S18:AWS Monitoring & Audit: CloudWatch, CloudTrail & Config

Question 1

We’d like to have CloudWatch Metrics for EC2 at a 1 minute rate. What should we do?

Answer 1

enable detailed monitoring

Question 2

High Resolution Custom Metrics can have a minimum resolution of

Answer 2

1 sec

Question 3

Your CloudWatch alarm is triggered and controls an ASG. The alarm should trigger 1 instance being deleted from your ASG, but your ASG has already 2 instances running and the minimum capacity is 2. What will happen?

Answer 3

The alarm will remain in “ALARM” state but never decrease the number of intances in my ASG.

Question 4

An Alarm on a High Resolution Metric can be triggered as often as

Answer 4

10 sec

Question 5

You have made a configuration change and would like to evaluate the impact of it on the performance of your application. Which service do you use?

Answer 5

CouldWatch is used to monitor the applications performance / metrics

Question 6

Someone has terminated an EC2 instance in your account last week, which was hosting a critical database. You would like to understand who did it and when, how can you achieve that?

Answer 6

Look at CloudTrail

Question 7

You would like to ensure that over time, none of your EC2 instances expose the port 84 as it is known to have vulnerabilities with the OS you are using. What can you do to monitor this?

Answer 7

Setup Config Rules

Question 8

You would like to evaluate the compliance of your resource’s configurations over time. Which technology do you choose?

Answer 8

Config