freecodecamp

Question 1

ElasticBeanstalk

Which deployment method should be used if a fast rollback is required?

Answer 1

Immutable

This creates a new set of instances and switches the load balancing.
The old servers are still present.

Question 2

ElasticBeanstalk

What are the 6 Linux Server Configurations?

Answer 2

PUCCFS

Packages - What additional packages (nginx, redis e.g.) should be installed Usually done with “yum”

Users/Groups

Commands - Runs commands, such as staring nginx

Container Commands

Files - Creates files, for example for configs

Services - Checks the status of a service (nginx - ensureRunning: true)

Question 3

ElasticBeanstalk

You need to get the AMI of a specific Java Version, how to do this?

Answer 3

Use the describe-platform-version command with the region and the platform-arn parameter

Question 4

ElasticBeanstalk

Where are the configuration files stored?

Answer 4

.ebextenstions

Question 5

ElasticBeanstalk

It takes to long to start up a service, what can be done?

Answer 5

Use a custom AMI with all needed services baked in

Question 6

ElasticBeanstalk

What is the CLI command to swap environments?

Answer 6

eb swap [original] –destination_name [new]

Question 7

ECS

What is an essential container?

Answer 7

Required setting, if this container fails or stops, all other container will be stopped.

A task has at least one essential container

Question 8

ECS

How to include secrets form the Parameter store?

Answer 8

Use the Value From instead of Value in the Environment variables

Question 9

X-Ray

What does the Service Graph show?

Answer 9

Client, front-end services (lambda, sns, ec2), back-end services (databases)

It improves view into bottlenecks and latency spikes

Question 10

X-Ray

What is a segment, and what data does it show?

Answer 10

A segment is the service that is sending data like it’s IP, the taken request, what work has been done, if it was successful or not (and the reasons)

Question 11

X-Ray

You know that there are failed requests, but you cannot see them in X-Ray - what could be a reason?

Answer 11

The sampling rate is too low

Question 12

ACM

Which services can you attach a certificate to?

Answer 12

ELB
CloudFront
API Gateway
(ElasticBeanstalk through an ELB)

Question 13

ACM

What is SSL Termination?

Answer 13

The encryption is decrypted on the ALB

Question 14

Route53

How to connect to on-premise servers?

Answer 14

Use Route53 Resolver

Question 15

CLI

You need to switch between Accounts while using the CLI, what can be done?

Answer 15

using the profile parameter

aws s3api list-buckets –profile admin_mark

The profile makes reference to the .credentials file

[mark]
aws_access_key=123
aws_secret_access_key=ABC
[admin_mark]
..
..

Question 16

KMS

What are the common five KMS CLI commands

Answer 16

aws kms create-key
aws kms encrypt
aws kms decrypt
aws kms re-encrypt
aws kms enable-key-rotation

Question 17

SQS

You have messages around 3mb and want to deliver them to SQS using the PHP SDK, how can this be done?

Answer 17

It cannot be done with the SDK for PHP.

But for Java you can use the SQS Extended Client Library for Java for messages up to 2GB.
It will put the message to S3 and send the reference to SQS.

Question 18

Parameter Store

What are the differences between Standard and Advanced tier?

Answer 18

4kb / 8kb
10.000 params / 100.000 params
no policies / parameter policies

Question 19

Parameter Store

What are parameter policies?

Answer 19

Forcing an update or delete on a parameter.

Especially useful for passwords.

Question 20

Parameter Store

How to create hierachy in parameters?

Answer 20

include a names structure separated by /

Question 21

DynamoDB

What is a partition and how are they created?

Answer 21

A slice of a large table group by similiar data -

They are automatically created by AWS, when more than 10GB of new data is inserted or the read/write capacity for a single partition is reached.

Question 22

DynamoDB

What are the use cases for on-demand capacity?

Answer 22

• New project
• unpredictable Traffic
• align cost with usage

Question 23

DynamoDB

What are DynamoDB Transactions?

Answer 23

All-or-nothing requests across multiple tables for read (TransactGetItems) and write (TransactWriteItems) actions.

In addition to the normal read/write consumption there are two underlying requests.
One for preparing the transaction and one for committing the transaction

Question 24

DynamoDB

How does TTL work?

Answer 24

NOT given in seconds on the item, but you define a column that specifies the datetime the item should expire

Question 25

DynamoDB

I set a TTL on a column, but the data does not get deleted, what could be a reason?

Answer 25

The string representing the time is not formated in epoch time.

Question 26

DynamoDB

You want to get notified (via E-Mail) when a user gets deleted from a table, how to do this?

Answer 26

Set up DynamoDB Streams, which will call a Lambda function which can take the action

Question 27

DynamoDB

I received the ThrottlingException, what could be the reason?

Answer 27

Too many request to CreateTable, UpdateTable or DeleteTable

Question 28

DynamoDB

I received the ProvisionedThroughputError, what could be the reason?

Answer 28

Reached max. allowed provisioned capacity

Question 29

DynamoDB

What is the main advantage of a Local, compared to a Global Secondary Index?

Answer 29

You can strong consistency only with a LSI

Question 30

IAM

What is the process to get access using an WebIdentity provider?

Answer 30

1. Authenticate with OAUth (e.g.) on the Identity Provider
2. IP sends a JWT
3. Use CLI or SDK to call the AssumeRoleWithWebidentity on STS, sending the credentials
4. STS returns the temp. security credentials

Question 31

CloudFront

What specifies a Distribution?

Answer 31

A Distribution is a collection of Edge Locations (defined as “Price Class”)

1. Type: Web / RTMP
2. Behaviour: HTTPS redirect, Viewer access, TTL
3. Error / Root Page
4. Geo Restrictions

Question 32

CloudFront

What is Lamdba@Edge?

Answer 32

Using four (Viewer/Origin request & Viewer/Origin response) hooks to change the behaviour of the requests using lambda

Question 33

CloudFront

How to disallow direct access to the origin S3?

Answer 33

Use Restrict Bucket Access and (automatically) create a Origin Access Identity (OAI)

Question 34

CloudFront

How to invalidation all or single data?

Answer 34

Using a wildcard to erase all or use the filename for a single item

Question 35

CloudTrail

What is the difference between Event History and a Trail

Answer 35

EventHistory is enabled by default and stores data (visible in a GUI) for 90 days

A trail logs indefinitely in S3 and can be crawled using Athena

Question 36

CloudTrail

I created a trail but data is missing from other regions, what is the problem

Answer 36

CloudTrail can be inter-regional - but it must be set up on creation.

Note: it is not one trail, but the trail configuration is copied to other regions

Question 37

CloudFormation

What is FN::GetAttr?

Answer 37

Allows to get many attributes from a resource, such as a Security Group ID, the private IP or the Availability Zone

Question 38

CloudFormation

On what resources should you use a CreationPolicy and on which a WaitCondition?

Answer 38

CP: EC2 & ASG
WC: Everything else like an ELB

Question 39

CodeBuild

What are the phases?

Answer 39

install
pre_build
build
post_build

Question 40

Lambda

What is the (soft) limit of concurrent running functions?

Answer 40

1000

Question 41

Lambda

What are the RAM limits?

Answer 41

128mb to 3008mb

Question 42

Lambda

What ist the max. runtime, and would could be an alternative?

Answer 42

15min

Use Fargate

Question 43

Lambda

What is a (un)qualified ARN?

Answer 43

Qualified: ends with a version indicator, such as &LATEST

An unqualified just lists the function

Question 44

Lambda

What is an alias?

Answer 44

friendlier name that also references a specific version

Question 45

Lambda

What are Layers?

Answer 45

Additional code, such as libraries that are put in a zip file and attached to the function.

In unzipped state cannot exceed 250mb an there’s a limit of 5 layers