Design High-Performing Architectures

What is Amazon API Gateway?

A service that manages APIs, letting you send requests to backends like Lambda or other AWS services.

What happens when API Gateway requests exceed the configured throttling limit?

Requests over the limit get an HTTP 429 “Too Many Requests” response.

What are the two throttling settings in API Gateway?

Standard rate (requests per second) and burst (short spikes of extra requests).

How do API Gateway SDK clients handle HTTP 429 responses?

They automatically try the request again.

How do you enable caching in API Gateway?

By creating a cache for a specific API stage and setting its size.

What are two benefits of enabling caching in API Gateway?

Makes APIs faster and reduces traffic to your backend.

What cache settings can you configure in API Gateway?

How the cache key is built and how long data stays in the cache (TTL).

How can you invalidate cached data in API Gateway?

Use API Gateway management APIs to clear the cache for a stage.

What is a VPC endpoint?

A way to privately connect your VPC to supported AWS services without using the internet, NAT, VPN, or Direct Connect.

Why don’t instances need public IPs when using a VPC endpoint?

Because traffic to the service stays within the Amazon network and doesn’t go over the public internet.

What is the main benefit of using a VPC endpoint with S3 and DynamoDB?

You can access them privately using private IP addresses, with no exposure to the public internet.

When would you use a VPC endpoint?

When you want to connect to AWS services privately from your VPC without using the internet.

What is throttling in API Gateway?

A way to limit the number of API requests per second to prevent overload.

What are the two types of throttling limits in API Gateway?

Standard rate (requests per second) and burst (short spikes of extra requests).

What happens when requests exceed the throttling limit in API Gateway?

They get an HTTP 429 “Too Many Requests” response.

How do API Gateway SDK clients handle HTTP 429 responses?

They automatically retry the request.

Why use throttling limits in API Gateway?

To control traffic, protect backend resources, and avoid overload.

How do you provision a cache in API Gateway?

By creating a cache for a specific API stage and choosing its size in gigabytes.

What does enabling caching in API Gateway do?

It improves performance and reduces traffic to your backend.

What cache settings can you control in API Gateway?

How the cache key is built and the time-to-live (TTL) for each method.

How can you clear cached data in API Gateway?

Use the API Gateway management APIs to invalidate the cache for a stage.

What is hot, warm, and cold storage?

Hot = frequently accessed data, Warm = less frequently accessed, Cold = rarely accessed; colder storage is cheaper to store but more expensive to access.

What is Amazon FSx for Lustre used for?

A high-performance, parallel file system for fast processing of hot data workloads.

What is Amazon FSx for Windows File Server?

A fully managed Windows file system supporting SMB, NTFS, and Active Directory integration.

What is Amazon Elastic File System (EFS)?

A fully managed file storage service for easy setup and scalable file storage in AWS.

What is Amazon S3 used for in terms of data access?

Object storage for frequently, infrequently, or rarely accessed data, with multiple storage tiers including Glacier for cold data.

Which AWS service combination can be used for hot and cold storage?

Amazon FSx for Lustre for hot, high-performance data and Amazon S3 (Glacier) for cold, infrequently accessed data.

What is Lambda@Edge?

A service that lets you run Lambda functions to customize CloudFront content at locations closer to viewers without managing servers.

At which points can Lambda@Edge functions run in CloudFront?

Viewer request, Origin request, Origin response, Viewer response.

Why use Lambda@Edge for authentication?

It allows authentication to happen closer to users, reducing latency.

What is an origin failover in CloudFront?

A setup where an origin group has a primary and secondary origin, and CloudFront switches to the secondary if the primary fails.

Which HTTP errors can CloudFront origin failover help prevent?

Errors like HTTP 504 when the primary origin fails.

What is a DynamoDB stream?

An ordered flow of information about changes to items in a DynamoDB table.

What information does a DynamoDB stream record contain?

The primary key of the modified item and optionally "before" and "after" images.

How can DynamoDB Streams trigger actions automatically?

By integrating with AWS Lambda, which can execute code in response to stream events.

How does Lambda process DynamoDB stream records?

Lambda polls the stream and invokes the function synchronously when new records appear.

What role is needed for Lambda to process DynamoDB stream data?

An IAM role with permissions the Lambda function needs at runtime.

How can processed stream data notify users?

The Lambda function can publish messages to an SNS topic, which notifies subscribers via email.

What is Amazon FSx for Windows File Server?

A fully managed Windows file server with native Windows file system, accessible from Windows, Linux, and macOS.

How many compute instances and devices can access an FSx file system concurrently?

Thousands of compute instances and devices.

What is a file share in Amazon FSx?

A specific folder (including subfolders) made accessible to compute instances via the SMB protocol.

What is the first step to migrate an existing file share to FSx?

Migrate the files to Amazon FSx before migrating the file share configuration.

Why use Amazon FSx for migrating enterprise file shares?

It supports lift-and-shift of existing Windows applications with compatibility, performance, and enterprise features.

How can you invoke a Lambda function from an Aurora MySQL DB cluster?

By using a native function or a stored procedure.

Why would you invoke Lambda from Aurora MySQL?

To integrate the database with other AWS services or react to data changes automatically.

What can a Lambda function do after being triggered by Aurora MySQL?

It can send data or event notifications to services like an SQS queue for further processing.

What does the partition key in a DynamoDB table determine?

The logical partitions where the table's data is stored, which affects physical partitions.

What happens if I/O requests are unevenly distributed across partition keys?

It can create "hot" partitions, causing throttling and inefficient use of provisioned throughput.

How does partition-key design affect provisioned throughput usage?

More distinct partition key values spread requests evenly, improving throughput efficiency.

What type of partition keys should you use for optimal performance?

High-cardinality attributes with many distinct values for each item.

What is scheduled scaling in Auto Scaling?

Scaling your application in response to predictable load changes at specified times.

How do you configure scheduled scaling in an Auto Scaling group?

By creating a scheduled action with a start time and specifying new minimum, maximum, and desired group sizes.

Can scheduled scaling actions be recurring or one-time?

Both; you can create one-time or recurring scheduled actions.

Why use scheduled scaling for predictable traffic patterns?

It ensures instances are ready before peak usage, improving performance and availability.

What is AWS Resource Access Manager (RAM)?

A service that lets you securely share AWS resources with other AWS accounts or within your AWS Organization.

Which AWS resources can be shared using RAM?

Transit Gateways, Subnets, License Manager configurations, and Route 53 Resolver rules.

Why use AWS RAM in a multi-account environment?

It eliminates the need to duplicate resources in every account, reducing operational overhead.

How do you share resources using AWS RAM?

Create a Resource Share, specify the resources, and specify the accounts to share with.

What is AWS Organizations?

A service to consolidate and centrally manage multiple AWS accounts, organize them into groups, and apply policy-based controls.

Why combine AWS Organizations with RAM?

To centrally manage accounts while securely sharing resources across them without duplication.

What is AWS Glue?

A fully managed ETL service that moves and transforms data between different data stores.

What is a key advantage of AWS Glue?

Automatic schema discovery and mapping across different data sources.

Why use Apache Parquet for big data processing?

It’s a columnar format with high compression and faster query times, improving efficiency and performance.

Which data processing frameworks are compatible with Parquet?

Spark, Hive, and Hadoop.

How can AWS Glue process .csv files into Parquet and store them in S3?

Use a Glue ETL job to convert the files and store the output in an S3 bucket.

How can S3 events trigger a Glue ETL job?

Set up an S3 Event Notification for PUT events and invoke the Glue job through Amazon SQS.

Which EC2 metrics are readily available in CloudWatch?

CPU utilization, Network utilization, and Disk read.

What metrics are not available by default in CloudWatch?

Memory utilization, disk swap utilization, disk space utilization, page file utilization, and custom log collection.

How can you collect custom metrics for EC2 instances?

By using CloudWatch Monitoring Scripts or installing the CloudWatch Agent.

What is an example of a custom metric for EC2?

Memory utilization.

Why use custom metrics in CloudWatch?

To monitor system-level metrics that are not available by default, like memory or disk usage.

What is Amazon Kinesis Data Streams (KDS)?

A real-time data streaming service that can capture gigabytes of data per second from many sources.

How can AWS Lambda integrate with Kinesis Data Streams?

It can process, transform, or anonymize streaming data in real time before storage.

Why anonymize data using Lambda with Kinesis?

To protect PII and reduce the risk of data breaches or privacy violations.

Where can anonymized streaming data be stored?

In Amazon DynamoDB, a NoSQL database suitable for processed streaming data.

What is AWS Database Migration Service (DMS)?

A service that migrates relational databases, data warehouses, NoSQL databases, and other data stores to AWS or between on-premises and cloud.

What types of migrations can AWS DMS perform?

One-time migrations and ongoing replication to keep sources and targets in sync.

What tool can help migrate database schemas to a new engine?

AWS Schema Conversion Tool (AWS SCT).

What is AWS Elastic Beanstalk?

A service that automatically handles capacity, load balancing, scaling, and application health for deployed applications.

Which programming languages does Elastic Beanstalk support?

Go, Java, .NET, Node.js, PHP, Python, and Ruby.

What is the benefit of Elastic Beanstalk for .NET applications?

It simplifies deploying, managing, and scaling ASP.NET web applications running on IIS.