AWS Workflows

Question 1

Target Tracking or Step Scaling

Answer 1

• AWS recommends Target tracking over Step scaling.

Question 2

Predictive scaling vs Dynamic scalling

Answer 2

• Predictive uses ML

- Dynamic uses metrics like CPU Untilization

Question 3

NLB - Network Load Balancer

Answer 3

• Layer 4 Routing
• TCP/UDP
• Ultra low latency
• Static IPs in the VPC
• Uses VPC Endpoint Services

Question 4

ALB - Application Load Balancer

Answer 4

• Layer 7 Routing
• Http
• Cross zone by default

Question 5

Auto Scaling Cooldown

Answer 5

• Default 5 mins
• Amount of time scaling waits before taking action
• configurable

Question 6

WAF - Web Application Firewall

Answer 6

• Rules to filter web traffic
• Ips, http headers, body, customer urls, location
• Plugs into ALB
• used to block common exploits like SQL injection / Cross sight scrip

Question 7

SQS - Simple Queue Service

Answer 7

• Poll based messaging
• used to decouple web tier and app tier
• retention default 4 days ( 1min to 14 days)
• Short and Long Polling
• Message deleted on successful returns
• inflight encryption
• encryption at rest can be configured with KMS - not default

Question 8

SQS - Hides the message before consumers can process

Answer 8

• Delivery Delay
• Default is 0
• up to 15 mins

Question 9

SQS - Locks message so other consumers can’t process it

Answer 9

• Visibility Timeout
• Locks message so other consumers can’t process it
• Default is 30 seconds

Question 10

SQS - Short Polling

Answer 10

• Reads the queue if no messages disconnects

- Default

Question 11

SQS Long Polling

Answer 11

• Connect and wait for messages
• Must configure
• Can reduce cost

Question 12

SQS - Standard

Answer 12

• Best effort ordering
• Might get a message twice
• Unlimited transactions per second
• Lower cost

Question 13

SQS - FIFO

Answer 13

• Messages are ordered
• No message duplicates
• 300 messages per second
• 3000 messages if batched
• cost more

Question 14

SQS - Dead Letter

Answer 14

• Used to sideline message that won’t process
• max receives before being added to DL
• cloud watch alarms on DL
• can setup to notify vi SNS

Question 15

SQS Message Size

Answer 15

256

Question 16

SQS Queue Depth

Answer 16

• Can trigger more subscribers via cloud watch events

Question 17

SNS - Simple Notification Service

Answer 17

• Push service to subscribers
• used to fan out to SQS
• encryption
• access policies
• typical use case email alerts

Question 18

NLB with SSL

Answer 18

• Passes through

- Terminates on service such as ec2

Question 19

ALB with SSL

Answer 19

• Terminates on ALB

- New connection to Service

Question 20

How many messages per sec can a fifo aws support?

Answer 20

300 or 3000 if batching

Or

3000 or 30,000 with high throughput

Question 21

Protocols used by SNS

Answer 21

Http/https
JSON-email
SQS
SMS

Question 22

How do you update a launch configuration with a new ami?

Answer 22

You don’t. You create a new one and update the asg to use the new configuration

Question 23

Can an asg be modified once defined?

Answer 23

Yes

Question 24

Can you add running ec2 instances to an asg?

Answer 24

Yes

Question 25

Adding a target group with running instances to an asg fails. Why?

Answer 25

The max capacity configuration was exceeded

Question 26

How is cache enabled on api gateway

Answer 26

Create a cache for a stage and configure a ttl

Question 27

An asg has only one subnet with ec2 instances running after creating the infrastructure. Why?

Answer 27

Only one subnet was added to the asg

Question 28

How can alb support OIDC idp such as google and Facebook

Answer 28

Creat authentication action on listener rule that configures an aws cognitive pool

Question 29

Does sqs support encryption?

Answer 29

Yes
Default in flight
Rest with KMS not default

Question 30

Does SNS support encryption

Answer 30

Yes

Question 31

How can you limit excessive api usage from a single customer in API Gateway

Answer 31

Use a client throttle

Question 32

Internet facing ELB

Answer 32

Nodes have public IPs
Routes traffic to private
Needs 1 public subnet in each ax where elb is defined

Question 33

Internal facing ELB

Answer 33

Nodes have private IPs

Routes to private IPs

Question 34

ALB can target what resources

Answer 34

EC2
IP address
Lambda
ECS

Question 35

NLB can target what resources

Answer 35

EC2

IP address

Question 36

NLB nodes have what kind of IPs in each subnet

Answer 36

Elastic IP

Question 37

SQS type for request-response message pattern

Answer 37

SQS temporary queues - used for higher throughput

Question 38

Set of spot and optionally on demand instances launch to meet target demand

Answer 38

Spot fleet

Question 39

WAF supports rules on

Answer 39

WAF, security groups, shield

Question 40

Two classes of service. Process class a requests over class b requests using sqs?

Answer 40

Two sqs queues. Prioritize polling if the higher class

Question 41

What AWS service can assist with coordinating tasks across distributed application components?

Answer 41

SWF

Question 42

Lambda supports how many concurrent executions per aws account

Answer 42

1000

Question 43

What types of IPs are valid targets for an alb

Answer 43

Private

Question 44

Does SNS have a fifo version?

Answer 44

Yes

Question 45

Does SNS fifo guarantee order?

Answer 45

Yes