Serverless

Question 1

What does serverless mean?

Answer 1

Focus on the code and leave the management of compute architecture behind. AWS takes care of the physical data centers, the virtualization of computers. We are are responsible for the rest.

Question 2

What are the benefits of serverless?

Answer 2

1. Ease of use (we bring the code and AWS handles the rest)
2. Event-based (serverless compute resources can be brought online in response to an event happening)
3. Billing model (“pay as you go” in its purest form, you only pay for your provisioned resources and the length of runtime)

Question 3

What are the two serverless compute options in AWS?

Answer 3

1. Lambda - write a function and run it
2. Fargate - run your code in a container

Question 4

When given a scenario where one of the options is EC2 and the other is serverless, which would you recommend?

Answer 4

Serverless

Question 5

What is Lambda?

Answer 5

AWS Lambda is a serverless compute service that lets you run your code without provisioning or managing the underlying servers

Question 6

What are the five main settings are required when creating a Lambda function?

Answer 6

1. Runtime - pick or bring your own
2. Permissions - attach roles (e.g. to allow function to call AWS API)
3. Networking - you can optionally define a VPC, subnet and security groups your function will be a part of
4. Resources - defining the amount of available memory will allocate how much CPU and RAM your code gets
5. Trigger - what is going to alert your Lambda function to start

Question 7

If you have a scenario where you need to automatically remove entries from a security group, start and stop instances, or do anything else that is built-in, what service would you use?

Answer 7

Lambda

Question 8

What are the limitations of Lambda?

Answer 8

1. Time - runs for a maximum of 15 minutes
2. Memory - maximum size of 10GB

Question 9

What are common services that can trigger a Lambda function?

Answer 9

1. S3
2. CloudWatch Events
3. EventBridge
4. API Gateway
5. ALB (Application Load Balancers)

Question 10

When given a scenario where it asks what service would be best for writing microservices, what would you recommend?

Answer 10

Lambda

Question 11

If you are given a scenario where you have a Lambda that needs access to private architecture (private database or private API), what would you recommend?

Answer 11

Run your Lambda in a VPC

Question 12

What is the AWS Serverless Application Repository?

Answer 12

1. Allows users to easily find, deploy or even publish their own serverless applications
2. Ability to privately share applications within orgs or publicly for the world
3. Upload the application code and a manifest file (known as the AWS SAM template)
4. Deeply integrated with the AWS Lambda service (appears within the console)

Question 13

What are the two options you have in the AWS Serverless Application Repository?

Answer 13

1. Publish - publishing apps make them available for others to find and deploy (define apps with the SAM templates, set to private by default, must explicitly share if desired)
2. Deploy - find and deploy published applications, browse public apps without needing an AWS account, browse within the AWS Lambda console

Question 14

What is a container?

Answer 14

A container is a standard unit of software that packages up code and all its dependencies, so the application runs quickly and reliably from one computing environment to another.

A running copy of an image.

Question 15

In terms of containers, what is a Dockerfile?

Answer 15

Text document that contains all the commands and instructions that will be used to build an image.

Question 16

In terms of containers, what is an image?

Answer 16

Immutable file that contains the code, libraries, dependencies and configuration files needed to run an application.

Question 17

In terms of containers, what is a registry?

Answer 17

Stores Docker images for distribution. They can be both private and public.

Question 18

In terms of scenarios, what are important things to remember about containers?

Answer 18

1. They are generally considered to be more flexible
2. They are easier to run on-site and move around to different environments

Question 19

What is ECS?

Answer 19

Elastic Container Service

1. Management of containers at scale - ECS can manage 1, 10, hundreds or thousands of containers; it will appropriately place the containers and keep them online
2. ELB integration - containers are appropriately registered with the load balancers as they come online and go offline
3. Role integration - containers can have individual roles attached to them, making security a breeze
4. Ease of use - extremely easy to set up and scale to handle any workload

Question 20

What is an open-source alternative to ECS?

Answer 20

Kubernetes

1. Open-source alternative
2. Can be used on-premises and in the cloud
3. AWS managed version is called Elastic Kubernetes Service (EKS)

Question 21

How do you decide between using ECS and EKS?

Answer 21

ECS - proprietary AWS container management solution (best used when you are all in for AWS and looking for something simple)

EKS - AWS managed version of open-source Kubernetes container managed solution (best used when you are not all-in on AWS, because it is more work to configure and integrate with AWS)

Generally assume that in scenarios, ECS is the best option, with the only exception being if open-source, Kubernetes or running the container on-premises, then assume EKS is best.

Question 22

If you see a scenario that talks about Kubernetes, what service would you recommend?

Answer 22

EKS (Elastic Kubernetes Service)

Question 23

If you have a scenario that requires a long-running application, what service would you recommend?

Answer 23

ECS (Elastic Container Service)

Question 24

What is Fargate?

Answer 24

AWS Fargate is a serverless compute engine for containers that works with both ECS and EKS

1. AWS owns the infrastructure
2. Requires use of ECS or EKS

Question 25

How do you decide between using ECS and Fargate in ECS and EKS?

Answer 25

EC2

1. You’re responsible for the underlying operating system
2. EC2 pricing model (EC2 is a better deal)
3. EC2 excels for long-running containers
4. Multiple containers can share the same host

Fargate

1. No operating system access
2. Pay based on resources allocated and time ran
3. Fargate excels for short-running tasks
4. Isolates environments

Question 26

How do you decide between Lambda and Fargate?

Answer 26

Lambda

1. Great for unpredictable or inconsistent workloads
2. Perfect for applications that can be expressed as a function

Fargate

1. Select Fargate when you have more consistent workloads
2. Allows Docker use across the organization and a greater level of control by developers

Question 27

What is EventBridge?

Answer 27

Amazon EventBridge (formally known as CloudWatch Events) is a serverless event bus. It allows you to pass events from a source to an endpoint. Essentially, it is the glue that holds your serverless application together.

Question 28

How do you create a rule in EventBridge?

Answer 28

1. Define a pattern (do you want the rule to be invoked based on what event is happening, or do you want this to be scheduled?)
2. Select event bus (is this going to be an AWS-based event, a custom event or partner?)
3. Select your target (what happens when this event gets kicked off, do you want to trigger a Lambda function, post to an SQS queue, send an email, etc.?)
4. Tag
5. Sit back and wait for the event to happen, or kick it off yourself to make sure it is working correctly

Question 29

If you have a scenario where you want to trigger an action based on something that happened in AWS, what service would you recommend?

Answer 29

AWS EventBridge

EventBridge holds together a serverless application and Lambda functions. Any API call that happens in AWS can alert a Lambda function, or a variety of different endpoints, that something has happened.

Question 30

What are some common use cases for Amazon EventBridge?

Answer 30

API Calls - a very common use case is triggering Lambda functions when an AWS API call happens

Question 31

What is the old name for Amazon EventBridge service?

Answer 31

CloudWatch Events

Question 32

What is Amazon ECR?

Answer 32

Amazon Elastic Container Repository

1. Registry - AWS-managed container image registry that offers secure, scalable and reliable infrastructure
2. Private - private container image repositories with resource-based permissions via IAM
3. Supported formats - supports Open Container Initiative (OCI) images, Docker images and OCI artifacts

Amazon ECR has/is:

1. Cross-region support
2. Cross-account support
3. Configured per repository and per region

Question 33

What is a Registry in terms of Amazon ECR?

Answer 33

A private registry provided to each AWS account; create one or more for image storage

Question 34

What is an Authorization Token in terms of Amazon ECR?

Answer 34

An Authorization Token is required for pushing and pulling images to and from registries

Question 35

What is a Repository in terms of Amazon ECR?

Answer 35

Contains all of your Docker images, OCI images and OCI artifacts

Question 36

What is a Repository Policy in terms of Amazon ECR?

Answer 36

Controls all access to repositories and images

Question 37

What is an Image in terms of Amazon ECR?

Answer 37

Container images that get pushed to and pulled from your repository

Question 38

Is there a service for public container image repositories?

Answer 38

Yes, it is called Amazon ECR Public

Question 39

What are Lifecycle Policies in Amazon ECR?

Answer 39

1. Helps management of images in your repositories
2. Defines rules for cleaning up unused images
3. Ability to test your rules before applying them

Question 40

What is Image Scanning in Amazon ECR?

Answer 40

1. Helps identify software vulnerabilities in your container images
2. Repositories can be set to scan on push
3. Retrieve results of scans for each image

Question 41

What are Cache Rules in Amazon ECR?

Answer 41

1. Pull through cache rules allow for caching public repositories privately
2. Amazon ECR periodically reaches out to check current caching status

Question 42

What is Tag Mutability in Amazon ECR?

Answer 42

1. Prevents image version tags from being overwritten
2. Configured per repository

Question 43

What services does Amazon ECR integrate with?

Answer 43

1. Bring your own - your able to leverage ECR images within your own container infrastructure
2. Amazon ECS - use container images in ECS container definitions
3. Amazon EKS - pull images for your EKS clusters
4. Amazon Linux - Amazon Linux containers can be used locally for your software development

Question 44

If you see a scenario that mentions OCI repositories, what service would you recommend?

Answer 44

Amazon ECR

Question 45

If you see a scenario that mentions managed container image registry, what service would you recommend?

Answer 45

Amazon ECR

Question 46

What is Amazon EKS Distro (EKS-D)?

Answer 46

1. EKS-D is a Kubernetes distribution based on and used by Amazon EKS
2. It has the same versions and dependencies deployed by Amazon EKS
3. EKS-D is fully managed by you, unlike Amazon EKS, which is managed by AWS
4. Run EKS-D anywhere - on premises, in the cloud, etc.
5. Your responsibility - you are fully responsible for upgrading and managing your platforms

It functions like EKS Anywhere

Question 47

If you see a scenario that mentions self-managed Kubernetes deployments that are similar to Amazon EKS, what service would you recommend?

Answer 47

Amazon EKS Distro (EKS-D)

Question 48

If you see a scenario where you need to run versioned deployments of Kubernetes clusters outside of AWS-managed servers, what service would you recommend?

Answer 48

Amazon EKS Distro (EKS-D)

Question 49

What is Amazon EKS Anywhere?

Answer 49

1. On-premises EKS - an on-premises way to manage Kubernetes (K8s) clusters with the same practices used for Amazon EKS
2. Based on EKS Distro (EKS-D) - allows for deployment, usage and management methods for clusters in data centers
3. Lifecycle - offers full lifecycle management of multiple K8s clusters (operates independently of AWS)

Question 50

What are the main concepts of Amazon EKS Anywhere?

Answer 50

1. Control plane - K8s control plane management is operated completely by the customer
2. Location - K8s control plane location is entirely within a customer data center or operations center
3. Updates - cluster updates are done entirely via manual CLI or Flux
4. Curated packages - offer extended core functionalities of K8s clusters
5. Enterprise subscriptions - curated packages require an enterprise subscription

Question 51

What is Amazon ECS Anywhere?

Answer 51

1. Feature of Amazon ECS allowing the management of container-managed apps on-premises
2. No orchestration needed - no need to install and operate local container orchestration software, meaning more operational efficiency
3. Completely managed - enabling standardization of container management across environments
4. Inbound traffic - no ELB support makes inbound traffic requirements less efficient
5. External - new launch type noted as EXTERNAL for creating services and running tasks

Question 52

What are the requirements to running Amazon ECS Anywhere?

Answer 52

1. You must have the SSM agent, ECS agent and Docker installed.
2. You must first register external instances as SSM Managed Instances
3. Easily create an installation script within the ECS console
4. Scripts contain SSM activation keys and commands for required software
5. Execute scripts on your on-premises VMs or bare metal servers
6. Deploy containers using the EXTERNAL launch type

Question 53

What is the difference between Aurora Provisioned and Aurora Serverless?

Answer 53

Amazon Provisioned is the standard Aurora service and Aurora Serverless is a separate offering that:

1. On-demand and auto-scaling configuration for the Amazon Aurora database service
2. Automation of monitoring workloads and adjusting capacity for databases
3. Capacity based on application demands
4. Charged only for resources consumed by DB clusters (per-second billing)
5. Budget friendly - helps customers stay well within budgets via the auto-scaling and per-second billing features

Question 54

What are Aurora Capacity Units (ACUs) in terms of Aurora Serverless?

Answer 54

Measurements on how your clusters scale

1. You can set a minimum and maximum of ACUs for scaling requirements (and they can be zero)
2. They are allocated very quickly by AWS-managed warm pools
3. Each ACU is a combination of 2GB of memory, matching CPU and networking capability based on that memory amount

Question 55

What is the data resiliency of Aurora Serverless?

Answer 55

Same data resiliency as Aurora Provisioned (six copies of data across three AZs)

Question 56

What can you expect of high-availability from Aurora Serverless?

Answer 56

There are multiple AZ deployments for establishing highly available clusters

Question 57

What are popular use cases for using Aurora Serverless?

Answer 57

1. Variable workloads (unpredictable or sudden activity)
2. Multi-tenant apps
3. New applications (if you are unsure what database instance needs are required)
4. Dev and Test
5. Mixed-use applications - application might serve more than one purpose with different traffic spikes
6. Capacity planning - easily swap from provisioned to serverless or visa versa

Question 58

If you are given a scenario where there will be variable workloads, or new applications, capacity planning or development and testing needs where an RDS database is required, what database service would you recommend?

Answer 58

Aurora Serverless

Question 59

What is Amazon X-Ray?

Answer 59

1. A service that collects application data for viewing, filtering and gaining insights about request and responses
2. You can view calls to downstream AWS resources and other microservices/APIs or databases
3. Receives traces from your applications for allowing insights
4. Integrated services can add tracing headers, send trace data or run the X-Ray Daemon

Question 60

What are Segments in terms of Amazon X-Ray?

Answer 60

Data containing resource names, request details and other information

Question 61

What are Subsegments in terms of Amazon X-Ray?

Answer 61

Segments providing more granular timing information and details

Question 62

What is a Service Graph in terms of Amazon X-Ray?

Answer 62

A graphical representation of interacting services in requests

Question 63

What are Traces in terms of Amazon X-Ray?

Answer 63

Trace ID tracks paths of requests and traces collect all segments in a request

Question 64

What is a Tracing Header in terms of Amazon X-Ray?

Answer 64

An extra HTTP header containing sampling decisions and trace ID

Tracing header containing adding information is called X-Amzn-Trace-Id

Question 65

What is AWS X-Ray Daemon?

Answer 65

AWS software application that listens on port 2000. It collects raw segment data and sends it to the AWS X-Ray API.

When the daemon is running, it works along with the Amazon X-Ray SDKs.

Question 66

What services integrate with Amazon X-Ray?

Answer 66

1. Amazon EC2 - install and run the X-Ray Daemon
2. Amazon ECS - install and run the X-Ray Daemon
3. Lambda - simple on/off switch and is built in and available for functions
4. Elastic Beanstalk - configurable option
5. Amazon API Gateway - added to stages as desired
6. Amazon SNS/SQS - view time taken for messages in queues and topics

Question 67

If you see a scenario involving application request insights, viewing response times of downstream resources or HTTP response analysis, what service would you recommend?

Answer 67

Amazon X-Ray

Question 68

What is AWS AppSync?

Answer 68

1. Robust, scalable GraphQL interface
2. Combines data from multiple sources (Amazon DynamoDB, AWS Lambda, etc)
3. Enables data interaction for developers via GraphQL

Question 69

What is GraphQL?

Answer 69

Data language that enables apps to fetch data from servers, with seamless integration with React, React Native, iOS and Android

Question 70

If you are given a scenario where it mentions GraphQL, fetching application data, declarative coding, or front-end application data fetching, what service would you recommend?

Answer 70

Amazon AppSync

Question 71

When given a scenario about how to choose between compute options, what questions should you ask yourself?

Answer 71

1. Is the application right for containers?
2. Do you need those servers running your application or can you shift to something serverless?
3. Is the application AWS-specific?
4. How long does the code need to run?