AWS cloud guru developer

Question 1

what languages are supported by aws lambda

Answer 1

node.js, java, python, go, C#

Question 2

what tool allows you to debug what’s happening inside a lambda function

Answer 2

AWS X rays

Question 3

what is sqs visibility timeout

Answer 3

its the amount of time a message remains in an invisible state. The invisible state is the state a message gets into after it has been picked up by a server for processing.

Question 4

what if the visibility timeout occurs before the server finishes processing the message.

Answer 4

The message becomes visible again and another server can take up it’s processing. If the first server that took this up processes it, it can result in multiple processing of the same mesaage.

Question 5

what if the server finishes processing before the visibility timeout occurs?

Answer 5

the message is deleted from the queue

Question 6

what are the min and max values of the visibility timeout of an SQS queue

Answer 6

30 seconds to 12 hours

Question 7

what service is used for sending email only?

Answer 7

SES - simple email service.

Question 8

while uploading your deployment package to AWS lambda, what information do you need to provide as configuration?

Answer 8

name of the handler method, compute requirements, and runtime.

Question 9

what permission policies should you set on the zip file which you upload as a lambda function?

Answer 9

read permission for global users

Question 10

with what permissions does AWS lambda access other resources from your code?

Answer 10

The same permission as that of the IAM user who is running the lambda function.

Question 11

in the context of a lamda frunction, for poll based sources where is the event source mapping stored?

Answer 11

in AWS lambda

Question 12

in the context of a lamda frunction, for push based event sources where is the event sourc mapping stored?

Answer 12

in the source service or resorce (e/g/S3)

Question 13

in the context of a lamda frunction, what is an event source mapping?

Answer 13

delineates what events to track and what functions to invoke.

Question 14

where are event source mappings stored in the event source or the lambda function?

Answer 14

for push based events like S3 in the event source

for poll based events in the lambda function,

Question 15

if you’re using an S3 as an event source, where do you configure the notification?

Answer 15

Notification configuration.

Question 16

In the context of AWS lambda what are the primary resources

Answer 16

The lambda function and event source mapping.

Question 17

when launching an ec2 instance which volume is not and cannot be encrypted at the time of launch?

Answer 17

root volume

Question 18

how long does it take for a change of rule in security group to take effect?

Answer 18

almost immediately.

Question 19

are security group rules stateful? what does it mean?

Answer 19

yes, it means when you create an inbound rule, a corresponding outobound rule for the same port is implicitly created. e.g. allowing incoming http will allow your server to respond as well

Question 20

are network access control list rules stateful?

Answer 20

no ther are not.

Question 21

if you want to block a particular port or ip address, can you do it with a security group or a network access control list?

Answer 21

network access control list.

Question 22

can you assign multiple security groups to an ec2 instance?

Answer 22

yea

Question 23

whats one thing aws does to achieve high availability and durability on ebs?

Answer 23

automatically replicate an EBS volume within the availability zone/

Question 24

what are different EBS options available?

Answer 24

SSD - general purpose SSD, provisioned IOPS SSD

HDD - throughput optimized HDD, cold HDD, EBS magnetic

Question 25

what availability zone is the EBS in compared to the ec2 instance?

Answer 25

EBS volume and EC2 instance are in the same availability zone.

Question 26

if you terminate an ec2 instance what happens to the root device volume?

Answer 26

that gets deleted as well.

Question 27

if you terminate an ec2 instance what happens to the additional volumes (other than the root) which are attached?

Answer 27

they are not deleted by default. In fact they become “available” for use.

Question 28

what are two different ways you can create an image from a snapshot?

Answer 28

volume – snapshot–image

volume –image

Question 29

what are different ways in which you could select AMIUs

Answer 29

PORAS - permissions, operating system, region, architecture - 32 vs 64 bits, storage for the root device.

Question 30

if the snapshot out of which an image was created is encrypted, then can you launch that image on a volume that is unencrypted?

Answer 30

no

Question 31

what is the encryption status of volumes restored from encrypted snapshots

Answer 31

they are encrypted as well.

Question 32

what is the difference between cloud watch and cloud trail?

Answer 32

cloud watch = monitoring performance (gym)

cloud trail = monitoring API calls (CCTV camera)

Question 33

what is the default monitoring interval of ec2 by cloud watch?

Answer 33

every 5 minutes.

Question 34

2 differences between efs and ebs

Answer 34

increase in size, mounted simaltaneously on multiple ec2 instances

Question 35

difference between acl and security groups

Answer 35

acls - stat, have both allow and deny rules

Question 36

what is a bastion host?

Answer 36

it’s a host in the public subnet that you use to connect to an instance in the private subnet

Question 37

what is the largest subnet you can use in an AWS VPS?

Answer 37

/16

Question 38

what is the smallest subnet you can condigure in an AWS VPC?

Answer 38

/28

Question 39

what kind of vpc configuration peering is allowed: star or transitive

Answer 39

star only not transitive

Question 40

what is created by default when a vpc is created?

Answer 40

security group, network acl and route table

Question 41

how many IP addresses are reserved per subnet?

Answer 41

5

Question 42

can you have multiple internet gateways per vpc?

Answer 42

no

Question 43

can you use a security group from one vpc in another vpc?

Answer 43

no, security groups do not span VPCs

Question 44

what is the difference between a nat instance and a nat gateway?

Answer 44

a nat instance is an ec2 instance with nat functionality whereas a nat gateway ihas HA, etc.

Question 45

are NAT gateways assigned to a security group?

Answer 45

no

Question 46

are nat gateways automatically assigned a public IP address?

Answer 46

yes

Question 47

which of the following does a security group allow by default: all in bound traffic or all outbound traffic?

Answer 47

all outbound traffic

Question 48

how many public subnets do you need at a minimum ro be able to configure a load balancer?

Answer 48

two

Question 49

at what different levels can flow logs be created?

Answer 49

VPC, subnet, network interface level

Question 50

after creating a flowlog can you change it’s association?

Answer 50

no