10 IAC DevOps

Question 1

Describe the Service Catalog in cloud services.

Answer 1

The Service Catalog is a managed collection of products, such as CloudFormation stacks, that can be provisioned on demand.

Question 2

Define OpsWorks and its purpose.

Answer 2

OpsWorks is a managed configuration management service that uses Chef and Puppet, ideal for customers transitioning from on-premises environments who are already using these tools.

Question 3

How are Stacks and Layers related in OpsWorks?

Answer 3

Stacks are containers of resources, while Layers represent specific functions within a stack, such as load balancing or databases.

Question 4

What are Recipes and Cookbooks in OpsWorks?

Answer 4

Recipes and Cookbooks are applied to layers to run scripts and install applications. Cookbooks can be stored in GitHub.

Question 5

Explain the concept of Lifecycle events in OpsWorks.

Answer 5

Lifecycle events are hooks that run on layers, such as ‘Setup’ and ‘Deploy’, to manage the lifecycle of resources.

Question 6

How can the availability of instances be configured in OpsWorks?

Answer 6

Instances can be configured to run 24x7, based on a schedule, or when required due to load.

Question 7

Define CloudFormation Templates and their function.

Answer 7

CloudFormation Templates define logical resources that are transformed into physical resources by CloudFormation.

Question 8

What role do Parameters play in CloudFormation Templates?

Answer 8

Parameters influence logical resources and are defined in the template, allowing for configuration with defaults and validation.

Question 9

Describe the difference between Template Parameters and Pseudoparameters.

Answer 9

Template Parameters are directly set by the user, while Pseudoparameters are automatically provided by CloudFormation, such as AWS::Region and AWS::StackId.

Question 10

How do Intrinsic Functions enhance CloudFormation Templates?

Answer 10

Intrinsic Functions allow templates to be dynamic, enabling operations like referencing parameters, retrieving properties, and performing string manipulations.

Question 11

Explain the purpose of the Ref intrinsic function in CloudFormation.

Answer 11

The Ref function points towards parameters and logical resources based on their logical name, allowing for dynamic referencing.

Question 12

What is the function of Fn::GetAtt in CloudFormation?

Answer 12

Fn::GetAtt retrieves properties from other resources defined in the template.

Question 13

Describe the use of Fn::Join and Fn::Split in CloudFormation.

Answer 13

Fn::Join and Fn::Split are intrinsic functions that perform string operations, allowing for manipulation of string values within templates.

Question 14

How does Fn::Select work in CloudFormation?

Answer 14

Fn::Select retrieves an item from a list based on its index, commonly used with Fn::GetAZs.

Question 15

(Removed)

Answer 15

Conditional functions, such as Fn::If and Fn::And, are used to conditionally provision resources based on evaluated conditions.

Question 16

Explain the purpose of Mappings in CloudFormation.

Answer 16

Mappings allow for information lookup using key-value pairs, enabling dynamic configuration based on predefined values.

Question 17

What is the role of Outputs in CloudFormation?

Answer 17

Outputs allow stacks to return values that can be referenced in other stacks and viewed within the Console.

Question 18

How are Conditions evaluated in CloudFormation?

Answer 18

Conditions are evaluated as true or false based on intrinsic functions before the Resources section is evaluated, influencing resource creation.

Question 19

Describe the function of DependsOn in CloudFormation orchestration.

Answer 19

DependsOn defines dependencies between resources, overriding CloudFormation’s default behavior of updating resources in parallel.

Question 20

Describe the role of a CreationPolicy in AWS CloudFormation.

Answer 20

A CreationPolicy is applied to a specific resource in AWS CloudFormation, ensuring that the resource is only marked as CREATE_COMPLETE if a specified number of success signals are received within a timeout period. If the signals are not received, the resource is marked as CREATE_FAILED.

Question 21

How does a WaitCondition function in AWS CloudFormation?

Answer 21

A WaitCondition is a CloudFormation resource that blocks the stack until a specific number of WaitHandles are satisfied. Each WaitHandle generates a pre-signed URL to update its state.

Question 22

Define Nested Stacks in AWS CloudFormation.

Answer 22

Nested Stacks are a logical grouping of stacks where the root stack creates other stacks. They allow for template reuse and enable the parent stack to pass parameters down to child stacks.

Question 23

Explain the purpose of Cross-Stack References in AWS CloudFormation.

Answer 23

Cross-Stack References allow stacks to use exported outputs from other stacks, with the requirement that the export identifier must be unique per account per region. The Fn::ImportValue function is used to retrieve these exported outputs.

Question 24

How should one decide between using nested stacks and cross-stack references?

Answer 24

Nested stacks should be used when resources have a similar lifecycle and for template reuse, while cross-stack references are better for sharing resources across multiple projects, such as a shared VPC.

Question 25

What are StackSets in AWS CloudFormation?

Answer 25

StackSets are used to deploy CloudFormation stacks across multiple accounts and regions, containing stack instances that point to stacks created by CloudFormation.

Question 26

Describe the parameters that control behavior in StackSets.

Answer 26

Key parameters in StackSets include Concurrent accounts (number of target accounts acted on simultaneously), Failure tolerance (percentage of stack operations that can fail before stopping), Region concurrency (whether to apply changes one region at a time or all at once), and Retain stacks (to keep stacks even when the stack instance is deleted).

Question 27

(Removed)

Answer 27

If an EC2 instance references a subnet that has not been created, the instance will not be created until the subnet is available.

Question 28

Define the term ‘Outputs’ in the context of Nested Stacks.

Answer 28

Outputs in Nested Stacks refer to the values returned from child stacks to the parent stack, which can then be passed to other child stacks.

Question 29

How does a WaitHandle work in conjunction with a WaitCondition?

Answer 29

A WaitHandle generates a pre-signed URL that is used to update the state of the WaitCondition, allowing the stack to proceed once the required number of WaitHandles are satisfied.

Question 30

(Removed)

Answer 30

The default behavior is to delete stacks along with stack instances.

Question 31

Define deletion policies in CloudFormation.

Answer 31

Deletion policies are applied to resources to prevent physical resources from being deleted when the logical resource is deleted, useful for preventing data loss for stateful resources.

Question 32

How do deletion policies help with stateful resources?

Answer 32

They prevent data loss by ensuring that resources like EBS volumes and RDS databases are not deleted when the logical resource is deleted.

Question 33

What is the Snapshot behavior in deletion policies?

Answer 33

Some resources support a Snapshot behavior that automatically snapshots them before deletion.

Question 34

Explain the role of Stack Roles in CloudFormation.

Answer 34

Stack Roles allow CloudFormation to assume a role to manage physical resources, overriding the default permissions of the identity that updated the stack.

Question 35

What permission is required for an identity to use a stack role in CloudFormation?

Answer 35

The identity needs the iam:PassRole permission to use the stack role.

Question 36

Describe the purpose of cfn-bootstrap in CloudFormation.

Answer 36

cfn-bootstrap is a collection of scripts that allow resources to interact with stacks.

Question 37

How does cfn-init function in CloudFormation?

Answer 37

cfn-init is a declarative way to bootstrap instances, running scripts based on the AWS::CloudFormation::Init logical resource.

Question 38

What is the function of cfn-hup in CloudFormation?

Answer 38

cfn-hup is a daemon that checks for updates to the Init metadata, allowing UpdateStack to trigger re-initialization of running instances without replacement.

Question 39

Explain the purpose of cfn-signal in CloudFormation.

Answer 39

cfn-signal sends a signal to CloudFormation in relation to a CreationPolicy.

Question 40

What are ChangeSets in CloudFormation?

Answer 40

ChangeSets preview how resources will be affected when a stack is updated, allowing changes to be reviewed before committing.

Question 41

Define Custom Resources in CloudFormation.

Answer 41

Custom Resources implement custom logical resource types, with CloudFormation sending events to an endpoint for the custom resource.

Question 42

How do Custom Resources communicate with CloudFormation?

Answer 42

Handles respond to CloudFormation using the pre-signed ResponseURL.

Question 43

Describe Elastic Beanstalk in the context of AWS.

Answer 43

Elastic Beanstalk is a platform-as-a-service (PaaS) offering where the customer provides the code, and AWS manages the infrastructure.

Question 44

What are the types of platforms supported by Elastic Beanstalk?

Answer 44

There are built-in languages, Docker (single container or multi-container), and pre-configured Docker for languages not natively supported.

Question 45

Give examples of built-in languages supported by Elastic Beanstalk.

Answer 45

Examples include Python, Java, .NET Core (Linux), and .NET (Windows).

Question 46

What is the significance of Docker in Elastic Beanstalk?

Answer 46

Docker allows for single or multi-container applications and includes pre-configured Docker for unsupported languages.

Question 47

How does Elastic Beanstalk handle unsupported languages?

Answer 47

It uses pre-configured Docker to implement languages that are not yet natively supported.

Question 48

Describe the purpose of a docker-compose.yml file.

Answer 48

It is used to orchestrate multi-container applications in Docker.

Question 49

Define what an application refers to in the context of deployment.

Answer 49

An application collectively refers to both the code and configuration of a project. One application can have multiple environments

Question 50

How are application versions stored for deployment?

Answer 50

Application versions are stored in S3 as specific labeled versions of source bundles, which can be in .zip or .war format.

Question 51

Explain the role of environments in Elastic Beanstalk.

Answer 51

Environments provision infrastructure to run a specific application version and are assigned an environment tier, either web server tier or worker tier.

Question 52

What is a CNAME swap and its purpose?

Answer 52

A CNAME swap is used to switch traffic between environments, performing a cut-over from one environment to another.

Question 53

How should databases be managed in relation to Elastic Beanstalk (EB) environments?

Answer 53

Databases should be managed outside EB to avoid data issues when switching environments, although RDS databases can be created from an environment.

Question 54

List the environment variables injected into an application when a database is added to an environment.

Answer 54

The environment variables are: RDS_HOSTNAME, RDS_PORT, RDS_DB_NAME, RDS_USERNAME, and RDS_PASSWORD.

Question 55

Describe the ‘All at Once’ deployment policy.

Answer 55

The ‘All at Once’ deployment policy updates all instances at once, which causes downtime.

Question 56

In Elastic Beanstalk, what is the difference between ‘Rolling’ and ‘Rolling with Additional Batch’ deployment policies?

Answer 56

‘Rolling’ deploys in batches without maintaining capacity, while ‘Rolling with Additional Batch’ provisions additional instances to maintain capacity throughout the process.

Question 57

Define the ‘Immutable’ deployment policy.

Answer 57

The ‘Immutable’ deployment policy provisions a separate set of instances in a temporary Auto Scaling Group (ASG) and adds them to the main ASG once they are ready.

Question 58

Explain the purpose of the .ebextensions folder in a source bundle.

Answer 58

The .ebextensions folder customizes the environment, allowing configuration files to be added that end in .config.

Question 59

In Elastic Beanstalk, how does the ‘Traffic Splitting’ deployment policy work?

Answer 59

The ‘Traffic Splitting’ policy launches new instances in a temporary ASG and progressively cuts over traffic to these new instances.

Question 60

What is the function of cloning in the context of environments?

Answer 60

Cloning creates a new environment based on an existing environment, copying all settings across.

Question 61

Describe how CloudFormation templates can be used with Elastic Beanstalk.

Answer 61

CloudFormation templates in JSON or YAML format can be added to customize the stack generated by Elastic Beanstalk.

Question 62

Describe the phases of a CodeBuild job.

Answer 62

The phases of a CodeBuild job include DOWNLOAD_SOURCE, INSTALL, PRE_BUILD, BUILD, POST_BUILD, and FINALIZING. If DOWNLOAD_SOURCE, INSTALL, or PRE_BUILD fails, it will short circuit to FINALIZING. If the job reaches BUILD, all successive phases are used, even if some fail. FINALIZING is only skipped if PROVISIONING fails.

Question 63

Define the purpose of the buildspec in CodeBuild.

Answer 63

The buildspec defines the commands for the various phases of a CodeBuild job, which include install, pre_build, build, and post_build.

Question 64

How does CodePipeline support different types of actions?

Answer 64

CodePipeline supports six types of actions: Source, Build, Test, Deploy, Approval, and Invoke.

Question 65

Explain the rollback feature in CodePipeline.

Answer 65

The rollback feature in CodePipeline allows earlier executions of a stage to be performed again.

Question 66

What happens if the FINALIZING step is skipped in a CodeBuild job?

Answer 66

The FINALIZING step is only skipped if the PROVISIONING phase fails.

Question 67

List the phases that can cause a CodeBuild job to short circuit to FINALIZING.

Answer 67

The phases that can cause a CodeBuild job to short circuit to FINALIZING are DOWNLOAD_SOURCE, INSTALL, and PRE_BUILD.

Question 68

How does the success of the BUILD phase affect subsequent phases in CodeBuild?

Answer 68

If the job reaches the BUILD phase, all successive phases (POST_BUILD and FINALIZING) are used, even if some of them fail.

Question 69

Describe the types of actions supported by CodePipeline.

Answer 69

CodePipeline supports six types of actions: Source, Build, Test, Deploy, Approval, and Invoke.