Section 11: AWS Monitoring & Audit: CloudWatch, X-Ray and CloudTrail Flashcards

1
Q

What do our users care about?

A

That our application is working!

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Why is monitoring important?

A

We want to be aware if our application latency increases, if we have outages, or if our applications donโ€™t behave as we expect them to.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What does internal monitoring provides us?

A

See performance and cost
Detect trends
Learn and improve

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What are the three monitoring services offered by AWS?

A

CloudWatch
X-Ray
CloudTrail

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What is AWS CloudTrail used for?

A

Internal monitoring of API call being made to AWS

Audit changes to AWS Resources by users

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What is AWS X-Ray used for?

A

Troubleshooting application performance and errors

Visual tracing of microservices

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What are the four features provided by AWS CloudWatch?

A

Metrics
Logs
Events
Alarms

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What is AWS CloudWatch Metrics?

A

A fully managed service that provides metrics for every service in AWS

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What is a Metric?

A

A variable to monitor (CPUUtilization, NetworkIn, etc.)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What is namespace in AWS CloudWatch Metrics?

A

A container for metrics

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What are some default metrics namespaces?

A

EBS, EC2, ELB, RDS, ElasticBeanstalk, etc. (Basically most AWS services have their own namespaces provided by AWS)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Can you create your own Metrics namespace?

A

Absolutely

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What are dimensions and what are they used for? (In the context of Metrics)

A

Metrics are first grouped by namespace, and then by the various dimension combinations. For example:
All EC2 Metrics
EC2 Metrics grouped by instance
EC2 Metrics grouped by ASG

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Do all AWS services send metrics to CloudWatch by default?

A

Only the services you are using

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

How many dimensions can a metric have?

A

Up to 10

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

What is the one thing that all metrics have?

A

Timestamps

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

How can we visualize metrics better?

A

By creating a custom dashboard of Metrics

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

What is default period between each metric for an EC2 instance?

A

5 minutes

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

How can you get more frequent metrics for an EC2 instance?

A

By enabling โ€œDetailed monitoringโ€ (for a cost)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

What is shortest period between each metric for an EC2 instance with detailed monitoring?

A

1 minute

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

What metric is NOT pushed to AWS CloudWatch for EC2 instances?

A

Memory usage

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

How can you push EC2 Memory usage metric to CloudWatch?

A

By pushing it as a custom metric

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

How many detailed metrics does AWS Free Tier allow us to have?

A

10

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

What can you do if you want to more prompt scale your ASG?

A

Enable detailed monitoring

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
Q

How can you segment metrics when you send your own custom metrics to CloudWatch?

A

By using dimensions

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
26
Q

How to get more frequent metrics when using custom metrics?

A

By using custom High Resolution custom metric

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
27
Q

What are the two types of custom metric?

A

Standard resolution

High resolution

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
28
Q

What is the granularity of custom metric with standard resolution?

A

1 minute

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
29
Q

What is the granularity of custom metric with high resolution?

A

1 second

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
30
Q

What are the available periods of analysis of custom metrics of high resolution in CloudWatch?

A

1 sec, 5 sec, 10 sec, 30 sec, any multiple of 60 sec

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
31
Q

What API should you use to emit custom metrics?

A

PutMetricData

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
32
Q

How can you set a custom metric to high resolution?

A

By setting the StorageResolution API parameter to any values under 60 (which would be 60 seconds therefore standard resolution)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
33
Q

What should you do in case of throttle errors when sending custom metrics?

A

Use exponential back off

34
Q

What are CloudWatch Alarms used for?

A

They are used to trigger notifications for any metric

35
Q

What can alarms go to?

A

Auto Scaling, EC2 actions, SNS notifications

36
Q

What are the possible alarm states?

A

OK
INSUFFICIENT_DATA
ALARM

37
Q

What is the period of CloudWatch Alarms for standard resolution custom metrics and metrics provided by AWS?

A

The length of time in seconds to evaluate the metric

38
Q

What is the period of CloudWatch Alarms for high resolution custom metrics?

A

Can only choose 10 sec or 30 sec

39
Q

What does the AWS CloudWatch Logs panel allow you to do?

A

View logs from used AWS services

40
Q

What logs does EB can send to CloudWatch?

A

Logs from the application

41
Q

What logs does ECS can send to CloudWatch?

A

Logs from containers

42
Q

What logs does Lambda can send to CloudWatch?

A

Function logs

43
Q

What logs does VPC Flow Logs can send to CloudWatch?

A

VPC specific logs

44
Q

What logs does API Gateway can send to CloudWatch?

A

API related logs

45
Q

What logs does Route53 can send to CloudWatch?

A

DNS queries logs

46
Q

Where can CloudWatch logs go to? (2 options)

A

Batch export to S3

Stream to ElasticSearch cluster for further analysis

47
Q

What can you use to filter logs in CloudWatch Logs?

A

Filter expressions

48
Q

What is the Logs storage architecture?

A

Log groups

Log streams

49
Q

What are Log groups?

A

Groups of log streams

50
Q

What are Log streams?

A

Instances within applications, log files, containers, functions, etc.

51
Q

Can you define expiration policies?

A

Yes (never expire, 30 days, etc.)

52
Q

What do your services ABSOLUTELY need to have in order to be able to send logs to CloudWatch?

A

The right IAM permissions!

53
Q

Is encryption available for logs in CloudWatch Logs?

A

Yes, encryption of logs is available using KMS

54
Q

At what level is encryption availble in CloudWatch Logs?

A

At the group level

55
Q

What is CloudWatch Events?

A

They are a way to schedule cron jobs or react to a service doing something

56
Q

What can CloudWatch Events trigger?

A

Lambda functions

SQS/SNS/Kinesis Messages

57
Q

What do CloudWatch Events create when triggered?

A

A small JSON document to give information about the change

58
Q

What was the good old way to do debugging when a problem occurred in production?

A

Test locally
Add log statements everywhere
Re-deploy in production

59
Q

What is the hardest to debug when using the good old way, a monolith or distributed services? And why so?

A

A monolith, because with distributed services you donโ€™t have common views or your architecture.

60
Q

What are some of the things that X-Ray helps you detect?

A

Bottlenecks
Service issues
Impacted users

61
Q

What services/other things are compatible with X-Ray?

A
AWS Lambda
Elastic Beanstalk
ECS
ELB
API Gateway
EC2 Instances or any application server (even on premise)
62
Q

What does X-Ray leverages?

A

Tracing

63
Q

What is tracing?

A

It is an end to end way to following โ€œa requestโ€

64
Q

What do each components dealing with the request add?

A

Their own โ€œtraceโ€

65
Q

What are traces made of?

A

Segments (and sub segments)

66
Q

How can you provide extra-information to your traces?

A

By adding annotations

67
Q

Do you have to trace every request when using X-Ray?

A

No, you can use sampling to sample request (as a % or a rate per minute)

68
Q

How is X-Ray secure?

A

IAM for authorization

KMS for encryption at rest

69
Q

How can you enable X-Ray in your application running on EC2 instances / on premise servers?

A

Import the AWS X-Ray SDK in your code

Configure the SDK to capture calls to AWS services, HTTP/HTTPS requests, database calls, queue calls (SQS)

Install and run the X-Ray daemon

70
Q

What is the X-Ray daemon?

A

A software application that listens for traffic on UDP port 2000, gathers raw segment data, and relays it to the AWS X-Ray API

71
Q

How can you enable X-Ray in your application running on Elatic Beanstalk?

A

Import the AWS X-Ray SDK in your code

Configure the SDK to capture calls to AWS services, HTTP/HTTPS requests, database calls, queue calls (SQS)

Set the configuration in the EB console OR
enable the service in a .ebextensions/xray-daemon.config file like so:
option_settings:
aws:elasticbeanstalk:xray:
XRayEnabled: true

72
Q

How can you enable X-Ray in functions running on Lambda?

A

Import the AWS X-Ray SDK in your code

Configure the SDK to capture calls to AWS services, HTTP/HTTPS requests, database calls, queue calls (SQS)

Make sure that X-Ray integration is enabled

73
Q

What do all applications, regardless of the platform, absolutely need in order to relay data to X-Ray?

A

The corresponding IAM rights

74
Q

How can you send traces cross-account with the X-Ray daemon / agent?

A

The agent has a config to send traces cross account, make sure the IAM permissions are correct - the agent will assume the role

75
Q

How to reduce cost when using X-Ray?

A

By using sampling

76
Q

What can you use to provide key value pairs which can be used for filtering when using X-Ray?

A

Annotations

77
Q

What can you use to provide key value pairs which can NOT be used for filtering when using X-Ray?

A

Metadata

78
Q

What does AWS CloudTrail provide?

A

Governance, compliance and audit for your AWS Account

79
Q

Is CloudTrail enabled by default?

A

Yes

80
Q

What are the sources of events in CloudTrail?

A

Console
SDK
CLI
AWS Services

81
Q

Can you put logs from CloudTrail into CloudWatch Logs?

A

Yes

82
Q

What should you do if you feel like something weird happened into your AWS account?

A

Look into CloudTrail first