Answer:- Policy is an object which is associated with a resource that defines the permissions. AWS evaluate these policies when user makes a request. Permissions in the policy determine whether to allow or to deny an action. Policies are stored in the form of a JSON documents. AWS supports six types of policies: - Identity-based policies - Resource-based policies - Permissions boundaries - Organizations SCPs - Access Control Lists - Session policies

Answer:- - Identity-based policies: Identity-based policies are the permissions stored in the form of JSON format. This policy can be attached to an identity user, group of users or role. It determines the actions that the users can perform, on which resources, and under what conditions. Identity-based policies are further classified into two categories: - Managed Policies: Managed Policies are the identity-based policies which can be attached to multiple users, groups or roles. There are two types of managed policies: - AWS Managed Policies: AWS Managed Policies are the policies created and managed by AWS. If you are using the policies first time, then we recommend you to use AWS Managed Policies. - Custom Managed Policies: Custom Managed Policies are the identity-based policies created by user. It provides more precise control over the policies than AWS Managed Policies. - Inline Policies: Inline Policies are the policies created and managed by user. These policies are encapsulated directly into a single user, group or a role. - Resource-Based Policies: Resource-based policies are the policies which are attached to the resource such as S3 bucket. Resource-based policies define the actions that can be performed on the resource and under what condition, these policies can be applied.

Answer:- Resource-based policies are the policies which are attached to the resource such as S3 bucket. Resource-based policies define the actions that can be performed on the resource and under what condition, these policies can be applied.

Answer:- Permissions boundaries are the maximum permissions that identity-based policy can grant to the entity.

Answer:- Service Control Policies are the policies defined in a JSON format that specify the maximum permissions for an organization. If you enable all the features in an Organization, then you can apply Service Control Policies to any or all of your AWS accounts. SCP can limit the permission on entities in member accounts as well as AWS root user account.

Answer:- ACL defines the control that which principals in another AWS account can access the resource. ACLs cannot be used to control the access of a principal in a different AWS account. It is the only policy type which does not have the JSON policy document format.

Answer:- The default storage class is Standard Frequently Accessed.

Answer:- Snowball is a petabyte-scale data transport solution that uses secure appliances to transfer large amounts of data into and out of aws cloud.

Answer:- - Stopping: You can stop an EC2 instance and stopping an instance means shutting down the instance. Its corresponding EBS volume is still attached to an EC2 instance, so you can restart the instance as well. - Terminating: You can also terminate the EC2 instance and terminating an instance means you are removing the instance from your AWS account. When you terminate an instance, then its corresponding EBS is also removed. Due to this reason, you cannot restart the EC2 instance.

Answer:- 5 elastic IP addresses that you can create per AWS account per region.

Answer:- Load Balancer is a virtual machine that balances your web application load that could be Http or Https traffic that you are getting in. It balances a load of multiple servers so that no web server gets overwhelmed.

Answer:- VPC stands for Virtual Private Cloud. It is an isolated area of the AWS cloud where you can launch AWS resources in a virtual network that you define. It provides a complete control on your virtual networking environment such as selection of an IP address, creation of subnets, configuration of route tables and network gateways.

Answer:- - A VPC peering connection is a networking connection that allows you to connect one VPC with another VPC through a direct network route using private IP addresses. - By using VPC peering connection, instances in different VPC can communicate with each other as if they were in the same network. - You can peer VPCs in the same account as well as with the different AWS account

Answer:- NAT stands for Network Address Translation. It is an aws service that enables to connect an EC2 instance in private subnet to the internet or other AWS services.