Automation & Containers

Question 1

CloudFormation Tempate

Answer 1

a text file that describes and defines
the resources to be deployed in your environment

. This template is then processed by an engine that provisions the specified resources.

*Define an entire application stack (all resources required for your application) in a JSON or YAML template file. Treat the template as code and manage it using a version control system.

*Define runtime parameters for a template, such as the Amazon Elastic Compute Cloud (Amazon EC2)
instance size, and Amazon EC2 key pair.

*The IaC solution provisions the resources that are defined in the template.

*If you created an AWS resource outside CloudFormation management, you can bring this existing resource
into CloudFormatio

Question 2

CloudFormation Stacks

Answer 2

All resources in a stack are defined by the stack’s CloudFormation template.
You can manage a collection of
resources by creating, updating, or deleting stacks.

A collection of AWS resources that are managed as a single unit
*Can deploy and delete resources as a unit
*Can update resources and settings on running stacks
*Supports nested stacks and cross-stack references

Question 3

AWS Elastic Beanstalk

Answer 3

“Just add your code”
Provisions and operates the infrastructure
*Manages the application stack for you
*Shows everything that is created
*Automatically scales your application up and down

Question 4

AWS Solutions Library

Answer 4

AWS Solutions Library helps you solve common problems and build faster by using AWS. Solutions are vetted by AWS architects and are designed to be operationally effective, reliable, secure, and cost efficient. Many AWS solutions come with prebuilt CloudFormation templates. They can also include a detailed architecture, a deployment guide, and instructions for automated and manual deployment.

Question 5

AWS CDK

Answer 5

AWS CDK is a software development framework
Uses any supported language to generate templates
*Supports autocomplete and inline documentation
*Has proven defaults and reusable classes
*Provisions multiple environments

Question 6

AWS Systems Manager

Answer 6

AWS Systems Manager provides a central place to view and manage your AWS resources

System manager primary functions: Provisioning and entitlement, Configuration management, Operations and compliance management , Monitoring

Question 7

Amazon Q

Answer 7

Generative AI-powered assistant

*Secure and private by design
*Can be customized with your own data
*Provides assistants that are designed for specific
use cases

Question 8

Amazon Q Developer

Answer 8

*Designed for developers and IT
professionals
*Generates code and helps you
understand, build, extend, and
operate AWS applications

Question 9

Amazon Q Business

Answer 9

*Designed for business analysts
and every employee
*Answers questions, generates
and summarizes content, and
completes non-coding tasks

Question 10

Two primary solutions for decoupling application components

Answer 10

Load balancers
Message queues

Question 11

Amazon Elastic Container Registry (Amazon ECR)

Answer 11

a managed Docker container registry.
You push your container images to Amazon ECR and can then pull those images to launch containers.

Question 12

Amazon Elastic Container Service (Amazon ECS)

Answer 12

is a scalable, container management
service that supports Docker containers.

Amazon ECS manages the scaling, maintenance, and connectivity for your containerized applications.

Question 13

What are components you create with ECS to run and scale your containers

Answer 13

you create ECS services, which launch ECS tasks.

Amazon ECS tasks can use one or more
container images.

Amazon ECS services scale your running task count to meet demand on your application.

Question 14

ECS Cluster

Answer 14

You create an Amazon ECS cluster with dedicated infrastructure for your application. You can run your tasks and services on a serverless infrastructure that AWS Fargate manages.

If you prefer more control over your infrastructure, you can manage your tasks and services on a cluster of EC2 instances. Your cluster can scale EC2 hosting capacity by adding or removing EC2 instances from your cluster.

Question 15

Features offered by Amazon ECS?

Answer 15

*Fully managed – As a fully managed service, you don’t need to manage the control plane, nodes, or add-ons.

*Service discovery – Amazon ECS features support for service discovery, which you can use to register your
ECS services to Domain Name System (DNS) names.
You could then configure these services to be able to discover each other within the same virtual private cloud (VPC). With service discovery, your microservice components are automatically discovered and added to namespaces as they’e created and shut down.

*AWS integrations – Amazon ECS has close integrations with many AWS services, for example, Amazon ECR, AWS Identity and Access Management
Amazon CloudWatch Logs and Container Insights

*Flexible hosting options–With ECS you can use both Amazon EC2 and serverless hosting with AWS Fargate. You can schedule the placement of your containers across your cluster based on your resource needs,
isolation policies, and availability requirements

Development workflows–Amazon ECS supports continuous integration and continuous
deployment (CI/CD).

Question 16

Amazon Elastic Kubernetes Service (Amazon EKS)

Answer 16

a certified conformant, managed Kubernetes service.
Amazon EKS helps you provide highly available and secure clusters and automates key tasks such as patching, node provisioning, and updates.

*Run applications at scale–Define complex containerized applications and run them at scale across a cluster of servers.

*Seamlessly move applications–Move containerized applications from local development to production
deployments on the cloud.

*Run anywhere–Run highly available and scalable Kubernetes clusters.

Question 17

Explain how EKS is highly available and resilient

Answer 17

Amazon EKS runs three Kubernetes managers across three Availability Zones. It detects and replaces
unhealthy managers and provides automated version upgrades and patching for the managers.

Question 18

AWS Fargate

Answer 18

a technology for Amazon ECS and Amazon EKS
that you can use to run containers without having
to manage servers or clusters.

With Fargate, you no longer need to provision, configure, and scale clusters of VMs to run containers. Thus, it removes the need to choose server types, decide when to scale your clusters, or
optimize cluster packing.

Question 19

What are container orchestration services on AWS?
Which is most effort, least effort?

What are container hosting types on AWS?
Which is most effort, least effort?

Answer 19

Orchestration: ECS (least), EKS (most)
Hosting: Fargate (least), EC2 (most)

Question 20

RPO

Answer 20

Recovery
Point Objective
is the acceptable amount of data loss measured in time

Question 21

RPO

Answer 21

Recovery
Point Objective
is the acceptable amount of data loss measured in time

Question 22

RTO

Answer 22

Recovery Time Objective
is the time it takes after a disruption to restore a business process to its service
level, as defined by the operational level agreement (OLA).

Question 23

AWS
Backup

Answer 23

is a fully managed backup service that helps you centralize and automate the backup of data across
AWS services

works with AWS Organizations to centrally deploy data protection policies to configure, manage,
and govern your backup activity

Question 24

How do you create AWS Backup

Answer 24

1. Create AWS back up plan
2. Assign resources
3. Manage and monitor backups

Question 25

What does a AWS backup plan consist of

Answer 25

When you create a backup plan, you specify the following:
*Schedule –Set the frequency of the backups and the window of time during which to conduct backups

*Lifecycle –Determine when a backup is moved to cold storage, and when a backup expires

*Vault –AWS Backup keeps backups in an AWS Backup vault. You specify which backup vault your backup plan uses

oWhen you create a backup vault, you assign an AWS Key Management Service (AWS KMS) encryption
key to encrypt backups that do not have their own encryption methods

*Tags for backup –You specify tags that will be assigned to backups created by this plan

Question 26

Pilot light

Answer 26

you replicate your data from one environment to another and provision a copy of
your core workload infrastructure

Question 27

warm standby

Answer 27

approach involves creating a scaled down, but fully functional copy of your production
environment in a recovery environment

Question 28

Multi site active active

Answer 28

In
an active/active configuration, a multi
-
site solution runs in two environments

Question 29

What can you do with ECR features?

Answer 29

With Amazon ECR, you can compress, encrypt, and control access to your container images. You also manage versioning and image tags. An Amazon ECR private registry is provided to each AWS account. You can create one or more repositories in your registry and store images in them.

Question 30

With Systems Manager, you can?

Answer 30

*Create logical groups of resources such as applications, different layers of an application stack, or development and production environments.

*Select a resource group and view its recent API activity, resource configuration changes, related notifications, operational alerts, software inventory, and patch compliance status.

*Take action on each resource group depending on your operational needs.

*Centralize operational data from multiple AWS services and automate tasks across your AWS resources.

Question 31

Lambda@Edge

Answer 31

Lambda@Edge lets you run Lambda functions to customize the content that CloudFront delivers, executing the functions in AWS locations closer to the viewer. The functions run in response to CloudFront events, without provisioning or managing servers.

Question 32

You can use Lambda functions to change CloudFront requests and responses at the following points:

Answer 32

– After CloudFront receives a request from a viewer (viewer request)

– Before CloudFront forwards the request to the origin (origin request)

– After CloudFront receives the response from the origin (origin response)

– Before CloudFront forwards the response to the viewer (viewer response)