Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

AWS Developer Certification > AWS CLI, SDK, IAM Roles & Policies > Flashcards

AWS CLI, SDK, IAM Roles & Policies Flashcards

1
Q

How can you test IAM policies quickly?

A
  • Use the AWS Policy Simulator
  • Use the –dry-run option in the AWS CLI
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

How do you decode the CLI error message when API calls fail?

A

Use the STS command line with the following command:
- sts decode-authorization-message

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

How can you access the EC2 Instance Metadata?

A

Use the following url:
http://169.254.169.254/latest/meta-data

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

How would you use MFA with the CLI?

A
  • Create a temporary session
  • Run the STS GetSessionToken API call
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What is the default region used by the SDK if not specified?

A

us-east-1

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

How would you fix intermittent errors due to hitting API rate limits?

A

Implement Exponential Backoff Retrier

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

How would you fix consistent errors due to hitting API rate limits?

A

Request an API throttling limit increase

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What is the Service Limit number for Running On-Demand Standard Instances? How could you increase this limit?

A

1152 vCPUs
- Request a service limit increase by opening a ticket
- Request a service quota increase by using the Service Quotas API

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

When would you implement Exponential Backoff, when would you not implement it, and how would you do so?

A

If you get ThrottlingException intermittently
- Retry mechanism already included in the SDK
- Implement retries on 5xx server errors and throttling
- Do not implement on 4xx client errors

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What is the order in which the CLI looks for credentials?

A
  1. Command line options
  2. Environment variables - AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY and AWS_SESSION_TOKEN
  3. CLI credentials file
  4. CLI configuration file
  5. Container credentials - for ECS tasks
  6. Instance profile credentials - for EC2 Instance profiles
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What is the order in which the SDK looks for credentials?

A
  1. Java system properties - aws.accessKeyId and aws.secretKey
  2. Environment variables - AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY
  3. The default credential profiles file
  4. Container credentials - for ECS containers
  5. Instance profile credentials - used on EC2 instances
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What is the AWS Credentials Best Practice?

A
  • Never store AWS Credentials in code
  • Allow credentials to be inherited from the credentials chain
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

If you are working outside of AWS, what is best practice for using credentials?

A

Use env. variables / named profiles

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

What does SigV4 mean?

A

Your request to AWS are signed using your credentials and are authenticated against AWS.
- Signed using the HTTP Header option or Query String option (Query String is used when viewing S3 objects)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly

AWS Developer Certification (27 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions