Domain 5: Monitoring

Question 1

What is AWS CloudWatch?

Answer 1

AWS CloudWatch is a monitoring/management service which provides monitoring of metrics

Question 2

What is a CloudWatch alarm?

Answer 2

Trigger an event when a given metric is exceeded and trigger an event. E.g. an SNS notification

Question 3

What are the CloudWatch EC2 default host level metrics?

Answer 3

CPU, Network, Disk IO & Status Check (health)

Question 4

What are the CloudWatch EC2 custom metrics?

Answer 4

RAM utilization, remaining disk space

Question 5

What is the default CloudWatch EC2 monitoring inteval?

Answer 5

5 minutes

Question 6

What is the default CloudWatch EC2 detailed monitoring inteval?

Answer 6

1 minute

Question 7

What is the minimum CloudWatch granularity of custom metrics?

Answer 7

1 minute

Question 8

To create custom metrics from an EC2 instance what are some of the things you need to do?

Answer 8

1. Attach a role with the policy CloudWatchFullAccess to the EC2 instance
2. Configure the EC2 instance to write CloudWatch logs every 5 minutes (minimum 1 minute) (can use cron job)

Question 9

What is AWS X-Ray?

Answer 9

Service collects data about requests that your application serves

Question 10

Describe the X-Ray architecture

Answer 10

X-Ray SDK is installed on your EC2 instance which runs the X-Ray Daemon this communicates with the X-Ray API for information which can be viewed in the X-Ray Console

Question 11

What services does X-Ray integrate with?

Answer 11

Elastic Load Balancing
Lambda
API G/W
EC2
AWS Elastic Beanstalk
DynamoDB

Question 12

What does the X-Ray SDK provide?

Answer 12

Interceptors to add to your code to trace HTTP requests

Client handlers to instrument AWS SDK

Question 13

What languages are supported with X-Ray?

Answer 13

Java, Go, Ruby, NodeJS, Python, .NET, C#

Question 14

How to integrate ECS with X-Ray?

Answer 14

Run the X-Ray Daemon in it’s own Docker image running alongside your application

Question 15

What is AWS CloudTrail?

Answer 15

Great for auditing, provides logs of

IP address of client, success or failed, which user/role

Question 16

What is AWS Config?

Answer 16

A service that enables you to assess, audit & evaluate all your resources

Provide notifications when resources deviate from given standards

Question 17

What are the CloudWatch Alarm actions available?

Answer 17

SNS publish, Email notification, auto scaling action or EC2 action

(To trigger other services you must subscribe to an SNS topic)

Question 18

How do you set up X-Ray to work with your application?

Answer 18

Add x-ray instrumentation to your application code

Install the X-ray SDK on your machine

If using ECR run the X-ray daemon in a docker image

Give the necessary permissions to the EC2 or the ECS task

Question 19

When is Kinesis Data Streams used?

Answer 19

Rapidly moving data and continuously processing the data. Great for clickstreams

Question 20

When is Kinesis Firehose used?

Answer 20

Great for loading streaming data into data stores/analytics stores.

Question 21

How long does it take for forecast-based AWS Budget alerts to be triggered?

Answer 21

Needs about 5 weeks of usage data to generate the forecasts.

Question 22

What instance types are in the free-tier?

Answer 22

t2.micro or t3.micro

Question 23

What is X-Ray sampling?

Answer 23

Modify the sampling behaviour of the amount of data that you record.

Question 24

What is AWS Config used for?

Answer 24

Dive into resource configuration histories. E.g. what did my resource look like 2 months ago?

Question 25

What are API G/W usage plans?

Answer 25

Specifies who can access API stages / methods.

Uses API keys to identify clients and throttle the connection.

Question 26

What are organization trails?

Answer 26

Logs all events for all AWS accounts in that organization.

Question 27

How to monitor ec2 instances from the cli?

Answer 27

aws ec2 monitor-instances –instances-ids xxxx

Question 28

What is Amazon CloudWatch Agent?

Answer 28

Collects system-level metrics from EC2

Question 29

What is AWS System Manager Agent?

Answer 29

Manages, updates & configures EC2 resources

Question 30

How to monitor API G/W?

Answer 30

API Gateway Access logs with CloudWatch

Question 31

Is log group data encrypted in CloudWatch logs?

Answer 31

Yes

Question 32

How to set encryption using kms with CloudWatch log groups?

Answer 32

aws logs associate-kms-key

Question 33

How can CodePipeline trigger a build?

Answer 33

Either when an update is made to CodeCommit or a change to an S3 bucket

Question 34

What are X-Ray Annotations?

Answer 34

key-value pairs that are indexed for searching through the trace data.