AWS DevOps Pro review Exam Questions And
Answers 2022/2023
You are in charge of designing a number of Cloudformation templates for your
... [Show More]
organization. You need to ensure that no one can accidentally update the production
based resources on the stack during a stack update. How can this be achieved in the
most efficient way? - Answer- Use a Stack based policy to protect the production
based resources.
Cloudformation template, You want to ensure that the stack creation only shows the
status of CREATE_COMPLETE after all resources defined in the stack are up and
running. How can you achieve this? - Answer- C. Use the CreationPolicy to ensure it
is associated with the EC2 Instance resource.
D. Use the CFN helper scripts to signal once the resource configuration is complete.
Automated backup solution in place for EBS Volumes - Answer- Use Amazon Data
Lifecycle Manager to automate the process.
You are getting requirements for the templates from various departments, such as
the networking , security , application etc. What is the best way to architect these
Cloudformation templates. - Answer- Create separate logical templates , for example
, a separate template for networking, security, application etc. Then nest the relevant
templates.
DynamoDB Table with thousands of users from 3rd party identity providers such as
Google, Face Book, Twitter. Best way to provide access to their own tables -
Answer- 1. Use Web identity federation and register your application with a thirdparty identity provider such as Google, Amazon, or Facebook.
2. Create an IAM role which has specific access to the DynamoDB table.
You are required to make changes to the stack resources every now and then based
on the requirement for Cloudformation Templates. How can you check the impact of
the change to resources in a cloudformation stack before deploying changes to the
stack? - Answer- Use Cloudformation change sets to check for the impact to the
changes
A Classic Load Balancer can span across AWS OpsWorks Stacks layers? - AnswerNo.
To use Elastic Load Balancing with a stack, you must first create one or more load
balancers in the same region
· You can attach only one load balancer to a layer.
· Each load balancer can handle only one layer.
· AWS OpsWorks Stacks does not support Application Load Balancer. You can only
use Classic Load Balancer with AWS OpsWorks Stacks.
How to deploy security updates on Opsworks Stack servers? - Answer- 1. Create
and start new instances to replace your current online instances. Then delete the
current instances.
2. On Linux-based instances in Chef 11.10 or older stacks, run the Update
Dependencies stack command.
Which of the following tools for EC2 can be used to administer instances without the
need to SSH or RDP into the instance. - Answer- Run Command
An application is currently writing a large number of records to a DynamoDB table in
one region. There is a requirement for a secondary application to just take in the
changes to the DynamoDB table every 2 hours and process the updates accordingly.
Which of the following is an ideal way to ensure the secondary application can get
the relevant changes from the DynamoDB table. - Answer- Use DynamoDB streams
to monitor the changes in the DynamoDB table.
A DynamoDB stream is an ordered flow of information about changes to items in an
Amazon DynamoDB table. When you enable a stream on a table, DynamoDB
captures information about every modification to data items in the table.
Whenever an application creates, updates, or deletes items in the table, DynamoDB
Streams writes a stream record with the primary key attribute(s) of the items that
were modified. Astream record contains information about a data modification to a
single item in a DynamoDB table. You can configure the stream so that the stream
records capture additional information, such as the "before" and "after" images of
modified items.
Cloudformation templates which takes in a database password as a parameter. How
can you ensure that the password is not visible when anybody tries to describes the
stack - Answer- Use the NoEcho property for the parameter value.
Cloudformation helper scripts can help install packages on EC2 resources. - Answercfn-init
Basic stages of a CI/CD Pipeline - Answer- 1. Source Control
2. Build
3. Staging
4. Production
Debugging the creation of Cloudformation stack resources - Answer- B. Use the
AWS CloudFormation console to view the status of your stack.
C. See the logs in the /var/log directory for Linux instances
Continuous Delivery Services for Cloudformation - Answer- AWS CodePipeline
CLI commands can be used to describe the stack resources. - Answer- aws
cloudformation list-stack-resources
AWS Audit, Best way to provide access to auditor - Answer- Create an IAM user who
will have read-only access to your AWS VPC infrastructure and provide the auditor
with those credentials.
Benefits when you implement a Blue Green deployment - Answer- A. Near zerodowntime release for new changes
B. Better rollback capabilities
C. Good turnaround time for application deployments
DynamoDB Trotoling - Answer- 1. Monitor the ConsumedReadCapacityUnits and
ConsumedWriteCapacityUnits metric using Cloudwatch.
2.Create a Cloudwatch alarm which would then send a trigger to AWS Lambda to
increase the Read and Write capacity of the DynamoDB table
AWS services as targets for CloudWatch Events - Answer- · Amazon EC2 instances
· AWS Lambda functions
· Streams in Amazon Kinesis Streams
· Delivery streams in Amazon Kinesis Firehose
· Amazon ECS tasks
· SSM Run Command
· SSM Automation
· Step Functions state machines
· Pipelines in AWS CodePipeline
· Amazon Inspector assessment templates
· Amazon SNS topics
· Amazon SQS queues
· Built-in targets
· The default event bus of another AWS account
How to control the application version limit in Elastic beanstalk? - AnswerDeploying applications to Elastic Beanstalk - Answer- When you use the AWS
Elastic Beanstalk console to deploy a new application or an application version, you'll
need to upload a source bundle. Your source bundle must meet the following
requirements:
· Consist of a single ZIP file or WAR file (you can include multiple WAR files inside
your ZIP file)
· Not exceed 512 MB
· Not include a parent folder or top-level directory (subdirectories are fine)
Autoscaling Group changing smaller instances to larger instance types. - AnswerCreate a new launch configuration with the new instance type and update your
Autoscaling Group.
Elastic Load balancer time intervals access logs get produced - Answer- 5 minutes
or 60 minutes..... [Show Less]