AWS DB

Question 1

DynamoDB: How can you make sure to get the most up-to-date items on a ‘GetItem’ call?

Answer 1

Set the ‘ConsistentRead’ parameter to ‘true’ when using the ‘GetItem’ operation

Question 2

When issuing the COPY command to copy S3 data to Redshift, you receive the following error:

‘[Amazon] (500310) Invalid operation: S3ServiceException’

What is the likely cause?

Answer 2

an incorrect or non-existent IAM access key

Question 3

Aurora MySQL:

All database schema and permissions changes must be captured by auditing. How do you achieve this? (2)

Answer 3

(1) Enable Advanced Auditing
(2) Specify ‘QUERY_DCL’ and ‘QUERY_DDL’

Question 4

What is DCL in a MySQL table?

Answer 4

Data Control Language query (GRANT or REVOKE permissions)

Question 5

What is DDL in a MySQL table?

Answer 5

Data Definition Language (CREATE or ALTER table schema)

Question 6

How can you use on-prem Active Directory to allow access to an RDS database? (2)

Answer 6

Create a forest trust between existing AD and AWS Directory Service for Microsoft Active Directory (AKA AWS Managed Microsoft AD).

Configure RDS to operate with “mixed mode authentication”

Question 7

How can you protect a Redis Cluster from unauthorized access? (2)

Answer 7

Adjust Security Group to only allow trusted clients, and only on TCP port 6379

Enable encryption (in transit & at rest) including Redis AUTH. Clients must use ‘auth-token’) parameter when connecting.

Question 8

Easiest way to prevent changes to a DB when additional services are added to its CloudFormation template? (2)

Answer 8

Use a stack policy to deny updates to the DB.

Review the change set before deploying new resources.

Question 9

In addition to setting the ‘DeletionPolicy’ to ‘retain’ and the ‘DeletionProtection’ attribute of a CF template to ‘true’, what step should be taken to make sure there is not accidental data loss when a CF stack is deleted?

Answer 9

Set the ‘DeleteAutomatedBackups’ property of the DB resource to ‘false’

Question 10

What can be used to minimize writer downtime in the event of a failure on your main Aurora instance?

Answer 10

Cluster Cache Management (CCM)

Question 11

How can you provide a cross-region snapshot for a Redshift cluster?

Answer 11

launch a ‘snapshot copy grant’ for a master key in the backup Region. Enable cross-Region snapshots on the cluster.

Question 12

T/F: You can alter the default parameter group of an RDS table?

Answer 12

False

Question 13

Why can’t you use cross-region replication on the S3 bucket storing your RDS snapshots?

Answer 13

Because you do not have access/control over that underlying S3 bucket.

Question 14

How often is the automated snapshot on RDS? Can you get snapshots more frequently?

Answer 14

24 hours.

You could manually collect more frequent snapshots or configure a lambda function to automate the process.

Question 15

Can you have encrypted Read Replicas of unencrypted RDS instances?

Answer 15

no

Question 16

What is the likeliest cause of significant replication lag when reading from a read replica (RDS)?

Answer 16

There are long-running queries on the primary DB instance

Question 17

How long can automated RDS snapshots be retained?

Answer 17

35 days

Question 18

How can you save an RDS snapshot for years?

Answer 18

Have a Lambda function take a manual snapshot and store it in an S3 bucket.

Question 19

What is an Aurora cluster-level parameter to monitor health of your cluster when issuing a large number of COMMIT and ROLLBACK commands to the database?

Answer 19

IO:XactSync

Question 20

For a Microsoft SQL Server migration, how does DMS read ongoing changes from the source database?

Answer 20

using the ‘fn_dblog()’ or ‘fn_dump_dblog()’ function in SQL Server to read from the transaction log based on the Log Sequence Number (LSN)

Question 21

DynamoDB: How can you ensure stale data is not cached in Elasticache?

Answer 21

Use a write-through caching strategy.

Question 22

Elasticache: How can you minimize wasted space on the cluster?

Answer 22

Enable Time to Live (TTL) on the Elasticache cluster

Question 23

How do you move an automated snapshot of an RDS instance to another region?

Answer 23

You must first copy it as a manual snapshot, then you may transfer it to another region.

Question 24

RDS for PostgreSQL: How can you reduce the storage impact of logs on the DB instance?

Answer 24

Publish logs to CloudWatch. Reduce the ‘rds.log_retention_period’ parameter from default 4,320 minutes to a smaller value like 1,440 minutes (1 day). This will reduce the total log storage space needed on the instance itself.

Question 25

What is the fastest way to migrate RDS PostgresQL to an Aurora instace?

Answer 25

Generate an Aurora Read Replica and promote it to a standalone Aurora DB cluster upon cut-over.

Question 26

What is wrong with this: I want to stop my RDS instance for a month to reduce cost while it is not in use.

Answer 26

Stopped RDS instances automatically start in 7 days to make sure they do not miss critical patches

Question 27

Redis: how to establish fault-tolerance with data loss not exceeding one hour? (2)

Answer 27

Set up Elasticache Multi-AZ with automated failover

Schedule Manual backups using Redis Append-Only file (AOF)

Question 28

How can you migrate to an RDS instance of different storage size

Answer 28

Do a homogenous replication using DMS to a newly created RDS instance of the desired size. Restoring from a snapshot will always create a DB of the same storage size as the original RDS instance.

Question 29

What command is used to copy data from S3 to a redshift cluster?

Answer 29

‘COPY’

Question 30

When doing a COPY from S3 to Redshift, what does it mean if you get a ‘[Amazon] (500310) Invalid operation: S3ServiceException’ error?

Answer 30

You’ve used an incorrect or nonexistent IAM access key to access the S3 bucket.

Question 31

What is the most likely cause of missing an automated daily RDS snapshot? (2)

Answer 31

A copy of the snapshot for this DB instance is ongoing in the same region.

the DB instance is in the ‘STORAGE_FULL’ state.

Question 32

What will happen to your DynamoDB Streams settings when you restore DDB to a recent backup?

Answer 32

They will not be included and need to be re-implemented.

(also TTL, tags, CloudWatch metrics and alarms, IAM policies, and Auto scaling policies)

Question 33

RDS snapshot recovery: what needs to be re-configured once you create a new DB from a snapshot? (2)

Answer 33

Security group, any custom parameter groups

(by default, it will attach the default SG, not allowing traffic.)

Question 34

How can you increase the number of connections allowed to a single Aurora DB instance? (to avoid ‘Too many connections’ errors?) (2 - OR)

Answer 34

Set a larger value for ‘max_connections’ in the DB parameter Group.

OR

Scale up the instance class to achieve more memory and a higher default ‘max_connections’.

Question 35

How can you reduce the load on an aurora cluster that is experiencing a spike in IO:Xactsync?

Answer 35

configure your application to commit transactions in batches.

Question 36

Aurora PostgreSQL: How can you produce an audit log containing information on all connections to the DB?

Then send to a 3rd-party tool?

Answer 36

Set up database activity streams and send encrypted logs to an Amazon Kinesis stream. Integrate the stream with the 3rd-party tool.

Question 37

DynamoDB: How to always fetch most up-to-date data when using GetItem API?

Answer 37

Set the “ConsistentRead” parameter to ‘true’ when using the ‘GetItem’ operation

Question 38

How can you make sure multiple users do not interfere with each other’s ‘UpdateItem’ operations on a DynamoDB table?

Answer 38

Use condition expressions in the ‘UpdateItem’ Operations.

For instance, you could set a condition to see if the CURRENT value is the same as when you started your operation. If it has changed, you can abort your update.

Question 39

Can BatchWriteItem be used to Update items? (DynamoDB)

Answer 39

No

Question 40

What is the FASTEST way to load data from a predefined data set to Amazon Aurora?

Answer 40

Load flat files to S3 and use the “LOAD DATA FROM S3” command to fetch that data into Aurora (of course you must also grant it permissions).

This method diminishes in effectiveness once the size of the data increases significantly. Then you might consider SQL which is slower but can use small batch sizes.

Question 41

What Redshift feature allows it to scale to meet fluctuating numbers of incoming queries?

Answer 41

Concurrency Scaling

Question 42

DynamoDB: How do you retry only the unprocessed items in the event that your BatchGetItem or BatchWriteItem operations return a partial result?

Answer 42

use the ‘UnprocessedKeys’ map from the response to reprocess the failed items.

Question 43

Which elasticache option allows for multi-threaded processing of cached queries?

Answer 43

While Redis is generally more feature-rich and can scale out, Memcached is the service which can accommodate multi-threaded command execution.

Question 44

Neptune: What tool can be used to bulk load CSVs from S3?

Answer 44

The Bulk Loader API with Gremlin

Question 45

What is the main restriction when bulk loading CSVs into Neptune using the Bulk Loader API with Gremlin?

Answer 45

The set of CSV files for each load command must be in the same folder in S3

Question 46

When defining a new Secret for Secrets Manager in Cloudformation, what resource attribute will allow you to set the period after which the secret rotates?

Answer 46

AWS::SecretsManager::RotationSchedule

Question 47

What Aurora feature should be used when you want to make copies of the main instance upon request without impacting production

Answer 47

The Aurora Clone Feature

Question 48

RDS: What is the easiest way to view a record of SQL statements and investigate a performance incident?

Answer 48

Review the performance insights dashboard

Question 49

What 2 conditions will make it so you cannot delete an aurora instance in a cluster? (both needed)

Answer 49

The cluster is a read replica of another cluster

The instance is the only instance in the cluster

Question 50

Other than a Neptune instance, an S3 bucket, and the necessary IAM permissions, what is needed to do the ‘Loader’ command to populate Neptune from data in S3?

Answer 50

an s3 VPC endpoint

Question 51

When it comes to making a DB subnet group in your VPC, what 2 features should be considered?

Answer 51

The DB subnet group should include at least 2 subnets, in each of at least 2 different AZs.

All subnets in the group must be public OR private. The group cannot be a mix of both.

Question 52

What does AWS provision for you when you create an Aurora Activity Stream?

Answer 52

a Kinesis stream which can be connected to other applications.

Question 53

Are RDS performance insights provisioned on the per-instance level, or the per-cluster level?

Answer 53

per-instance

Question 54

What are the retention options for RDS performance insights?

Answer 54

7 days

or

2 years

Question 55

DMS: How do you load a large partitioned table most efficiently?

Answer 55

Create multiple tasks that divide the large table load based on its partition key

Question 56

DMS: How do you prevent DMS from launching too many parallel table load tasks?

Answer 56

Limiting the MaxFullLoadSubTasks

Question 57

What is the default MaxFullLoadSubTasks in DMS? When should you change this?

Answer 57

8. This can be raised when your replication instance is very large, or reduced when you are using a smaller DMS replication instance type.

Question 58

You have set up IAM Database Authentication for your RDS PostgreSQL instance. You have given the IAM users the appropriate ‘rds-db:connect’ permission, but they are still unable to connect. Why?

Answer 58

The ‘rds_iam’ role needs to be granted in the PostgreSQL database user

Question 59

The most cost-effective way to homogenously migrate a large (1TB) on-prem MySQL server to AWS RDS? (5[?!?])

Answer 59

Enable binary logging replication on-prem

Create a backup using mysqldump and compress it

Load compressed files to EC2 and uncompress

Connect RDS and load data

Enable replication from on-prem to RDS

Question 60

The fastest way to encrypt an unencrypted Aurora DB

Answer 60

Restore a snapshot of the unencrypted cluster to an encrypted cluster. (Can do in Aurora, NOT vanilla RDS)

Question 61

DMS - how to ensure you can fully validate successful data transfer before making the cut-over?

Answer 61

Make sure ‘enable validation’ and ‘enable cloudwatch logs’ are both turned on.

Question 62

When using IAM database authentication (RDS PostgreSQL), what should a data engineer do to generate access credentials for users who need temporary access?

Answer 62

Execute the generate-db-auth-token command with the user names to generate a temporary password for the users

Question 63

What settings have to be true in an RDS PostgreSQL database in order to switch to IAM database authentication while the instance is running?

Answer 63

‘ssl’ must be set to ‘1’, then you can simply ‘Enable IAM Database Authentication’

Question 64

DMS - How do you most quickly migrate tables with LOBs?

Answer 64

Use limited LOB mode and provide the largest LOB size. (Any larger LOBs are truncated)

Question 65

What is the maximum LOB size in Limited LOB mode?

Answer 65

100MB

Question 66

DMS Heterogeneous migration - How can you review the license requirements and hardware configurations for both source and target databases?

Answer 66

Use AWS Schema Conversion Tool (AWS SCT) and create a database migration assessment report.

Question 67

Can you modify an existing Aurora stand-alone cluster to an Aurora Serverless cluster?

Answer 67

No. You must restore it from a snapshot to an Aurora Serverless cluster.

Question 68

What is the likeliest cause of an Aurora cluster cutover to a Read Replica taking 5 minutes?

Answer 68

The client-side application has a TTL for the DNS of 5 minutes. This setting should be no more than 30 seconds to allow faster DNS-based fail-over.

Question 69

How can you improve the read performance AND data capacity of an existing Redis cluster where cluster mode is disabled?

Answer 69

Make instance bigger. (cannot enable cluster mode, must create new Redis cluster to do this)

Question 70

How can you improve the read performance of an existing Redis cluster where cluster mode is disabled?

Answer 70

add redis cluster with read replica nodes OR make instance bigger. (cannot enable cluster mode, must create new Redis cluster to do this)

Question 71

What is the fastest way to migrate an existing RDS PostgreSQL database from the default VPC to a more highly secure new VPC in the same region?

Answer 71

Create a new DB Subnet group associated with the new VPC (in the same AZs as current instance). Associate the RDS instance to the new DB Subnet group.

Question 72

How long can it take DynamoDB to delete expired items using TTL.

Answer 72

It does this on a best-effort basis as to not impact performance. It is usually within 48 hours of the item’s expiration.

Question 73

T/F Aurora allows the use of the backtrack feature, but RDS does not

Answer 73

True.

Question 74

RDS - what can prevent the creation of a read replica

Answer 74

The automatic snapshot retention period must be set to a value greater than 0 (the default)

Question 75

DocumentDB - what 2 steps to audit events where an index or collection is created or dropped.

Answer 75

in custom parameter group - enable ‘audit_logs’

Modify the DocumentDB cluster to export the audit logs to CloudWatch

Question 76

Easiest way to get notified when management events or maintenance tasks occur on your Redshift cluster?

Answer 76

create an event subscription that sends a notification for Management events FROM THE Redshift console.

Question 77

DocumentDB - how can you identify the slowest-running queries on your cluster?

Answer 77

You must enable the profiler feature and send logs to CloudWatch

Question 78

How do you exclude a specific set of Aurora instances from an endpoint when more replica instances may be added to the cluster in the future?

Answer 78

Create an ANY custom endpoint with an exclusion list

Question 79

How can you integrate queries between data hosted on PostgreSQL RDS and a Redshift cluster that are hosted in different regions? (2)

Answer 79

Connect your Redshift cluster to the PostgreSQL DB

Create an external schema from the PostgreSQL database and use federated queries

Question 80

RDS - How to quickly fix STORAGE FULL

Answer 80

increase the storage size, after which storage autoscaling can be configured.

Question 81

If you have a predictable DynamoDB load with lots of UpdateItem requests and you are getting ProvisionedThroughputExceededException at high traffic, what should you do?

Answer 81

Use provisioned mode to forecast capacity for high demand. Increase the provisioned WCUs

Question 82

What can prevent enabling AUTH for a Redis cluster

Answer 82

encryption in-transit must be enabled at creation of the Redis cluster, and is required.

Question 83

How do you test a disc failure event on Aurora?

Answer 83

fault injection queries