Certified Developer Associate

Question 1

When would you use high-resolution CloudWatch metric?

Answer 1

When application needs monitoring with frequency of 10 or 30 seconds.

Question 2

When working on AWS CodeBuild you want to override build command to test the change. You have access to run the build but not to edit code build project. What process can be used to override build command?

Answer 2

Run the start build AWS CLI command with buildspecOverride property set to the new buildspec.yml file

aws codebuild start-build –generate-cli-skeleton

Question 3

Explain lazy loading strategy in Elastic Cache cluster

Answer 3

When data requested doesn’t exists or is expired in the cache, lookup into db is performed and result stored in the cache after.

Question 4

Explain write through strategy in Elastic Cache cluster

Answer 4

adds data or updates data in the cache whenever data is written to the database.

Question 5

Which API call should a developer used when application is trying to access S3 bucket?

Answer 5

STS:AssumeRole

Question 6

Which service should developer use when migrating an application that uses Microsoft SQL with Transparent Data Encryption?

Answer 6

RDS supports TDE for SQL servers

Question 7

How we can we route traffic to API gateway for different stages without creating separate API for each?

Answer 7

make use of stage variables as configuration attributes that are associated with deployment stage of an API. They act as environment variables and can be used with stage API setup.

Question 8

What is required to set CloudWatch alarm?

Answer 8

Period - length of time to evaluate the metric to create individual data point.
Evaluation Period - number of most recent data points to evaluate when determining alarm state.
Datapoints to Alarm - number of datapoints within the evaluation period that must be breached to cause alarm state.

Question 9

How can developer change the instance size of the Elastic Beanstalk?

Answer 9

during environment creation, creating configuration file in S3. Configuration files are applied from different source with different precedence.

• applied directly to environment
• saved configurations
• configuration files (.ebextensions)
• default values

Question 10

Which deployment methods will deploy Elastic Beanstalk code to only new instances?

Answer 10

Immutable deployment - deploys new set of instances with new version of application code in separate auto scaling group.
Blue/Green deployments - allows separate deployment environment too.

Question 11

Ratio of Read and Write operations in DynamoDb is 1000 : 1. What can be enabled on dynamoDb table to optimize performance and minimize costs?

Answer 11

DynamoDb Accelerator - DAX is DynamoDb caching service for read heavy or bursty workloads while keeping latency at minimal.

Question 12

What rates can S3 support?

Answer 12

3,500 requests per second to add data and 5,500 requests per second to retrieve data.

Question 13

How do you control API front-end and back-end interactions via API Gateway?

Answer 13

Modify method request/response for FE and

Integration request/response for BE.

Question 14

AWS Lambda functions is interacting with DynamoDb table and results and being returned with a delay. What is the best way to debug and identify this performance issue?

Answer 14

Use AWS X-Ray to see where the downstream delay could be. Can also be used to investigate latency issues.

Question 15

How to configure server side encryption for S3 artefacts?

Answer 15

server side encryption is enabled on bucket level.

KMS custom key and use it for S3 encryption.

Question 16

How would you develop AWS application to compensate for network delays?

Answer 16

Retries in my application code with exponential backoff algorithm (progressively longer waits between retries for consecutive error responses).

Question 17

What does user pools in AWS Cognito provide?

Answer 17

• Web UI to sign in users and social sign via Facebook, Google etc.
• User directory management and profile.
• Security such MFA, phone email verification.

Question 18

You have application that stored data in DynamoDb table. How can you achieve encryption at rest?

Answer 18

DynamoDb offers encryption during a table creation using KMS managed encryption key for DynamoDb.

Question 19

Different deployment strategies for Elastic Beanstalk?

Answer 19

All at once
Rolling
Rolling with additional batch
Immutable
Blue/Green

Question 20

Your application process data from multiple devices and some preprocessing needs to happen before it can be analysed by Analytics tool. What can be used to carry this activity?

Answer 20

AWS lambda can be used to preprocess data from Kinesis Analytics. It give you flexibility in terms of what data could actually be analysed.

Question 21

You are required to customise a content that Cloudfront (content delivery framework) Distribution delivers, the content origin is S3. How could this be achieved?

Answer 21

Lambda@Edge allows you to execute functions that Cloudfront delivers. Functions are executed globally and are closer to the viewer reducing latency and improving user experience.

Question 22

What tool in AWS will let you managed whole project life cycle

Answer 22

AWS CodeStar

Question 23

How can you deliver new version of application to a portion of user when using Route 53 DNS

Answer 23

Use Route 53 weighted routing policies, you can select how much traffic is routed to each resource.

Question 24

You need to automate deployment different Lambda functions to multiple accounts, what can be used to automate deployment?

Answer 24

AWS CloudFormation is a service that can deploy infrastructure as code, with ability to deploy into different accounts.

Question 25

When deploying lambda function with multiple version using AWS CodeDeploy what needs to be done in order to deploy correct version?

Answer 25

AWS CodeDeploy config file is called AppSpec file, there we can specify a version to be deployed.

Question 26

How can you get private/public IP from EC2 instance?

Answer 26

Query the instance MetaData.

Question 27

Where should you store files such as videos in AWS to ensure components are decoupled?

Answer 27

AWS Simple Storage Service (S3).

Question 28

How do you calculate read capacity in DynamoDb?

Answer 28

(items / seconds) = items per second
items / 4kb = value to whole number
items per second x value to whole number

If eventual consistency x 2

Question 29

How can you monitor incoming connections to the load balancer?

Answer 29

ELB provides access log that capture detailed information about the request coming in.

Question 30

Your application stores data in DynamoDb there is a requirement that once record is inserted secondary table is also updated. What feature can be used in order to accomplish this?

Answer 30

AWS DynamoDb streams contains a time ordered sequence of item level modification stored for 24h.

Question 31

What can you do to avoid throttling errors when scaling large DynamoDb table?

Answer 31

reduce scan page size which by default is 1MB

Question 32

What needs to be done for a lambda function to be able to access resources in a VPC?

Answer 32

Subnet and Security group ID

Question 33

What is write capacity of dynamoDb?

Answer 33

1 items of 1kb per 1 sec

Question 34

There are sets of videos that needs to be accessed via unauthenticated identities. How can we best achieve this using AWS?

Answer 34

Use AWS Cognito with unauthenticated identities enabled

Question 35

How can you provide a cross account access to AWS Code Commit repository?

Answer 35

create cross account role with privileges and provide ARN to developers.

Question 36

Lambda is processed asynchronously if the functions fails you need a way to debug issues, how can this be achieved?

Answer 36

Use dead letter queue and direct those messages at SQS or SNS topic to analyse for failure.

Question 37

What are the limits when you upload or download objects from S3 when encrypted at rest using KMS?

Answer 37

10k, anymore will exceed throttle limits for KMS API calls.

Question 38

When maintaining application using Elastic Beanstalk how can you manage application version limit?

Answer 38

create application lifecycle policy.

Question 39

When data in DynamoDb table data is needed across multiple regions around the world. What can help to reduce latency of requests?

Answer 39

enable global tables (multi-region, multi master) for dynamoDb

Question 40

Large dataset needs to be streamed directly onto Amazon S3, what could be used for this requirement?

Answer 40

Kinesis Data Firehose can be used for real time streaming data into S3, Redshift, ElasticSearch Service and Splunk

Question 41

You access your application via API gateway and you plan to move users from older version to newer version, how can this be achieved?

Answer 41

Create another stage in API gateway.

Question 42

When deploying AWS resources using Cloudformation, how templates should be managed when there is high number of resources?

Answer 42

Break big template into smaller multiple templates.

Question 43

The application hosted on EC2 has been changed to make calls to API gateway, however there is no response and errors are being returned , how could this be fixed?

Answer 43

Enable CORS for the API gateway.

Question 44

Mobile application need to use AWS authentication where users have MFA enabled, what can be used to achieve this?

Answer 44

AWS Cognito with MFA.

Question 45

You have create some custom policies, how can you test them via CLI?

Answer 45

1. Get context key, and aws iam sumulate-custom-policy command by passing context keys.

Question 46

Your AWS CodePipeline is using resources which are shared across multiple AWS accounts. What’s needs to be done in order to accomplish deployment?

Answer 46

Define customer master key in KMS

Add a cross account role

Question 47

How does CloudTrail works?

Answer 47

logs all authenticated requests to IAM and AWS STS APIs

logs non authenticated requests to AWS STS actions, AssumeRoleWithSAML and AssumeRoleWithWebIdentity.

Question 48

You are planning on running periodic tasks on Elastic Beanstalk using worker role. What is a must as part of the deployment?

Answer 48

cron.yaml file

Question 49

When deploying application using CloudFormation what steps needs to be carried out?

Answer 49

sam package and deploy command.

Question 50

You made a change to a Lambda function and you need to shift traffic slowly from one function to another function, what steps needs to be carried out?

Answer 50

create an ALIAS with the -routing-config parameter and update ALIAS with the -routing-config parameter.

This will enable you to shift traffic if form of % rather than everything at one go.

Question 51

Application is using DynamoDb tables and there is a requirement that user can only view certain items in table. How can this be accomplished?

Answer 51

IAM Policies with specific conditions.

Question 52

You have created Lambda function behind a API gateway, you need to control access to it. What can be used to achieve this?

Answer 52

AWS Cognito User pool, Lambda Authorisers

Question 53

Use streaming records using Kinesis Firehose onto S3, there is a requirement to enable encryption at rest, how can this be done?

Answer 53

Enable encryption for Kinesis Data Firehose,

ensure that Kinesis streams are used to transfer data from producers.

Question 54

You need to use Jenkins in your CI/CD pipeline and other AWS services for deployment. What needs to be done in order to fulfil this requirement?

Answer 54

Configure EC2 with Jenkins installed, IAM roles for EC2 to access Code Pipeline.

Question 55

You are deploying EC2 instances using Cloudformation templates, instances need to be pre configured with with the NGINX web server to host the application. How can this be achieved?

Answer 55

Use the cfn-init helper script in Cloudformation.

Question 56

What must be done to ensure X-Ray service can be used with Lambda function?

Answer 56

Ensure IAM role assigned to the Lambda functions has access to X-Ray service.

Question 57

In AWS Lambda what is the default setting for memory and timeout?

Answer 57

128MB and 3sec

Question 58

You need to create Elastic Beanstalk environment that will use a lot of custom installed software, how can the environment be prepared?

Answer 58

Create custom AMI as if you need to install a lot of software that isn’t included in standard.

Question 59

When working with search queries in DynamoDb, what must be done in order for this to work?

Answer 59

Specify a key condition expression in the query, partition key name and value in equality condition

Question 60

What is the config name and format for AWS CodeDeploy?

Answer 60

AppSpec.json

Question 61

How can blue green deployment be implemented, give some examples?

Answer 61

Route 53 weighted routing policies, Elastic Beanstalk swap URL feature.

Question 62

What can be used to see Lambda invocation errors?

Answer 62

Cloudwatch

Question 63

What command would you use to generate data key using KMS in encrypted format?

Answer 63

GenerateDataKeyWithoutPlaintext command

Question 64

What is AWS Lambda Alias?

Answer 64

Pointer to specific lambda function version

Question 65

You are using AWS SQS queues and there is requirement that once message is added it should be invisible for 5 mins to consumers, how can this be done?

Answer 65

Implement Delay Queues is AWS, change the message timer value for each individual message.

Question 66

When working with DynamoDb and you only want to retrieve certain attributes from a table in a query, what would you use for this?

Answer 66

Projection expression let’s you identify what attributes you want in form of a string.

Question 67

What is a recommended practise when working with activity workers and tasks in StepFunctions?

Answer 67

Ensure to specify timeout in state machine definitions, if passing large payload between the states consider using s3

Question 68

You create Cloudformation templates that needs to be created across accounts with least amount of effort, which of the following would assist in accomplishing this?

Answer 68

Creating Cloudformation StacksSets

Question 69

When creating RDS database as part of Elastic Beanstalk application, how can you preserve data after environment is torn down?

Answer 69

ensure the db is created as part of environment

retention of database is marked as create snapshot

Question 70

When load testing an application that is using DynamoDb for storage, which service would you use to ensure that Consumed capacity does not go above throughout capacity?

Answer 70

AWS Cloudwatch

Question 71

What are minimum requirements to host a static website in s3?

Answer 71

enable hosting on a bucket
configure an index document
configure permission for website access

Question 72

What feature of AWS Cognito can be used to in analyse stored information inside Cognito?

Answer 72

Cognito Streams

Question 73

How to perform blue/green deployment of Elastic Beanstalk application?

Answer 73

create new environment in the application with updated application and perform a swap

Question 74

What feature of X-Ray SDK would you use in order to trace all incoming HTTP requests?

Answer 74

Interceptors

Question 75

When transferring data from Amazon S3 to Redshift you need to define source and destination location. Which part of DataPipeline allows you to define those locations?

Answer 75

Data Nodes

Question 76

When loading data to Redshift for S3, which command should you use for this activity?

Answer 76

COPY

Question 77

How can you calculate initial number of shards for the Kinesis stream when getting data from various log sources.

Answer 77

Incoming write bandwidth,

Outgoing read bandwidth

Question 78

How can you go back to previous policy if current one is not working?

Answer 78

Revert back to previous version of the policy.

Question 79

How can you encrypt connection from application to MySQL RDS instance?

Answer 79

SSL

Question 80

If you want to specify amount of time object is stored in the CloudFront cache, how can this be done?

Answer 80

Configure origin to add an Expires header field to the object
Specify a value for Minimum TTL is CloudFront cache behaviours

Question 81

What is advantage of initialising any external dependencies of your Lambda function code?

Answer 81

Ability to reuse Execution Context

Question 82

In AWS Lambda how can we solve CodeStorageExceededException?

Answer 82

Reduce the size of your code