Compute (EC2, EBS, ELB, Lambda, Elastic Beanstalk)

Question 1

What is the difference between a Lambda function policy and an execution role?

Answer 1

The function policy defines which AWS event sources are allowed to invoke the function, used with a push-based strategy

The execution role determines which event sources the function has access to during execution, used with a poll-based strategy

Question 2

Which four event sources are supported for poll-based mappings using an execution role? Are these mappings synchronous or asynchronous?

Answer 2

a) Kinesis
b) SQS
c) DynamoDB
d) Managed Streaming for Kafka

Synchronous

Question 3

What are the four EC2 pricing models and what are their characteristics?

Answer 3

a) on-demand, a fixed rate by the hour
b) reserved, cheaper than on-demand, but tied into a one or three year contract
c) spot, bidding for excess capacity
d) dedicated host, servers allocated specifically to the customer

Question 4

What are the four volume types of Elastic Block Storage that can be attached to an EC2 instance, and what are they suitable for?

Answer 4

a) general purpose (GP2) SSD, for balanced price/performance
b) provisioned IOPS (IO1) SSD, for workloads requiring over 10,000 IOPS
c) throughput optimised (ST1) HDD, for throughput intensive workloads, eg data warehouses
d) cold (SC1) HDD, for less frequent access, eg file servers

Question 5

What are the three types of Elastic Load Balancer?

Answer 5

a) application, which is used to route Layer 7 traffic
b) network, which is used to route Layer 4 traffic
c) classic, which is used to route either Layer 7 or Layer 4 traffic

Question 6

What does a 504 Error indicate?

Answer 6

That the gateway has timed out, ie that the request couldn’t be completed within the idle timeout period

This can occur when using API Gateway, CloudFront, ElasticLoadBalancing, or ElasticSearch

Question 7

Name three EC2 security configuration tasks that the user is responsible for

Answer 7

a) security groups
b) private subnets
c) encryption options

Question 8

How can encryption at rest be configured for an EC2 instance?

Answer 8

By configuring encryption when the attached EBS volume is created

Question 9

Which HTTP request header can be used to obtain the public IP address of the client when using an Elastic Load Balancer?

Answer 9

X-Forwarded-For

Question 10

Which six service families are able to invoke a Lambda function asynchronously using a function policy?

Answer 10

a) S3
b) SNS and SES
c) IoT and IoT Events
d) CloudFormation
e) CloudWatch Logs and Events
f) CodePipeline, CodeCommit and Config

Question 11

Which two IAM entities must be included in an execution role for a Lambda function to interact with other services?

Answer 11

a) an IAM policy defining the actions that can be taken by the function
b) a Trust policy granting AssumeRole permission to the function

Question 12

Does S3 trigger Lambda synchronously or asynchronously?

Answer 12

Asynchronously

Question 13

Does API Gateway trigger Lambda synchronously or asynchronously?

Answer 13

Synchronously

Question 14

Which seven languages are supported natively by Lambda?

Answer 14

C#, Go, Java, Node.js, PowerShell, Python, and Ruby

Question 15

What are the four Elastic Beanstalk deployment approaches?

Answer 15

a) all at once (default)
b) rolling, one batch at a time
c) rolling with additional batch
d) immutable, where a full set of new instances are spun up and given health checks before cutover

Question 16

Where must Beanstalk .config files be stored?

Answer 16

In the .ebextensions directory in the top level of the application source code bundle

Question 17

Which two formats are supported by Beanstalk .config files?

Answer 17

JSON, YAML

Question 18

Which three application servers are supported by Beanstalk?

Answer 18

Apache Tomcat (Java Servlet)
Phusion Passenger (Ruby, Python, Node)
Mongrel Puma (Ruby)