APP SERVICES, CONTAINERS & SERVERLESS

Question 1

What’s a Task Role used for within ECS?

Answer 1

It allows the Task to assume an IAM role that it requires for access to other AWS ressources.

Question 2

What’s a Task representing within ECS?

Answer 2

It represents the entire application, which may consist of one or more containers.

Question 3

What’s a Service Definition used for within ECS?

Answer 3

It defines how an application scales, i.e. how many applications run in parallel in an ECS cluster, including a load balancers to distribute traffic. Services should be used for any production workloads.

Question 4

What’s a Container Definition within the context of ECS?

Answer 4

Part of the Task Definition, defining the properties for a single container such image, port number, CPU & memory

Question 5

What’s a Task Definition used for within ECS?

Answer 5

Defines the security (Task Role) and container(s) to use, and the resources (CPU, memory, network, etc.) that each container gets assigned.

Question 6

Which two cluster types exist with ECS?

Answer 6

EC2 mode and Fargate mode

Question 7

What is maximum size for a payload with SNS?

Answer 7

256 KB

Question 8

What is maximum size for a message with SQS?

Answer 8

256 KB

Question 9

What’s VisibilityTimeout referring to with SQS?

Answer 9

Time that a message is hidden in the queue after it’s been picked up

Question 10

How often can a message be delivered with Standard vs FIFO queues in SQS?

Answer 10

Standard: at least once
FIFO: exactly once

Question 11

What is the performance of FIFO queues with and without batching (in messages per second)?

Answer 11

Batch: 3000 messages per second

Non-Batch: 300 messages per second

Question 12

What’s the maximum time in seconds allowed for Long Polling with SQS (configured via waitTimeSeconds)?

Answer 12

Up to 20 seconds

Question 13

How long can a message live in SQS?

Answer 13

Up to 14 days

Question 14

What is important to know about the names of FIFO queues?

Answer 14

The name of a FIFO queue must end with the .fifo suffix

Question 15

What’s the SQS Extended Client Library used for?

Answer 15

It automatically puts the payload of messages larger than 256 KB onto S3 when sending a message, and links the S3 object in the SQS message. When processing a message, it will also automatically retrieve the payload via S3 again and delete the S3 object when processing was finished successfully.

Question 16

What are the min, max and default values for VisibilityTimeout in SQS?

Answer 16

Min: 0 seconds
Max: 12 hours
Default: 30 seconds

Question 17

On which elements in SQS can the VisibilityTimeout be set?

Answer 17

Queue or Per-Message

Question 18

What’s DelaySeconds referring to with SQS?

Answer 18

Time that a message is hidden in the queue after it’s been added to the queue

Question 19

What are the min and max values for DelaySeconds in SQS?

Answer 19

Min: 0
Max: 15 minutes

Question 20

When support for protocols like AMQP, MQTT, OpenWire or STOMP is required, what AWS service is a great fit?

Answer 20

Amazon MQ

Question 21

If you’re using Jakarta Messaging API (formerly Java Message Service or JMS API) and want to continue using this on AWS, what AWS service is a great fit?

Answer 21

Amazon MQ

Question 22

Is Amazon MQ a public or private service?

Answer 22

Private, so it requires setup in a VPC

Question 23

What are supported runtimes with Lambda?

Answer 23

Python, Ruby, Java, Go, C#, NodeJS

Other languages are supported via Custom Runtimes.

Question 24

What’s the min and max memory allocation with Lambda?

Answer 24

Min: 128 MB
Max: 3 GB

Question 25

What’s the max run time with Lambda before a function times out?

Answer 25

15 minutes

Question 26

Where does Lambda provision temporary storage, and how much of it?

Answer 26

512 MB storage available via /tmp

Question 27

When running Lambda in private mode (=> using a VPC), what two options would you have to access a public AWS service such as DynamoDB?

Answer 27

Option 1: deploy VPC Endpoint for DynamoDB in private subnet

Option 2: deploy NATGW + IGW in public subnet

Question 28

What serverless service requires EC2 network permissions under certain conditions?

Answer 28

AWS Lambda, when run in private mode (=> using a VPC) as it requires permissions to create ENIs

Question 29

What are resource-based policies used for in the context of AWS Lambda?

Answer 29

They define what services and accounts can invoke the Lambda function. This is in contrast to IAM roles that are attached to the Lambda function and control the permissions the function has to other services.

Question 30

What are the three invocation modes available for Lambda?

Answer 30

Synchronous, Asynchronous, Event Source Mapping

Question 31

When Lambda functions are invoked via Event Source Mapping, does the Lambda function require permissions on the source (like a Kinesis Stream)?

Answer 31

Yes. And that is in contrast to the other two modes (Synchronous, Asynchronous), where data is delivered to the Lambda by the service, rather than Lambda reading from the service.

Question 32

Which services invoke Lambda functions via Event Source Mapping?

Answer 32

Kinesis Streams, SQS Queues, DynamoDB Streams, Amazon Managed Streaming for Kafka

Question 33

What does a Lambda version consist of?

Answer 33

Code and configuration of the Lambda function

Question 34

In which scenario can usage of the /tmp storage in Lambda improve performance?

Answer 34

It can be used to download and store resources such as images, that may be required for additional invocations of the same Lambda function. If the same function is executed multiple times, they can likely re-use what’s been stored in /tmp by a previous execution (but no guarantee).

Question 35

If requests from a client or responses from a Lambda function contain headers with multiple values or contains the same header multiple times, or query parameters with multiple values for the same key, what do you need to enable to support this?

Answer 35

Multi-value headers

Question 36

When implementing an event-based application model, should you use AWS CloudWatch Events or AWS EventBridge?

Answer 36

AWS EventBridge as this supports everything CloudWatch Event does, and additional things.

Question 37

What are valid targets for an Amazon API Gateway request?

Answer 37

• Lambda
• HTTP
• Mock
• AWS Services
• VPC Link

Question 38

What “authorizers” are supported by Amazon API Gateway?

Answer 38

Most common: Cognito (via User Pools) and Lambda Authorizers

But also via IAM, resource policies and endpoint policies.

Question 39

What endpoint types does Amazon API Gateway support?

Answer 39

Regional, Edge-Optimized, Private

Question 40

What’s HTTP error code 400 referring to?

Answer 40

Bad Request - Generic

Question 41

What’s HTTP error code 403 referring to?

Answer 41

Access Denied

Question 42

What’s HTTP error code 429 referring to?

Answer 42

Too Many Requests (Throttling, etc.)

Question 43

What’s HTTP error code 502 referring to in the context of API Gateway?

Answer 43

Bad Gateway (e.g. bad output from Lambda)

Question 44

What’s HTTP error code 503 referring to in the context of API Gateway?

Answer 44

Service unavailable (e.g. backend endpoint offline)

Question 45

What’s HTTP error code 504 referring to in the context of API Gateway?

Answer 45

Integration failure/timeout (e.g. Lambda took more than 29s to respond)

Question 46

Can Amazon API Gateway caches be encrypted?

Answer 46

Yes

Question 47

What is the min, max and default TTL for the cache of Amazon API Gateway?

Answer 47

Min: 0
Max: 3600 seconds
Default: 300 seconds

Question 48

What’s the max. duration of a Step Function execution?

Answer 48

1 year

Question 49

What are the two execution types that exist with AWS Step Functions?

Answer 49

Standard and Express

Question 50

What’s ASL in context of AWS Step Functions?

Answer 50

Amazon Stages Language - JSON template that defines an AWS Step Function flow

Question 51

What are common integrations for a Task within AWS Step Functions?

Answer 51

Lambda, Batch, DynamoDB, ECS, SNS, SQS, Glue, SageMaker, EMR, Step Functions

Question 52

What’s the max. duration of a Simple Workflow Service (SWF) execution?

Answer 52

1 year

Question 53

What is AWS Flow Framework?

Answer 53

Collection of convenience libraries that make it faster and easier to build applications with Amazon Simple Workflow

Question 54

When any kind of external signal is required to be fed into a workflow, what is the right product to use?

Answer 54

Amazon Simple Workflow Service (SWF)

Question 55

When it’s required to launch child workflows (and returning to the parent), what is the right product to use?

Answer 55

Amazon Simple Workflow Service (SWF)

Question 56

When you need bespoke/complex decision logic in a workflow, what is the right product to use?

Answer 56

Amazon Simple Workflow Service (SWF)

Question 57

When an integration with Mechanical Turk is required, what is the right product to use?

Answer 57

Amazon Simple Workflow Service (SWF)

Question 58

When having to choose between Amazon Elastic Transcoder and AWS Elemental MediaConvert, what’s the better product?

Answer 58

AWS Elemental MediaConvert as it’s a super set of Amazon Elastic Transcoder, with more features and lower costs.

Question 59

When would you still use Amazon Elastic Transcoder, instead of using it’s successor, AWS Elemental MediaConvert?

Answer 59

When any of the following is required

• WebM (VP8/VP9) input and output
• Animated GIF output
• MP3, FLAC, Vorbis, and WAV audio-only output

Question 60

What’s the “sam-package” command used for?

Answer 60

Takes local assets, builds a ZIP file from them, and uploads it to S3. Also generates the sam-deploy.yaml in the working directory that is required for the sam-deploy command.

Question 61

What’s the “sam-deploy” command used for?

Answer 61

Deploys the infrastructure that’s defined in sam-deploy.yaml to AWS. If no sam-deploy.yaml exists yet, will also run sam-package before the deployment.

Question 62

Can you access Kinesis Video Streams data directly on the underlying storage (S3, EBS, EFS, etc.)?

Answer 62

No, only via APIs

Question 63

What are valid data sources for AWS Glue (name 6)?

Answer 63

• S3
• RDS
• JDBC-compatible DBs
• DynamoDB
• Kinesis Data Stream
• Apache Kafka

Question 64

What are valid data targets for AWS Glue (name 3)?

Answer 64

• S3
• RDS
• JDBC-compatible DBs