44. Dynamo DB
Amazons no sql DB solution which is opposite of RDS. Dynamo DB is a fast and flexible no sql DB service for all applications that need consistent, single digit millisecond latency at any scale. It is a fully managed DB and supports both document and key-value data models. Its flexible data model and reliable performance make it a great fit for mobile, web-gaming ad-tech, IOT and many other applications.
The basics of dynamo are as follows:
i. Its stored on SSD storage. So thats why it is so fast.
ii. Its spread across 3 geographically distinct data centers.
iii. Eventual consistency reads (default)
iv. Strongly consistency reads
Eventual Consistency Reads Strongly Consistency Reads
Consistency across all copies of data is usually reached within a sec. Repeating a read after a short time should return the updated data (best read performance) A Strongly Consistency Reads returns a result that reflects all writes that received a successful response prior to the read.
As long as application is happy that it doesnt need to read the data thats been written within one second, then we want eventual consistency reads If you got an application that needs to as soon as an update has been done to dynamo DB table and that application needs to read that update in one sec or less then we are going to use strongly consistency reads.
Question 1:
What encryption support is available for tenants that are deploying AWS
DynamoDB?
A. server-side encryption
B. client-side encryption
C. client-side and server-side encryption
D. encryption not supported
E. block level encryption
Answer (B)
Question 2:
What are two primary advantages of DynamoDB?
A. SQL support
B. managed service
C. performance
D. CloudFront integration
Answer (B,C)
Question 3:
What consistency model is the default used by DynamoDB?
A. strongly consistent
B. eventually consistent
C. no default model
D. casual consistency
E. sequential consistency
Answer (B)
Question 4:
What are three primary characteristics of DynamoDB?
A. less scalable than RDS
B. static content
C. store metadata for S3 objects
D. replication to three Availability Zones
E. high read/write throughput
Answer (C,D,E)
Question 5:
What are three advantages of using DynamoDB over S3 for
storing IoT sensor data where there are 100,000 datapoint samples sent per
minute?
A. S3 must create a single file for each event
B. IoT can write data directly to DynamoDB
C. DynamoDB provides fast read/writes to a structured table for queries
D. DynamoDB is designed for frequent access and fast lookup of small
records
E. S3 is designed for frequent access and fast lookup of smaller records
F. IoT can write data directly to S3
Answer (B,C,D)
Question 6:
What happens when read or write requests exceed capacity units (throughput
capacity) for a DynamoDB table or index? (Select two)
A. DynamoDB automatically increases read/write units
B. DynamoDB can throttle requests so that requests are not exceeded
C. HTTP 400 code is returned (Bad Request)
D. HTTP 500 code is returned (Server Error)
E. DynamoDB automatically increases read/write units if provisioned
throughput is enabled
Answer (B,C)
Question 7:
What read consistency method provides lower latency for GetItem requests?
A. strongly persistent
B. eventually consistent
C. strongly consistent
D. write consistent
Answer (B)
Question 8:
You must specify strongly consistent read and write capacity for your
DynamoDB database. You have determined read capacity of 128 Kbps and write
capacity of 25 Kbps is required for your application. What is the read and write
capacity units required for DynamoDB table?
A. 32 read units, 25 write units
B. 1 read unit, 1 write unit
C. 16 read units, 2.5 write units
D. 64 read units, 10 write units
Answer (A)
Question 9:
What DynamoDB capacity management technique is based on the tenant
specifying an upper and lower range for read/write capacity units?
A. demand
B. provisioned throughput
C. reserved capacity
D. auto scaling
E. general purpose
Answer (D)
Question 10:
What is the maximum size of a DynamoDB record (item)?
A. 400 KB
B. 64 KB
C. 1 KB
D. 10 KB
Answer (A)
Question 11:
Your company needs to use a fully managed NoSQL database on the AWS cloud. The database is required to be configured for backup and have high availability.
Which database meets this requirement?
Options:
A. Amazon Aurora
B. RDS
C. Dynamo DB
D. Redshift
Answer: C
Explanation
Amazon DynamoDB is a fully managed NoSQL database service that provides seamless, scalable, fast and predictable performance. Therefore, option 3 is the correct answer to meet the requirements.
Option 1 is incorrect. Amazon RDS is a managed relational database and is so incorrect.
Option 2 is incorrect. Amazon Aurora is a relational database built for the cloud that is compatible with MySQL and PostgreSQL and is incorrect.
Option 4 is incorrect. Amazon Redshift is a fast, simple and cost-effective data warehouse service that doesn’t meet your requirements.
Question 12:
Your company is developing a new mobile application on AWS. Currently, as a Solutions Architect, you are considering how to save your user settings. The size of the individual custom data will be approximately 10KB. It is estimated that tens of thousands of customers will use this mobile application during the release phase. High-speed processing using this user setting data is required. The datastore that stores user settings should be cost-effective, highly available, scalable, and secure.
Choose the best database to meet this requirement.
Options:
A. Accumulate user settings using RDS
B. Accumulate user settings using S3
C. Accumulate user setting using Redshift cluster
D. Accumulate user settings using DynamoDB
Answer: D
Explanation
In this scenario, the size of the individual custom data will be approximately 10KB. It is best to use a NoSQL database to store and process such small data. On AWS, DynamoDB is an ideal database service for storing session data, user settings, metadata, and more. DynamoDB is a highly scalable managed service that can meet this requirement. It is estimated that tens of thousands of customers will use this mobile application during the release phase. Since high-speed processing using this user setting data may be required, NoSQL type high-speed processing in DynamoDB is optimal. Therefore, option 4 is the correct answer.
Option 1 is incorrect. Although it is possible to store user-configured data in RDS, DynamoDB is the best choice for high-speed processing of data volumes and mobile applications.
Option 2 is incorrect. S3 is not suitable for high-speed processing of data volumes and mobile applications. S3 is used for data storage such as objects, not data processing.
Option 3 is incorrect. Redshift is a relational database type data warehouse used for data analysis. NoSQL type DynamoDB is more suitable for retaining user settings and fast processing.
Question 13:
An Amazon VPC contains several Amazon EC2 instances. The instances need to make API calls to Amazon DynamoDB. A solutions architect needs to ensure that the API calls do not traverse the internet.
How can this be accomplished? (Select TWO.)
Options:
A. Create a new DynamoDB table that uses the endpoint
B. Create a VPC peering connection between the VPC and DynamoDB
C. Create an ENI for the endpoint in each of the subnets of the VPC
D. Create a gateway endpoint for DynamoDB
E. Create a route table entry for the endpoint
Answer: D & E
Explanation
Amazon DynamoDB and Amazon S3 support gateway endpoints, not interface endpoints. With a gateway endpoint you create the endpoint in the VPC, attach a policy allowing access to the service, and then specify the route table to create a route table entry in.
CORRECT: “Create a route table entry for the endpoint” is a correct answer.
CORRECT: “Create a gateway endpoint for DynamoDB” is also a correct answer.
INCORRECT: “Create a new DynamoDB table that uses the endpoint” is incorrect as it is not necessary to create a new DynamoDB table.
INCORRECT: “Create an ENI for the endpoint in each of the subnets of the VPC” is incorrect as an ENI is used by an interface endpoint, not a gateway endpoint.
INCORRECT: “Create a VPC peering connection between the VPC and DynamoDB” is incorrect as you cannot create a VPC peering connection between a VPC and a public AWS service as public services are outside of VPCs.
Question 14:
A social photo-sharing web application is hosted on EC2 instances behind an Elastic Load Balancer. The app gives the users the ability to upload their photos and also shows a leaderboard on the homepage of the app. The uploaded photos are stored in S3 and the leaderboard data is maintained in DynamoDB. The EC2 instances need to access both S3 and DynamoDB for these features.
As a solutions architect, which of the following solutions would you recommend as the MOST secure option?
• Save the AWS credentials (access key Id and secret access token) in a configuration file within the application code on the EC2 instances. EC2 instances can use these credentials to access S3 and DynamoDB
• Attach the appropriate IAM role to the EC2 instance profile so that the instance can access S3 and DynamoDB (Correct)
• Configure AWS CLI on the EC2 instances using a valid IAM user’s credentials. The application code can then invoke shell scripts to access S3 and DynamoDB via AWS CLI
• Encrypt the AWS credentials via a custom encryption library and save it in a secret directory on the EC2 instances. The application code can then safely decrypt the AWS credentials to make the API calls to S3 and DynamoDB
Explanation
Correct option:
Attach the appropriate IAM role to the EC2 instance profile so that the instance can access S3 and DynamoDB
Applications that run on an EC2 instance must include AWS credentials in their AWS API requests. You could have your developers store AWS credentials directly within the EC2 instance and allow applications in that instance to use those credentials. But developers would then have to manage the credentials and ensure that they securely pass the credentials to each instance and update each EC2 instance when it’s time to rotate the credentials.
Instead, you should use an IAM role to manage temporary credentials for applications that run on an EC2 instance. When you use a role, you don’t have to distribute long-term credentials (such as a username and password or access keys) to an EC2 instance. The role supplies temporary permissions that applications can use when they make calls to other AWS resources. When you launch an EC2 instance, you specify an IAM role to associate with the instance. Applications that run on the instance can then use the role-supplied temporary credentials to sign API requests. Therefore, this option is correct.
Incorrect options:
Save the AWS credentials (access key Id and secret access token) in a configuration file within the application code on the EC2 instances. EC2 instances can use these credentials to access S3 and DynamoDB
Configure AWS CLI on the EC2 instances using a valid IAM user’s credentials. The application code can then invoke shell scripts to access S3 and DynamoDB via AWS CLI
Encrypt the AWS credentials via a custom encryption library and save it in a secret directory on the EC2 instances. The application code can then safely decrypt the AWS credentials to make the API calls to S3 and DynamoDB
Keeping the AWS credentials (encrypted or plain text) on the EC2 instance is a bad security practice, therefore these three options using the AWS credentials are incorrect.
Question 15:
A media streaming company is looking to migrate its on-premises infrastructure into the AWS Cloud. The engineering team is looking for a fully managed NoSQL persistent data store with in-memory caching to maintain low latency that is critical for real-time scenarios such as video streaming and interactive content. The team expects the number of concurrent users to touch up to a million so the database should be able to scale elastically.
As a solutions architect, which of the following AWS services would you recommend for this use-case?
• DynamoDB(Correct)
• RDS
• ElastiCache
• DocumentDB
Explanation
Correct option:
DynamoDB
Amazon DynamoDB is a key-value and document database that delivers single-digit millisecond performance at any scale. It’s a fully managed, multi-region, multi-master, durable database with built-in security, backup and restore, and in-memory caching for internet-scale applications. DAX is a DynamoDB-compatible caching service that enables you to benefit from fast in-memory performance for demanding applications. Companies use caching through DynamoDB Accelerator (DAX) when they have high read volumes or need submillisecond read latency.
Incorrect options:
DocumentDB – Amazon DocumentDB is a fast, scalable, highly available, and fully managed document database service that supports MongoDB workloads. As a document database, Amazon DocumentDB makes it easy to store, query, and index JSON data. Although DocumentDB is fully managed, it does not have an in-memory caching layer.
ElastiCache – Amazon ElastiCache allows you to set up popular open-Source compatible in-memory data stores in the cloud. You can build data-intensive apps or boost the performance of your existing databases by retrieving data from high throughput and low latency in-memory data stores such as Redis and Memcached. Elasticache is used as a caching layer. It’s not a fully managed NoSQL database.
RDS – RDS makes it easy to set up, operate, and scale a relational database in the cloud. It provides cost-efficient and resizable capacity while automating time-consuming administration tasks such as hardware provisioning, database setup, patching, and backups. It’s not a NoSQL database.
Question 16:
A small business has been running its IT systems on the on-premises infrastructure but the business now plans to migrate to AWS Cloud for operational efficiencies.
As a Solutions Architect, can you suggest a cost-effective serverless solution for its flagship application that has both static and dynamic content?
• Host the static content on Amazon S3 and use Lambda with DynamoDB for the serverless web application that handles dynamic content. Amazon CloudFront will sit in front of Lambda for distribution across diverse regions (Correct)
• Host the static content on Amazon S3 and use Amazon EC2 with RDS for generating the dynamic content. Amazon CloudFront can be configured in front of EC2 instance, to make global distribution easy
• Host both the static and dynamic content of the web application on Amazon EC2 with RDS as database. Amazon CloudFront should be configured to distribute the content across geographically disperse regions
• Host both the static and dynamic content of the web application on Amazon S3 and use Amazon CloudFront for distribution across diverse regions/countries
Explanation
Correct option:
Host the static content on Amazon S3 and use Lambda with DynamoDB for the serverless web application that handles dynamic content. Amazon CloudFront will sit in front of Lambda for distribution across diverse regions – Lambda with DynamoDB is the right answer for a serverless solution. CloudFront will help in enhancing user experience by delivering content, across different geographic locations with low latency. Amazon S3 is a cost-effective and faster way of distributing static content for web applications.
Incorrect options:
Host both the static and dynamic content of the web application on Amazon S3 and use Amazon CloudFront for distribution across diverse regions/countries – S3 is not the right fit for hosting Dynamic content, so this option is incorrect.
Host the static content on Amazon S3 and use Amazon EC2 with RDS for generating the dynamic content. Amazon CloudFront can be configured in front of EC2 instance, to make global distribution easy – The company is looking for a serverless solution, and Amazon EC2 is not a serverless service as the EC2 instances have to be managed by AWS customers.
Host both the static and dynamic content of the web application on Amazon EC2 with RDS as the database. Amazon CloudFront should be configured to distribute the content across geographically disperse regions – This is a possible solution, but not a cost-effective or optimal one. Since static content can be cost-effectively managed on Amazon S3 and can be accessed and distributed faster when compared to fetching the content from the EC2 server.