Domain 3: Development with AWS Services

Question 1

What is the maximum processing time of an AWS Lambda function?

Answer 1

Maximum processing time of 15 mins (cannot be increased)

Question 2

What is the maximum lambda concurrent executions?

Answer 2

1000 (can be increased by opening a support ticket)

Question 3

What are Lambda “layers” used for?

Answer 3

Additional code (libraries or custom runtime) in a .zip format for your lambda function to use.

Question 4

What are some of the serverless AWS services available?

Answer 4

Lambda, dynamodb, API Gateway, S3, SQS, SNS, Step functions and CloudWatch Events

Question 5

What is Lambda?

Answer 5

A serverless Function-as-a-Service (FaaS) event driven service

Question 6

How to refer to Lambda function versions?

Answer 6

Unqualified ARN -
arn:aws:lambda:aws-region:acct-id:function:helloworld
Refers to the $LATEST “helloworld” version

Qualified ARN -
arn:aws:lambda:aws-region:acct-id:function:helloworld:42
Refers to version 42 of the helloworld function

Question 7

What is AWS API Gateway?

Answer 7

AWS serverless service for managing HTTP, SOAP, REST traffic at scale

Question 8

What languages are supported by AWS Lambda?

Answer 8

Go, C#, Python, Nodejs

Question 9

What are the main AWS HTTP status codes and their meanings?

Answer 9

2xx - Success
4xx - Client error
5xx - Server side errors

400 - Bad request
401  - Unauthorized
403 - Forbidden/access denied
404 - Resource not found
409 - Conflict
429 - TooManyRequests

500 - Internal Server Error
503 - Service is unavailable

Question 10

What are the DynamoDB primary key types?

Answer 10

Partition key - Unique item attribute

Composite key - Partition + sort key (partition and sort key combo have to be unique)

Question 11

What are the different types of a DynamoDB secondary index?

Answer 11

Local Secondary Index

• Same partition key as primary but different sort key
• Can only create at same time table is created

Global Secondary Index

• Different partition and sort key
• Create at any time
• Eventual consistency only
• Own provisioned WCU/RCU

Question 12

What is the quota for secondary indexes per table?

Answer 12

5 Local secondary indexes

20 Global secondary indexes per table (can be increased)

Question 13

What is a WCU and RCU?

Answer 13

1 WCU = 1 x 1 kB write per second
1 RCU = 1 x 4 kB strongly consistent reads per second OR
2 x 4 kB eventually consistent reads per second

Question 14

What are some of the ways to reduce a query time with dynamodb?

Answer 14

1. –projection-expression : To only retrieve the attributes of each item that is needed
2. Increase the WCU/RCU
3. –page-size : To paginate the number of items per page

Question 15

What are some of the ways to increase a scan speed to dynamodb?

Answer 15

1. –projection-expression : To only retrieve the attributes of each item that is needed
2. Increase the WCU/RCU
3. –page-size : To paginate the number of items per page
4. Performing a parallel scan on the dynamodb table

Question 16

What are the supported documents of a dynamodb table?

Answer 16

HTML, XML or JSON

Question 17

How is access managed to dynamodb?

Answer 17

IAM policies, access can be granted on a per item basis as well

Question 18

What are the main db caching services?

Answer 18

DAX - DynamoDB accelerator, only for dynamodb

Elasticache - In memory caching

Both sit between the application and the database

Question 19

What is the Lazy Loading caching strategy?

Answer 19

Lazy Loading - Loads data into the cache only when necessary

• Set the TTL to reduce stale data
• Little wasted resources

Question 20

What is the “Write through” caching strategy?

Answer 20

Adds or updates data to the cache whenever data is written to the db

• Write penalty
• Wasted resources when data isn’t read

Question 21

How does dynamodb support ACID?

Answer 21

DynamoDB transactions: Multiple reads or writes which either fails or succeeds

Question 22

What is DynamoDB streams?

Answer 22

A time ordered sequence of item level modifications on a dynamodb table which can trigger a Lambda function

Data is stored for 24 hrs

Before and after item images can be captured

Question 23

What is EFS?

Answer 23

EFC - Elastic File System: Simple and scalable file storage to be used with EC2

Question 24

What is AWS RDS?

Answer 24

AWS Relational Database service

Question 25

How to enable encryption on an AWS RDS instance?

Answer 25

Create a snapshot and deploy that snapshot encrypted

Question 26

What are the main in-memory elasticache methods?

Answer 26

Memcached & Redis for sub-millisecond latency with in-memory caching

Question 27

What are the main differences between Redis & Memcached?

Answer 27

Memcached is great for simplicity, while Redis is great for persistence, complex data structures and ACID transactions

Question 28

What are the main AWS DynamoDB commands & their meanings?

Answer 28

aws dynamodb get-item # Get a single item in a table
aws dynamodb put-item # Write a single item
aws dynamodb batch-get-item # Get multiple items
aws dynamodb batch-write-item # Write multiple items

Question 29

A DynamoDB call returns a “unprocessedKeys” value to your query, what are some of the reasons this could be and how are the remediated?

Answer 29

1. The total data returned exceeds 16 MB
   - paginate your returned results
2. The table provisioned throughput has been exceeded
   - Retry the remaining batch get operation with the exponential backoff algorithm

Question 30

What are the attribute types of a DynamoDB item?

Answer 30

String (S), Number (N) or Binary (B)

Question 31

What are the main AWS messaging services?

Answer 31

SQS - Simple Queue Service
SNS - Simple Notification Service
SES - Simple Email Service

Question 32

What are the SQS queue types and their uses?

Answer 32

Standard - Not guaranteed to be ordered and may be delivered more than once but most efficient

FIFO - Guaranteed to be ordered and delievered only once

Question 33

What is the maximum message size in a SQS queue?

Answer 33

256 kB

Question 34

How do you deliver messages that are very large with SQS?

Answer 34

Using S3 with the “Extended Client Library for Java” up to a maximum of 2 GB

Question 35

What is the SQS visibility timeout?

Answer 35

It is a period of time from when a consumer consumes a message during which other consumers cannot receive and process the message.

Once the consumer has successfully processed a message it should delete it from the queue

Question 36

What is the SQS visibility timeout default value?

Answer 36

30 s

Question 37

What is the SQS visibility timeout minimum value?

Answer 37

0 s

Question 38

What is the SQS visibility timeout maximum value?

Answer 38

12 hrs

Question 39

What is the SQS message retention period?

Answer 39

The time a message is permitted to remain in a SQS queue

Question 40

What is the SQS message retention period default value?

Answer 40

4 days

Question 41

What is the SQS message retention period minimum value?

Answer 41

60 s

Question 42

What is the SQS message retention period maximum value?

Answer 42

14 days

Question 43

What is the AWS SQS delay queue?

Answer 43

Allows the producer of message to make a message invisible on the queue for a period of time before a consumer can read it

Question 44

What is the AWS SQS minimum SQS delay time?

Answer 44

0 s

Question 45

What is the AWS SQS default SQS delay time?

Answer 45

0 s

Question 46

What is the AWS SQS maximum SQS delay time?

Answer 46

15 mins

Question 47

What is the main difference between SQS & SNS?

Answer 47

SQS is pull-based & SNS is push-based

Question 48

What is SNS?

Answer 48

A pub/sub aws managed service

Question 49

What are the main protocols of SNS?

Answer 49

SQS, Lambda, HTTP, email, mobile push notifications & mobile SMS

Question 50

How can you deliver to multiple SQS queues?

Answer 50

With fanout - Publish to an SNS topic with SQS queues as the subscribers

Question 51

What is SQS long polling and short polling?

Answer 51

Short polling immediately returns a response if the queue is empty, while long polling will wait a given time (max 20 s) for a message to appear.

Long polling is cheaper and more efficient CPU wise

Question 52

What is the best way to prioritise messages with SQS?

Answer 52

Have a priority queue and a lower priority queue.

Have the client poll the priority queue and if it is empty check the lower priority queue.

Question 53

What is DynamoDB TTL?

Answer 53

Time To Live defines an expiry time for your data, once item is expired the item is marked for deletion, item will be deleted within 48 hrs

Automatically removes data which is no longer relevant.

Reduces cost.

Question 54

What is ECS?

Answer 54

Elastic Container Service - A managed container orchestration service which supports:
docker & windows containers

Question 55

What is AWS Fargate?

Answer 55

AWS Fargate is a serverless compute engine for containers which is integrated with ECS & EKS

Question 56

What is EKS?

Answer 56

Amazon Elastic Kubernetes Service - gives you the ability to start, run & scale Kubernetes applications for managing multiple containers

Question 57

What is ECR?

Answer 57

Elastic Container Registry - A registry of container images

ECS connects to ECR to deploy your application

Question 58

What are the deployment options for containers?

Answer 58

ECS can run your containers on either:
Clusters of virtual machines
Fargate for serverless containers

Question 59

What is a container?

Answer 59

A container is a virtual operating environment with everything the software needs to run

Question 60

Outline the steps of deploying a docker application with CodeCommit, CodeBuild & ECS

Answer 60

1 Application code is stored in CodeCommit with the “buildspec.yml” & “Dockerfile” at the root of the directory

2. CodeBuild uses the CodeCommit repo together with the buildspec.yml file to create the Docker image
3. CodeBuild pushes the docker image to the ECS

Question 61

What is the docker command for building a docker image?

Answer 61

docker build -t myimagerepo (local file path of your docker application)

Question 62

What is the docker command for tagging a docker image?

Answer 62

docker tag myimagerepo:lastest (account #).dkr.ecr.(aws region).amazonaws.com/myimagerepo:latest

Question 63

What is the docker command for pushing a docker image?

Answer 63

docker push (account #).dkr.ecr.(aws region).amazonaws.com/myimagerepo:latest

Question 64

How can you configure API gateway?

Answer 64

Swagger (.yml) configuration files, can also be used with an SDK

Question 65

How can you prioritise or throttle requests from certain clients?

Answer 65

Handout API keys to clients and throttle the request rate based on this.

Question 66

What is AWS Kinesis?

Answer 66

A collection of services which enables you to collect, process & analyse data in real time

Question 67

What are the three core kinesis services?

Answer 67

Kinesis Streams - Data & video streams
Kinesis Data Firehose - Capture, transform, load data into data stores
Kinesis Data Analytics - Analyze, query & transform data using standard SQL

Question 68

What is Kinesis Streams?

Answer 68

Kinesis streams are made up of shards

each shard is a sequence of one or more data records

Question 69

How do you increase the data capacity of Kinesis streams?

Answer 69

Increase the number of shards

Question 70

What happens to the data in Kinesis firehose?

Answer 70

Data is collected from multiple producers and either picked up by lambda or stored directly in S3, Redshift or ElasticSearch

Question 71

How should you scale the number of consumers of a kinesis stream?

Answer 71

Number of instances shouldn’t exceed the number of shards (except failover)
One consumer/worker can process multiple shards
Only need to increase consumers based on CPU utilization

Question 72

What is the API G/W steady-state default request rate limit set to?

Answer 72

10,000 requests per second

Question 73

What is the maximum concurrent requests permitted for API G/W?

Answer 73

5000 requests across all APIs in a single AWS account

Question 74

A client receives a 429 HTTP error from an API G/W service what are the possible reasons for this?

Answer 74

1. The stready state default request rate has exceeded the default 10,000 requests permitted
2. You have gone over the 5000 concurrent requests

Question 75

What is the API G/W SOAP web service passthrough?

Answer 75

Passthrough XML (or another unsupported format) to the backend without transformation

Question 76

What are the supported API types for API G/W?

Answer 76

HTTP, REST or WebSocket API

Question 77

What are some of the ways of streaming realtime data between a client and a server?

Answer 77

AWS Appsync or websockets

Question 78

In API G/W what are stages and stage variables?

Answer 78

Similar to tags, they define a specific version of your API

The stage variables (are like environment variables) are key/value pairs used in your API. For example, you can define the HTTP endpoint as a stage variable so that you don’t have to hardcode the endpoint and you can experiment with different combinations

Question 79

What is the minimum memory of AWS Lambda?

Answer 79

128 MB

Question 80

What is the maximum memory of AWS Lambda?

Answer 80

10 GB

Question 81

What is the minimum timeout value for a Lambda function?

Answer 81

1 second

Question 82

How can Lambda be triggered from a CloudWatch Alarm?

Answer 82

Configure the alarm to send an SNS notification on a topic and select a Lambda function and associate it with that topic

Question 83

What are the different ways of triggering a Lambda function?

Answer 83

Using “Event sources” that produces events to trigger an AWS Lambda function to run

Some resources Lambda has to poll (SQS queues Kinesis streams) others invoke lambda directly (S3 or your own service).

Question 84

What are the main ways of running lambda functions?

Answer 84

Docker containers or ZIP archives

Question 85

What are Websocket APIs?

Answer 85

Websocket APIs are bidirectional - A client can send messages and services can send messages to the client independently.

This is in contrast to REST/SOAP where the client has to explicitly send a read request to the server.

Question 86

What is AWS AppSync?

Answer 86

AWS AppSync is a service for developing GraphQL APIs for combining multiple datasources.

It also uses Websockets to push real-time data to clients.

Question 87

Are AMIs region specific?

Answer 87

Yes but you can copy an AMI across regions

Question 88

What is an SQS dead letter queue?

Answer 88

An SQS queue to put items that cannot be consumed

Question 89

When it an item put into an SQS dead letter queue?

Answer 89

When the “receiveCount” exceeds the “maxReceiveCount”

Question 90

Is S3 eventually consistent?

Answer 90

Only for PUT (new items) or DELETE operations

Question 91

In CloudFormation, how does one refer to keys within a map?

Answer 91

{“Fn:FindInMap” : [ “MapName”, “TopKey”, “SecondKey”]}

Question 92

In the CloudFormation mappings section in the template can you refer to parameters?

Answer 92

No

Question 93

In CloudFormation what is the Ref intrinsic function and how is it used?

Answer 93

It is used to return the value of a parameter or a resource name. It is used as follows:

{ “Ref” : “logicalName” }

Question 94

What is pessimistic concurrency and optimistic concurrency?

Answer 94

Pessimistic concurrency - item locked to prevent change

Optimistic concurrency - Check item upon save to ensure it has not changed

Question 95

How does dynamodb use optimistic concurrency?

Answer 95

Using conditional writes - Only updates an item if a given condition is true

Question 96

What is Amazon SWF?

Answer 96

Amazon Simple Workflow service - great for managing workflows across different components

Question 97

You have exceeded an account limit, how can you increase this?

Answer 97

Use the support center within the AWS Management Console

Question 98

What is a better database caching solution for high availability - Redis or Memcached?

Answer 98

Redis - data is persisted and replicated across multiple AZs/nodes.

Memcached does not support replication or persistance

Question 99

How can a developer be notified when there are new objects uploaded to S3?

Answer 99

Add an event to S3 for all new POST/PUT operations and use an SNS topic

Question 100

When should you use AWS SWF or step functions?

Answer 100

Step functions should be considered for all new applications as it is agile.

In some cases consider AWS SWF if you require external signals to intervene with your workflow

Question 101

An API G/W is using caching - how do you ensure that certain requests are up to date?

Answer 101

Sending the HTTP header:

Cache-Control: max-age=0

Question 102

What are the AWS ECS placement strategies?

Answer 102

binpack - Tasks placed on instances so as to maximise used CPU/memory. Used to minimise number of instances used.

random - tasks are placed randomly across instances
spread - tasks are spread evenly across AZ or instances

Question 103

How does ECS work with EC2?

Answer 103

Elastic Container Service - Run a batch of EC2 instances and deploy the container task to the instances with different placement strategies.

Question 104

You have a bucket s3://mybucket with server logging & you have set the logs to be put into s3://mybucket/logs.

What will happen?

Answer 104

When you write something to the bucket a log will be written to the bucket which will cause a log to be written to the bucket.

This will be compounded by replication enabled.

Question 105

How to deploy templatized serverless app via the cli?

Answer 105

1. aws s3 mb s3://bucketname # and move the code into that bucket
2. aws sam package
3. aws sam deploy

To delete use
aws cloudformation delete-stack

Question 106

How do you deploy a templatized generic application?

Answer 106

aws cloudformation create-stack

Question 107

What does an application do once it has successfully processed a message from the SQS queue

Answer 107

Uses the DeleteMessage API to delete the message.

Question 108

Within a lambda there is the handler space & the global space - what can these be used for?

Answer 108

The handler space is the function called when the lambda is invoked (a handler).

The global space is the code outside of the handler & can be reused between lambda calls (although one should not assume this to be the case). This can be useful for saving time with reusing DB connection objects.

Question 109

What is the best solution for coordinating many Lambda functions?

Answer 109

AWS step functions

Question 110

What are the benefits of using S3 cross-region replication?

Answer 110

Reduce latency if there are users across different regions

Question 111

An application is designed to use Amazon SQS to manage messages from many independent senders. Each sender’s messages must be processed in the order they are received.
Which SQS feature should be implemented by the Developer?

Answer 111

Configure each sender with a unique MessageGroupId.

Set the SQS queue type to be FIFO (messages guaranteed to be in order).

Question 112

What is in the EC2 meta data and how can it be read?

Answer 112

http://169.254.169.254/latest/metadata/

Question 113

Can AWS Cognito have a custom authorizer?

Answer 113

Yes

Question 114

What S3 bucket operations are eventually consistent?

Answer 114

S3 overwrite DELETE or PUT operations

Question 115

How is manual approval done in CodePipeline?

Answer 115

Use an approval action in a stage

Question 116

What is AWS CodeStar?

Answer 116

Quickly develop, build & deploy on AWS

Question 117

What is an ECS task?

Answer 117

The running container with the settings defined in the task definition. The IAM role assumed by the task is used by the container.

Question 118

What is an ECS service?

Answer 118

The ECS Service is responsible for running the ECS tasks (containers), registering the tasks with the load balancer & spreading, scaling tasks & relaunching tasks in case of an error (self-healing).

Question 119

What is another word for the caching strategy “lazy-loading”?

Answer 119

cache-aside caching strategy

Question 120

Where can AWS Lambda store temporary files which only need to be used within the Lambda function?

Answer 120

/tmp directory it can store about 500 MB

Question 121

How can a Lambda function be triggered periodically?

Answer 121

Event bridge or CloudWatch events

Question 122

How can you deploy an AWS Lambda function using cloudformation?

Answer 122

Upload the code in .zip to S3 & reference it in the cloudformation template

Include the Lambda function code in the cloudformation template

For docker environments you can refer to the ECR repo

Question 123

What are API g/w route selection expressions?

Answer 123

An expression that is evaluated when the service is selecting the route to follow for an incoming message.

E.g. $request.body.action

Question 124

What happens if the API g/w does not match a route selection expression?

Answer 124

Goes to the $default (if $default is defined) otherwise it returns an error.

Question 125

How to debug AWS Lambda functions?

Answer 125

Using the AWS SAM to invoke a function locally in debug mode.

Question 126

An AWS Lambda function fails after multiple attempts how to debug the problem?

Answer 126

Using AWS CloudTrail Logs.

Question 127

What is API Gateway Mapping Templates?

Answer 127

Takes a payload and transforms it (reduces data or transforms the data into a different format).

Question 128

What is AWS CloudFormation cross-stack references?

Answer 128

Output values from a cf stack that can be imported for use in other stacks via Fn::ImportValue

Question 129

What is reserved concurrency on a Lambda function?

Answer 129

Guarantees that the given Lambda function has a certain amount of concurrency and also prevents that function from exceeding that limit.

Question 130

How to quickly debug a build in AWS CodeBuild?

Answer 130

Run AWS CodeBuild locally using CodeBuild Agent

Question 131

What is an example of AWS Mappings?

Answer 131

Mappings:
    RegionMap:
        us-east-1:
            hvm64: "ami-..."
            hvmg2: "ami-..."
         ........

ImageId: !FindInMap

 - RegionMap # The map used
 - !Ref 'AWS:Region'  # Refer to the region which we are in as the first key
 - HVM64   # Desired architecture that we want.

Question 132

How to monitor Elastic Load Balancers?

Answer 132

Load Balancer Access logs

Question 133

What is Cross-Zone Load Balancing?

Answer 133

The node of a load balancer will distribute requests from clients to all available targets in all availability zones.

If it is disabled the node will only distribute traffic to the registered targets in it’s AZ.

Question 134

How to speed up codebuild?

Answer 134

Bundle the dependencies in the source code

Question 135

What is the difference between a FilterExpression & ProjectionExpression?

Answer 135

ProjectionExpression identifies the attributes that you want and is done at the query level.

FilterExpression - will filter out the items based on a given condition

Question 136

Does AWS have a message limit for storing in SQS?

Answer 136

No - but it does have an in-flight limit of 120,000 messages

Question 137

Performance of gp2 volumes are tied to volume size.

At what volume does the volume max out?

Answer 137

5.3 TiB

Question 138

What is Amazon RedShift?

Answer 138

Designed for large data set storage & analysis

Question 139

What is Amazon Athena?

Answer 139

Interactive query service to analyse data on S3 using SQL

Question 140

What are valid CloudFormation params?

Answer 140

String, Number, List, CommaDelimitedList, EC2 key pair, security group etc.

Question 141

You want your Lambda function to have a low latency at a time of high traffic demand.
How do you do this?

Answer 141

Configure Application Auto Scaling to manage provisioned concurrency on a schedule to ensure that requests are served with a low latency.

Question 142

How many route tables can a subnet be associated with at a time?

Answer 142

One route table.

Question 143

For io1 volumes what is the ratio of maximum provisioned iops to volume size (in GiB)

Answer 143

50:1 - 200 GiB can be provisioned up to 10000

Question 144

What RDS DB types allow for IAM authentication?

Answer 144

MySQL & PostgreSQL

Question 145

What type of reserved instance provides capacity reservation?

Answer 145

Zonal reserved instances

Question 146

What is the secure way of sshing into ec2 instances?

Answer 146

Given a private key generate a public key from that private key.

Import the public key into an AWS region

Question 147

You have configured a developer profile and you would like to test the user cannot terminate instances,.

How do you do this?

Answer 147

aws –dry-run

This checks whether you have the permissions for the action without actually making the request.

Question 148

What is AWS Step functions state machines?

Answer 148

Coordinates applications & microservices using visual workflows

Question 149

What is AWS Step functions activities?

Answer 149

Associates code running which a specific task in a state machine.

Question 150

You enable S3 event notification on every event - how do you ensure you receive a notification for every object write?

Answer 150

Enable versioning on the bucket

Question 151

What elastic beanstalk environment should you use to decouple long running tasks from tasks which need to respond quickly?

Answer 151

Dedicated worker environment

Question 152

For application load balancers is cross-zone load balancing enabled?

Answer 152

Yes - always.

Question 153

When should db caches be used?

Answer 153

For read-intensive operations - not so useful for write-intensive operations

Question 154

What are the different monitoring levels?

Answer 154

Basic monitoring - 5mins
Detailed monitoring 1 min interval
High-resolution monitoring - up to 1 second interval

Question 155

A Lambda function fails multiple times - how can you debug this?

Answer 155

Configure Lambda to send the request to a deadletter queue for later processing

Question 156

How to speed up CodeBuild times?

Answer 156

Caching dependencies in an S3 cache.

Question 157

What is the maximum number of SQS messages that can be retrieved at a time?

Answer 157

10

Question 158

Does a Network Load Balancer modify the TCP socket?

Answer 158

No - so app s/w doesn’t need X-Forwarded-For

Question 159

If you lambda code + dependencies are larger than 50 MB how can you upload it?

Answer 159

Zip the code + dependencies into separate folders and upload it to S3

Question 160

What does changing the AWS CLI –page-size option to be below 1000 do?

Answer 160

CLI still returns the full list but will perform a larger number of API calls with a smaller number of items returned on each call.

It is good to avoid timeout errors.

Question 161

What does changing the AWS CLI –max-items option do?

Answer 161

Sets a maximum number of items returned.

If the items returned has been limited the output includes a NextToekn that you can pass to the next command to retrieve the next set of items.

Question 162

What does –starting-token AWS CLI option do?

Answer 162

If the max-items has been limited then you can pass the NextToken of the previous call to get the next group of messages.