Section 20: AWS Monitoring & Audit, CloudWatch, X-Ray and CloudTrail: X-Ray Flashcards
What did Amazon EventBridge used to be called?
CloudWatch Events.
What is Amazon EventBridge?
EventBridge is a serverless service that uses events to connect application components together, making it easier for you to build scalable event-driven applications. Event-driven architecture is a style of building loosely-coupled software systems that work together by emitting and responding to events. Event-driven architecture can help you boost agility and build reliable, scalable applications.
About Amazon EventBridge.
A rule can run in response to an event, or at certain time intervals. For example, to periodically run an AWS Lambda function, you can create a rule to run on a schedule.What are the two types of scheduled rules? (Just names, you’ll describe them later).
- Rate expression
- Cron expression.
Regarding Amazon EventBridge and creating rules, what’s a rate expression?
- Rules that run at a regular rate
- EventBridge runs these rules at regular intervals; for example, every 20 minutes.
- To specify the rate for a scheduled rule, you define a rate expression.
Regarding Amazon EventBridge and creating rules, what’s a cron expression?
- Rules that run at specific times
- EventBridge runs these rules at specific times and dates; for example, 8:00 a.m. PST on the first Monday of every month.
- To specify the time and dates a scheduled rule runs, you define a cron expression.
What are examples of Amazon EventBridge events?
- An event indicates a change in an environment such as an AWS environment, a SaaS partner service or application, or one of your applications or services. The following are examples of events:
- Amazon EC2 generates an event when the state of an instance changes from pending to running.
- Amazon EC2 Auto Scaling generates events when it launches or terminates instances.
- AWS CloudTrail publishes events when you make API calls.
- Trigger Lambda functions, send SQS/SNS messages.
What are Amazon EventBridge events used for? What’s an example.
- Rules use event patterns to select events and send them to targets. An event pattern either matches an event or it doesn’t.
- IAM root user sign in event -> sns topic with email notifications.
What are some popular EventBridge (possibly rules) sources (and their corresponding example events)? (hint, there are six, but i’ll cut you a break and say 4/5 of them.)
- ec2 instance (ex: start instance)
- CodeBuild (ex: failed build)
- s3 event (ex: upload object)
- Trusted Advisor (ex: new Finding)
- CloudTrail (ex: any API call)
- Schedule or Cron (ex: every 4 hours)
what are the exmple destinations for Amazon EventBridge Rules?
- Compare: Lambda, AWS Batch, ECS Task
- Integration: SQS, SNS, Kinesis Data Streams
- Orchestration: AWS Step Functions, CodePipeline, CodeBuild
- Maintenance: SSM, EC2 Actions
Do you have the option to use a filter to determine which events Amazon EventBridge is gonna pass onto a destination? What are some filter examples.
Yes. For example, you can create an event pattern that matches an event when:
* A field of the event is within a specific numeric range.
* The event comes from a specific IP address.
* A specific field doesn’t exist in the event JSON.
Amazon EventBridge supports declarative content filtering using event patterns. With content filtering, you can write complex event patterns that only match events under very specific conditions.
idk find some json stuff for amazon eventbridge rules. I know you’re a little struggly now.
What are Amazon EventBridge event buses?
An event bus is a router that receives events and delivers them to zero or more destinations, or targets. Event buses are well-suited for routing events from many sources to many targets, with optional transformation of events prior to delivery to a target.
When using Amazon EventBridge event buses, do you have the ability rep replay archived events?
Yes.
When using Amazon EventBridge event buses, can you archive events (all/filter) sent to an event bus (indefinitely or set period)?
Yes
When using Amazon EventBridge event buses, can event buses be accessed by aws accounts?
Yes. Event buses can be accessed by other AWS acounts using Resource-based policies?
How do event buses work?
- Event buses enable you to route events from multiple sources to multiple destinations, or targets.
- At a high level, here’s how it works:
- An event source, which can be an AWS service, your own custom application, or a SaaS provider, sends an event to an event bus.
- EventBridge then evaluates the event against each rule defined for that event bus.
- For each event that matches a rule, EventBridge then sends the event to the targets specified for that rule. Optionally, as part of the rule, you can also specify how EventBridge should transform the event prior to sending it to the target(s).
- An event might match multiple rules, and each rule can specify up to five targets. (An event may not match any rules, in which case EventBridge takes no action.)
Okay, so you want to use and amazon eventbridge event bus to um create a bus (figure out better words for this later) between eventbridge and other aws services. Do you use a default event bus, a partner event bus, or a custom event bus?
Default event bus
Okay, so you want to use and amazon eventbridge event bus to um create a bus (figure out better words for this later) between eventbridge and some big-name non-aws aws services, like Saas providers/things zendesk and datadog. Do you use a default event bus, a partner event bus, or a custom event bus?
Partner event bus
Okay, so you want to use and amazon eventbridge event bus to um create a bus (figure out better words for this later) between eventbridge and some apps you made (i presume they’re not hosted on aws). Do you use a default event bus, a partner event bus, or a custom event bus?
Custom event bus.
What does Amazon EventBridge Schema Registry allow you to do?
- The Schema Registry allows you to generate code for your app that will know in advance how data is structured in teh event bus.
- Search a collection of schemas that can be leveraged by developers in your organization. EventBridge allows you to add schemas manually or can automate the process by using schema discovery.
- idk look into it later
Can Amazon EventBridge Schema Registry schemas be versioned?
Yes
T/F can EventBridge analyze the events in your bus and infer the schema?
yea. also, look into this later. idk if it’s important.
What do amazon eventbridge resource based policies do? example? (it’s okay if you give the use case, i’ll provide it just in case you do but i’m asking ask you about that later)
- Manage permissions for a specific event bus
- ex: allow/deny events from anoterh aws account or aws region
- use case: aggregate all events from your aws org in a single aws account or aws region
What is a use case for an amazon EventBridge - Resource-based Policy? (i’ll provide the example, just in case you answer that one instead. honestly i don’t quite get the different at this point.)
- use case: aggregate all events from your aws organization in a single aws account or aws region.
- example: allow/deny events from another aws account or aws region.
Okay so what’s missing in this amazon eventbridge resource based policy json?
- events:putEvents (the quotes are already there)
- arn:aws:events:us-east-1:1234567875:event-bus/central-event-bus. (quotes are already there)
AWS EventBridge
Can you create cross account access to a single event bus?
yep
What do you need to create EventBridge cross account access to a single event bus (it’s called multi account aggregation)
a resource policy for the central account’s event bus.
how does EventBridge multi account aggregation work?
Okay now it’s x ray time. What’s it look like X-Ray is for?
looks like it’s some fancy new way to debug, but you don’t have to test locally and add log statements everywhere and redploy in production
Does xray give you visual (also called graphical but, and call me a snob, that doesn’t look like a graph to me) analysis of your applications?
yep
So what are the advantage sof using xray?
- troubleshooting performance (including bottlenecks)
- understand dependencies in a microservices architecture
- pinpiont service issues
- review request behavior
- find errors and exceptions
- find out things like whether you’re meeting time SLA, where you’re getting throttled, identify users that are impacted.
What aws services is xray compatible with? (or which ones is it really popular with)
- aws lambda
- elastic beanstalk
- ecs
- elb
- api gateway
- ec2 instances or any app server (even on premises)
Is x ray compatible with on-premise app servers?
Yea
- Does x ray use tracing?
- what’s tracing (the tiny explaination version)?
- yea
- it’s an end to end way of following a “request”
xray tracing: flush out lines associated with the following terms:
* segments
* annotations
- segments: tracing is made of segments (and sub segments)
- annotations can be added to traces to provide extra information
about xray: T/F
Each component dealing with the request adds it’s own trace
true
Xray T/F
- xray gives you the ability to trace every request
- xray gives you the ability to trace a sample of requests (as a percentage for example or a rate per minute)
- T
- T
what are the two aws services you’re gonna need for xray?
- IAM for authorization (it totally is an aws service)
- KMS for encryption at rest (so KMS is a thing outside of aws - key management service (ex, gcp has their own) but it turns out AWS KMS is, you know, i beleive classified as another aws service)
What kind of things does the aws xray sdk capture (4 examples)?
- calls to aws services
- http/https requests
- database calls (MySQ, PostgreSQL, DynamoDB)
- Queue calls (SQS)
When you want to use aws xray sdk, do you need to modify a lot of code?
slides say nope.
how does the xray daemon work?
the aws xray daemon works as a low level udp packet interceptor (linux/windows/mac)
T/F about xray
Each application must have the IAM rights to write data to xray.
True
Just talk about this.
about xray:
T/F is the service map (that visual) computed from all segments and traces?
T
idk think about whether you want to ask a question about this code snippet (it’s an example for node.js and express (in a slide about instrumentation in your code))
fls;kadjf
This is the aws managed policy AWSXrayWriteOnlyAccess. IT gets used by the xray daemon so the daemon has permission to make necessary api calls. What’s in the hidden section?
hint: apis are PutTraceSegments, PutTelemetryRecords, GetSamplingRules, GetSamplingTargets and GetSamplingStatisticSummaries.
What is the arn for the aws managed policy for granting a user, group or role access to xray read apis?
arn:aws:iam::aws:policy/AWSXrayReadOnlyAccess
You can run the xray daemon by setting an option in the elastic beanstalk console or with a configuration file in .ebextensions/xray-daemon.config. What’s in the config file?
what’s the visual you should think of when people talk about using the ecs cluster (with ec2 instances) - xray integration option with the xray container as a daemon?
what’s the visual you should think of when people talk about using the ecs cluster (with ec2 instances) - xray integration option with the xray container as a side car?
what’s the visual you should think of when people talk about using the fargate cluster - xray integration option with the xray container as a side car?
About ecs + xray. This is an example task definition. What goes in the yellow?
Note that the close scope curly brace is totally there, it’s just cut off. It’s not super important, just wanted to mention in case you got fixated on that.
