AWS CLOUD

AWS Solution Architect Associate Exam Preparation  – Notes

Because standard queues are designed to be massively scalable using a highly distributed architecture, receiving messages in the exact order they are sent is not guaranteed

8. Standard queues provide at-least-once delivery, which means that each message is delivered at least once. FIFO queues provide exactly once processing, which means that each message is delivered once and remains available until a consumer processes it and deletes it. Duplicates are not introduced into the queue.
9. All messages have a global unique ID that Amazon SOS returns when the message is delivered to the message queue. The ID isn’t required to perform any further actions on the message, but it is useful for tracking the receipt of a particular message in the message queue. When you receive a message from the message queue, the response includes a receipt handle that you must provide when deleting the message.
10. An Amazon SQS message can contain up to 10 metadata attributes. You can use message attributes to separate the body of a message from the metadata that describes it. This helps process and store information with greater speed and efficiency because your applications don’t have to inspect an entire message before understanding how to process it.
11. Amazon SQS long polling is a way to retrieve messages from your Amazon SQS queues. While the regular short polling returns immediately, even if the message queue being polled is empty, long polling doesn’t return a response until a message arrives in the message queue, or the long poll times out.
12. In general, you should use maximum 20 seconds for a long poll timeout. Because higher long-poll timeout values reduce the number of empty ReceiveMessageResponse instances returned, try to set your long-poll timeout as high as possible. Long polling timeout can be between 0 sec and 20 sec (maximum).
13. When Amazon SQS returns a message to you, the message stays in the message queue whether or not you actually receive the message. You’re responsible for deleting the message and the deletion request acknowledges that you’re done processing the message.
14. . if you don’t delete the message, Amazon SOS will deliver it again on when it receives another receive request.
15. When you issue a DeleteMessage request on a previously deleted message, Amazon SQ5 returns a success response.
16. FIFO queues never introduce duplicate messages.
17. Both standard and FIFO queues support SSE
18. AWS SQS is both PCI DSS level 1 certified and HIPAA compliant.
19. There is a 120,000 limit for the number of in flight messages for a standard queue and 20,000 for a FIFO queue. Messages are in-flight after they have been received from the queue by a consuming component, but have not yet been deleted from the queue.
20. Each Amazon SOS message queue is independent thin each region and can not be shared across regions.
21. When you create a security group, it has no inbound rules. Therefore, no inbound traffic originating from another host to your instance is allowed until you add inbound rules to the security group.
22. By default, a security group includes an outbound rule that allows all outbound traffic. If your security group has no outbound rules, no outbound traffic originating from your instance is allowed.
23. Security groups are stateful-if you send a request from your instance, the response traffic for that request is allowed to flow in regardless of inbound security group rules. Responses to allowed inbound traffic are allowed to flow out, regardless of outbound rules.
24. ICMP traffic is always regardless of the rules (ex. even if 0.0.0.0/0 is specified for ICMP).
25. . Incoming traffic is allowed based on the private IP addresses of the instances that are associated with the source security group (and not the public IP or Elastic IP addresses).
26. . If you specify a single IPv4 address, specify the address using the /32 prefix length. If you specify a single IPv6 address, specify it using the /128 prefix length.
27. The rules you create for use with a security group for a VPC can’t reference a security group for EC2-Classic, and vice versa IAM/Security.