0
0
AWScloud~10 mins

Data transfer cost awareness in AWS - Interactive Code Practice

Choose your learning style9 modes available
LearnWhyDeepVisualTryChallengeProjectRecallTime
Practice - 5 Tasks
Answer the questions below
1fill in blank
easy

Complete the provider configuration to specify the AWS region for the S3 bucket to reduce data transfer costs.

AWS
provider "aws" {
  region = "[1]"
}

resource "aws_s3_bucket" "example" {
  bucket = "my-bucket"
}
Drag options to blanks, or click blank then click option'
Aus-east-1
Bap-southeast-2
Ceu-west-1
Dsa-east-1
Attempts:
3 left
💡 Hint
Common Mistakes
Choosing a region far from your users increases data transfer costs.
Leaving the region unspecified can cause default region usage, which may be costly.
2fill in blank
medium

Complete the code to enable VPC endpoints to reduce data transfer costs between EC2 and S3.

AWS
resource "aws_vpc_endpoint" "s3_endpoint" {
  vpc_id            = aws_vpc.main.id
  service_name      = "com.amazonaws.[1].s3"
  vpc_endpoint_type = "Gateway"
}
Drag options to blanks, or click blank then click option'
Aus-west-2
Beu-west-1
Cap-northeast-1
Dus-east-1
Attempts:
3 left
💡 Hint
Common Mistakes
Using a service name region different from the VPC region causes errors.
Not using VPC endpoints causes data to route over the internet, increasing costs.
3fill in blank
hard

Fix the error in the security group rule to allow inbound traffic only from the same VPC to reduce data transfer costs.

AWS
resource "aws_security_group_rule" "allow_internal" {
  type              = "ingress"
  from_port         = 0
  to_port           = 65535
  protocol          = "tcp"
  cidr_blocks       = ["[1]"]
  security_group_id = aws_security_group.main.id
}
Drag options to blanks, or click blank then click option'
A10.0.0.0/16
B0.0.0.0/0
C192.168.1.0/24
D172.16.0.0/12
Attempts:
3 left
💡 Hint
Common Mistakes
Using 0.0.0.0/0 opens access to the internet, increasing costs.
Using a CIDR block outside the VPC range causes connectivity issues.
4fill in blank
hard

Fill in the blank to configure an S3 bucket policy that allows access only from a specific VPC endpoint to reduce data transfer costs.

AWS
{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Effect": "Allow",
      "Principal": "*",
      "Action": "s3:*",
      "Resource": ["arn:aws:s3:::my-bucket", "arn:aws:s3:::my-bucket/*"],
      "Condition": {
        "StringEquals": {
          "aws:sourceVpce": "[1]"
        }
      }
    }
  ]
}
Drag options to blanks, or click blank then click option'
Avpce-1234567890abcdef0
Bvpce-0987654321fedcba9
Cvpce-abcdef1234567890a
Dvpce-0a1b2c3d4e5f6g7h8
Attempts:
3 left
💡 Hint
Common Mistakes
Using an incorrect or non-existent VPC endpoint ID causes access denial.
Leaving the condition out allows public access, increasing costs.
5fill in blank
hard

Fill all three blanks to create a CloudWatch alarm that triggers when data transfer out exceeds a threshold, helping monitor and control costs.

AWS
resource "aws_cloudwatch_metric_alarm" "data_transfer_alarm" {
  alarm_name          = "HighDataTransferOut"
  comparison_operator = "[1]"
  evaluation_periods  = 1
  metric_name         = "NetworkOut"
  namespace           = "AWS/EC2"
  period              = 300
  statistic           = "[2]"
  threshold           = [3]
  alarm_description   = "Alarm when data transfer out exceeds threshold"
  actions_enabled     = true
}
Drag options to blanks, or click blank then click option'
AGreaterThanThreshold
BAverage
C1000000000
DLessThanThreshold
Attempts:
3 left
💡 Hint
Common Mistakes
Using 'LessThanThreshold' triggers alarm on low usage, not high.
Setting threshold too low causes false alarms.