Watch and Cloud Trail
CloudWatch:
CloudWatch: This metrics and log collection service can monitor, analyze, and alert.
CloudTrail:
CloudTrail: This service tracks all requests to the AWS APIs, giving you a complete audit trail of all actions to AWS accounts.
Name the types of metrics that can be collected by CloudWatch.
. Answer: CloudWatch can collect standard, detailed, and custom metrics.
. Which service would you use to analyze the cause of an issue that occurred within your application yesterday?
2. Answer: CloudWatch Logs Insights enables you to discover causes for past issues.
What interval are standard metrics usually collected at?
What interval are detailed metrics usually collected at?
Standard metrics are usually collected with an interval of five minutes, whereas the services that support detailed metrics enable you to collect the data in one-minute intervals.
Cloudwatch operates at what level?
A. Global
B. Regional
C. AZ
D. Subnet
Data in CloudWatch is stored to a regional repository, meaning all monitoring for a region is completely isolated from any other regions and inherently highly available
All data in CloudWatch is recorded with a specific __________ format.
namespace
What are dimensions?
How many dimensions does cloudwatch allow you to create?
Do built-in dimensions count toward this maximum?
Dimensions are key:value pairs assigned to metrics to allow for a more granular analysis of those metrics within a specific namespace
CloudWatch allows you to create 10 dimensions for each metric. However, some services have built-in dimensions, and they also count against the limit of 10.
What is the default retention period for CloudWatch metrics?
What is the retention period for CloudWatch Logs?
While the default metrics retention period is 15 months, the retention of logs in CloudWatch is indefinite.
Name one service that allows you to trigger alerts when a certain condition is present?
CloudWatch service enables you to trigger alerts when a certain condition is present for a certain number of CloudWatch checks
CloudWatch Logs Insights
CloudWatch Logs Insights provides a simple-to-use interface where you can run SQL-like queries to search and filter through the log content, run simple transformations, and visualize the data
1. You have been put in charge of designing a monitoring platform for an application for a large enterprise. The monitoring system needs to be highly available and should allow for collecting metrics from your custom application running on EC2 with an interval of one second. Which of the following solutions would be the easiest to implement the required monitoring environment?
A. Unfortunately, this is not possible in AWS due to the high availability and metric collection frequency.
B. Use a custom monitoring solution on two or more EC2 instances in two availability zones to make the monitoring system highly available. Configure the custom agent to send the specific application metrics with a one-second interval.
C. Use CloudWatch. Install CloudWatch agents on the EC2 instance that hosts the application. Configure the agents to send the specific application metrics with the default interval.
D. Use CloudWatch. Install CloudWatch agents on the EC2 instance that hosts the application. Configure the agents to send the specific application metrics with a one-second interval.
1. Answer: D is correct. CloudWatch is inherently highly available due to its regional scope. The CloudWatch agent needs to be configured to send custom metrics in a one-second interval to comply with the application requirements.
2. Which of the following services would you recommend to use for security incident alerting?
A. Store the logs to CloudWatch Logs. Use an alert pattern in CloudWatch Alarms and send the alerts via SNS.
B. Store the logs to CloudWatch Logs. Use an alert pattern in CloudWatch Logs Insights to trigger security incident alerts.
C. Store the logs to CloudWatch Logs Insights. Use an alert pattern in CloudWatch Logs Insights to trigger security incident alerts.
D. Store the logs to CloudWatch Logs Insights. Use an alert pattern in CloudWatch Alarms and send the alerts via SNS.
2. Answer: A is correct. CloudWatch Logs stores logs. CloudWatch Alarms can be configured to trigger on a pattern-matching condition (for example, a certain number of failed login attempts in a certain amount of time). CloudWatch Logs Insights can be used later to determine the cause of the issue; however, it cannot be used in the real-time alerting chain.
1. What information is captured in a CloudTrail log?
2. What is the default retention of the default CloudTrail trail?
1. Answer: CloudTrail logs record information about who requested the action, where the request originated from, when it was requested, what was requested, and the full response.
2. Answer: The default CloudTrail trail tracks events for the past 90 days.
What service interoperates with CloudTrail to trigger alarms for events?
You can also configure CloudWatch Alarms for CloudTrail events and thus forward information on any critical CloudWatch events to a notification email, text message, or another service that will perform remediation.
How does CloudTrail enforce security?
CloudTrail also enforces automatic encryption at rest and in transit by default and is configurable with a custom KMS key for even more control over key management
Due to a recent security incident where several EC2 instances were terminated by a rogue employee, your CISO has tasked you with ensuring all destructive requests against the EC2 service are logged and maintained for a long period of time. You also need to ensure the logs are stored securely in a centralized S3 bucket. Your CISO is also worried about tampering with the logs and would like to prevent that. You have chosen to use CloudTrail as the service to provide this feature. How would you configure CloudTrail to comply with the requirements?
A. Configure a new CloudTrail trail. Select EC2 as the service and WRITE as API for the activity. Point the trail to the default S3 location. CloudTrail ensures all EC2 actions use integrity validation on the default S3 bucket.
B. Configure a new CloudTrail trail. Select EC2 as the service and WRITE as API for the activity. Point the trail to the default S3 location. Enable integrity validation on the trail.
C. Configure a new CloudTrail trail. Select EC2 as the service and WRITE as API for the activity. Point the trail to the designated central S3 location. Enable integrity validation on the trail.
D. Set the default CloudTrail. CloudTrail ensures all default actions use integrity validation by default.
C. Configure a new CloudTrail trail. Select EC2 as the service and WRITE as API for the activity. Point the trail to the designated central S3 location. Enable integrity validation on the trail.
2. Which service would you use to notify a security response team of a critical CloudTrail event?
A. CloudWatch Logs Insights
B. CloudWatch Alarms
C. CloudTrail Notifications
D. CloudTrail Alarms
2. Answer: B is correct. CloudTrail can be integrated with CloudWatch Alarms that can be triggered when an event or a specific pattern of events is captured by CloudTrail.
What is the difference between EventBridge and CloudWatch Event?
Eventbridge is the successor of CloudWatch events. It can integrate with more than just AWS services and applications, extending event recognition to 3rd party SaaS Applications and service providers.
1. You have issued a request to download an object on an S3 bucket. Your request receives a 403 HTTP response. What could be the cause of the bad response?
2. True or False: You need to enable the EC2 instance health monitoring first before you can create a CloudWatch Alarm based on the state of the instance check.
1. Answer: There is an issue in the user, group, role, or bucket policy. All polices in AWS combine with equal weight, and a denial to a resource in one policy has a global effect on the request.
2. Answer: False. EC2 instances have the automatic health check configured; health monitoring can be used directly in CloudWatch Alarms to trigger an alert based on the health check.
What AWS service can be used to monitor EC2 instance health checks?
EC2 instance health check failure: All instances have an automatic health check configured. This can be monitored with CloudWatch, and you can create an alarm that informs you of any issues of this type.
What is the simplest practice for metric and log collection when running your application on EC2 instances or on-premise servers?
The simplest practice for metric and log collection when running your application on EC2 instances or on-premise servers would be using the CloudWatch agent. The agent can collect data from any source within the operating system and forward that data to CloudWatch as metric or log data. An even better approach is coding API calls to the CloudWatch API within the application code so that the application is able to self-report metrics regardless of the environment where it runs.
400 error code
400 - bad request: Any 400 error includes a message like InvalidAction, MessageRejected, or RequestExpired. Specific responses by some services also indicate throttling. In case of throttling, you should retry the requests with exponential back-off.
403
403 - access denied: All IAM polices apply with equal weight, and a deny in one policy denies an action across all policies. Check all the policies attached to the user, group, or role. Check any inline policies and resource policies attached to buckets, queues, and so on.
404
404 - page not found: This error indicates the object, instance, or resource specified in the query does not exist.
500
500 - internal failure: This error indicates an internal error on an operational service on the AWS side. You can immediately retry the request and will probably succeed on the second try. If not, retry with exponential back-off.
503
503 - service unavailable: These errors are rare because they indicate a major failure in an AWS service. You can retry your request using exponential back-off. This way you ensure the request will succeed at some point after the issue is resolved.
1. You are the administrator of a hybrid-cloud application that uses S3 as the central store for all the data being shared across the platforms. The Internet users are always directed to the AWS portion of the application, whereas the on-premises users are always directed to the local application running on the on-premises servers. Recently, the security team has pointed out that user credentials are hard-coded in the application, and an update was made to the application to use roles instead of the user access key and secret key coded into the application. Your team has already updated and tested the role that will be used within your application and found no issues. The last step is to update the S3 bucket policy to reflect the change. After you update the bucket policy, the on-premises users report receiving a 403 response when trying to retrieve documents from within the application. Interestingly, the Internet users don't seem to have any issues accessing those same documents. What would be the most likely cause for this issue based on the problem description?
A. The S3 bucket policy is incorrectly written.
B. The application on the on-premises servers needs to be updated.
C. The role needs to be assumed on the on-premises servers.
D. The role is not attached to the EC2 instances.
1. Answer: C is correct. The issue is a 403 - permission denied. Because the web users are able to access the document and the issue is isolated to the on-premises servers, the on-premises servers are not correctly authenticated. The policy now allows the role to access the bucket instead of the user and is correctly configured. The role must have been attached to the EC2 instances because they allow web users to access the document. The most likely issue is that the role has not been assumed on the on-premises servers.
2. You have been asked to collect the 400-type and 500-type errors from a third-party application running on your Linux on-premises servers. Your company would like you to deliver the errors to AWS and tie them into a CloudWatch Alarm. What would be the simplest way to achieve this?
A. Install the AWS CLI and copy the logs to an S3 bucket with the aws s3 cp command. Create an S3 trigger to a Lambda function that forwards the logs to CloudWatch for analysis and configure a CloudWatch Alarm to trigger on the specific log pattern.
B. Install the S3 CLI and copy the logs to an S3 bucket with the s3 cp command. Create an S3 trigger to a Lambda function that forwards the logs to CloudWatch for analysis and configure a CloudWatch Alarm to trigger on the specific log pattern.
C. Install the CloudWatch agent and point the logs to an S3 bucket. Create an S3 trigger to a Lambda function that forwards the logs to CloudWatch for analysis and create a CloudWatch Alarm to trigger on the specific log pattern.
D. Install the CloudWatch agent and point it to the application logs. Create a CloudWatch Alarm to trigger on the specific log pattern.
2. Answer: D is correct. Installing the CloudWatch agent is the simplest way to deliver the logs to CloudWatch. The metrics or logs collected can then be used directly on CloudWatch Alarms. It would also be possible to create the solution as described in A, but that approach is unnecessarily complicated.
1. In what way do CloudWatch Events and EventBridge differ from each other?
2. True or false: In AWS you can build both serverless and traditional, instance-based applications that can respond to infrastructure, application, and third-party events.
1. Answer: EventBridge offers integration of AWS events as well as any application and third-party provider events on the event bus. CloudWatch Alarms only supports AWS events by default; however, custom event patterns can be established.
2. Answer: True. With EventBridge and Systems Manager Automation, you can build traditional, instance-based applications and create automation scenarios that are able to respond to real-time events from the EventBridge.
Systems Manager
Systems Manager is a set of AWS tools that offers comprehensive configuration management of fleets of servers.
Systems Manager Automation does what 4 things?
Automating provisioning and configuration of instances
Enhancing the security of your environment by implementing automated responses to security-related events
Enhancing the security of your environment by implementing automated responses to security-related events
Reacting to changes in your environment through integration with Amazon EventBridge support
1. You need to be able to detect a change in the number of EC2 instances running in your application and send the information about the change to your Zendesk ticketing platform. Which service would allow you to achieve this functionality? (Choose all that apply.)
A. EventBridge
B. CloudWatch Events
C. EC2 AutoScaling
D. Systems Manager Automation
1. Answer: A is correct. A third-party SaaS provider like Zendesk provides the ability to integrate AWS events with their applications through EventBridge.
1. Your organization requires you to capture a comprehensive auditable log of the state of your AWS account over time. What would be the simplest way to capture the state for auditing purposes?
2. What would be the easiest way to perform remediation of an issue found in AWS Config?
1. Answer: Enable AWS Config Configuration Recorder to start collecting configuration snapshots on your account. AWS Config snapshots allow you to maintain an auditable record of the state of your infrastructure in AWS.
2. Answer: You can enable automatic remediation directly in AWS Config if the remediation is supported as an action for the config rule. In case there is no remediation supported, you can create a notification to another service that will perform remediation or notify an administrator for human intervention.
What AWS Service allows you to create a snapshot of your environment so you can easily assess, audit, and evaluate the state of all the AWS resources within your account or organization?
AWS Config, you can create a configuration snapshot of your environment so you can easily assess, audit, and evaluate the state of all the AWS resources within your account or organization. Over time, configuration snapshots can be compared against a desired state, thus allowing you to maintain an auditable record of compliance for your application infrastructure in AWS.
1. Your company was recently a target of a malicious actor due to a misconfiguration of an S3 bucket ACL, making it publicly accessible. The CISO has instructed you that all S3 buckets need to be private. How would you discover public S3 buckets in your account and automatically remediate this issue?
A. Use AWS Config with the built-in s3-bucket-public-read-prohibited rule and enable automatic remediation.
B. Use AWS Config with the built-in s3-bucket-public-read-prohibited rule and use an AWS Lambda for remediation.
C. Use AWS Config with the built-in s3-bucket-public-read-prohibited rule and use an AWS Systems Manager for remediation.
D. Use AWS Config with the built-in s3-bucket-public-read-prohibited rule and remediate the buckets manually.
1. Answer: A is correct. AWS Config with the built-in s3-bucket-public-read-prohibited rule allows for automatic remediation of S3 buckets that have a publicly accessible ACL or policy attached.
2. You have been asked to perform an inventory of EC2 instances in your AWS account. What would be the simplest way to determine the number and types of instances and which Amazon Machine Image (AMI) is being used across all regions?
A. Use AWS Systems Manager Automation to create a snapshot of the environment.
B. Use AWS Config to create a snapshot of the environment.
C. Use the AWS CLI and issue a list-instances command. Repeat for all regions.
D. Use the AWS SDK to write code to perform the list-instances API call. Create a Lambda function and invoke it. Repeat for all regions.
2. Answer: B is correct. An AWS Config snapshot is the simplest way to capture the number, type, and AMI being used by your EC2 instances across all regions.
What are the 5 services that AutoScaling can scale?
The AutoScaling service can scale the following AWS services:
EC2: Add or remove instances from an EC2 AutoScaling group.
EC2 Spot Fleets: Add or remove instances from a Spot Fleet request.
ECS: Increase or decrease the number of containers in an ECS service.
DynamoDB: Increase or decrease the provisioned read and write capacity.
RDS Aurora: Add or remove Aurora read replicas from an Aurora DB cluster.
What are the 3 things you need to create an AutoScaling configuration on EC2?
To create an autoscaling configuration on EC2, you need the following:
EC2 Launch template: Specifies the instance type, AMI, key pair, block device mapping, and other features the instance should be created with.
Scaling policy: Defines a trigger that specifies a metric ceiling (for scaling out) and floor (for scaling in). Any breach of the floor or ceiling for a certain period of time triggers autoscaling.
EC2 AutoScaling group: Defines scaling limits and the minimum, maximum, and desired numbers of instances. You need to provide a launch configuration and a scaling policy to apply during a scaling event.
What is predictive scaling?
Another AutoScaling feature is predictive scaling, which uses machine learning to learn the scaling pattern of your application based on the minimum amount of historical data. The machine learning component then predicts the scaling after reviewing CW data from the previous 14 days to account for daily and weekly spikes as it learns the patterns on a longer time scale.
1. Which of the following are not characteristics of a scalable/elastic application?
A. Synchronous request handling in the compute layer
B. Session persistence in an external database
C. Session persistence in the compute layer
D. Asynchronous request offloading to a message queue
1. Answer: C is correct. The compute layer should be made stateless. Any persistence in the compute layer hinders scalability and elasticity and potentially causes disruption in the application operation. If an instance in a cluster is lost, all the sessions on the instances are lost with it, meaning all the users connected to that particular instance have to log in and start working with the application from scratch.
2. Which of the following are required to enable the application to scale automatically with AWS AutoScaling? (Choose three.)
A. EC2 Launch Configuration
B. Scaling Policy
C. EC2 User Data
D. DynamoDB
E. CloudWatch Alarm
F. AutoScaling Group
2. Answer: A, B, and F are correct. To create an autoscaling configuration on EC2, you need an EC2 Launch Configuration that defines how to configure the EC2 instances that are launched; a scaling policy that determines the scaling thresholds; and an autoscaling group that determines the minimum, maximum, and desired numbers of instances.
3. True or False: After you assess that your application is fully scalable and elastic, you only need to maintain the application as is in the cloud.
3. Answer: False. The application should periodically be reassessed for scalability and elasticity because both the application requirements and the SLA might have changed.
4. True or False: AutoScaling supports only dynamic, scheduled, and predictive scaling.
4. Answer: False. Autoscaling also supports manual scaling by setting the desired number of instances in the autoscaling group.
1. You have implemented autoscaling on both the web and app tier of your three-tier application, but in times of high read requests, the application seems to be performing slowly or even times out. What could you do to make the application more responsive?
2. You have been tasked with deploying a reliable caching solution that can handle multiple different data types and deliver microsecond to millisecond response performance. Which AWS service would you recommend?
3. True or False: To deliver static content to the user in the fastest possible manner, use a web server with lots of memory and utilize server-side caching.
1. Answer: Implement the read cache to offload the database that seems to be bottlenecking the read requests.
2. Answer: ElastiCache Redis would support all the required features.
3. Answer: False. Static content should be delivered via a content delivery network (CDN). In AWS, you can use CloudFront to deliver static content through more than 200 geographically distributed locations across the globe.
What are the 4 different types of caching?
Client-side caching
Server-side caching
Edge caching
Database caching
Client-Side Caching
When a client requests the contents of the application from a server, you should ensure that components that are static or change infrequently are reused with client-side caching. Modern browsers have this capability built in, and you can use it by specifying cache control headers within your web server or the service that delivers the content, such as S3.
Edge Caching
When content is delivered frequently to multiple users, you can employ edge caching or what is more commonly referred to as a content delivery network. In AWS, you can use the Amazon CloudFront service to deliver frequently used content in a highly efficient manner to millions of users around the globe while at the same time offloading multiple same requests off the application or back end.
Server-Side Caching
When a feature, a module, or certain content stored within the web service is requested frequently, you typically use server-side caching to reduce the need for the server to look for the feature on disk. The first time the feature is requested and the response assembled, the server caches the response in memory so it can be delivered with much lower latency than if it were read from disk and reassembled each time. There is a limitation to the amount of memory the server has, and of course, server-side caching is traditionally limited to each instance. However, in AWS, you can use the ElastiCache service to provide a shared, network-attached, in-memory datastore that can fulfill the needs of caching any kind of content you would usually cache in memory.
What are the two types of Database Caching:
In-line caching: This approach utilizes a service that manages the reads and writes to and from the database.
Side-loaded caching: This approach is performed by an application that is aware of the cache and database as two distinct entities. All reads and writes to and from the cache and the database are managed within the application because both the cache and database are two distinct entities.
What is an example of in-line caching?
What does it do?
An example of an in-line caching solution is the DynamoDB Accelerator (DAX) service. With DAX, you can simply address all reads and writes to the DAX cluster, which is connected to the DynamoDB table in the back end. DAX automatically forwards any writes to DynamoDB, and all reads deliver the data straight from the cache in case of a cache hit or forward the read request to the DynamoDB back end transparently. Any responses and items received from DynamoDB are thus cached in the response or item cache.
What is an example of sideloaded caching?
What does it do?
An example of a sideloaded caching solution is ElastiCache. First, you set up the caching cluster with ElastiCache and a database. The database can be DynamoDB, RDS, or any other database because ElastiCache is not a purpose-built solution like DAX. Second, you have to configure the application to look for any content in the cache first. If the cache contains the content, you get a cache hit, and the content is returned to the application with very low latency.
ElastiCache
ElastiCache is a managed service that can deploy clusters of in-memory data stores. They can be used to perform server-side and database caching.