AWS DevOps Engineer Professional Final Exam Study Guide 2022 with complete solution

Document Content and Description Below

AWS DevOps Engineer Professional Final Exam Study Guide 2022 with complete solution Continuous Integration .>>Development practice that requires devs to push code to a repo often. A tester/builder ... checks the code as soon as it is published which allows devs to receive feedback faster. This allows devs to focus on writing code rather than running and waiting for tests to build & compile. Continuous Delivery .>>Development practice that ensures software can be released reliably whenever needed. This ensures frequent as well as quick deployments. Most of the deployment is automated but may involve a manual approval step. (semi automation) Continuous Deployment .>>A set of practices that enable every change that passes automated tests to be automatically deployed to production with no need for manual intervention (full automation). branch, pull .>>GIT best practices dictate that if you have NEW changes to make to a code base, you should utilize a _______ rather than a new repository. You can then create _____ requests then merge into master. IAM Policy With Explicit Deny .>>In AWS, how do you protect pushes/merges from unauthorized users to the master branch (using Code Commit). T .>>T/F: Code Commit contains several triggers and configurable notifications that can call SNS topics and Lambda functions in response to various activity within your repository. AWS Code Build .>>A fully managed build service that is continuously scaling. It leverages docker under the hood and is secured through compatibility with AWS KMS, VPC's, and AWS Cloudtrail. 5 minutes, 8 hours .>>The minimum timeout for AWS Code Build? The maximum timeout for AWS Code Build? buildspec.yml .>>A collection of build commands and related settings, in YAML format, that CodeBuild uses to run a build. env .>>This optional parameter of the buildspec.yml file allows for variable declaration, parameter-store, exported variables, secrets-manager, et.al. phases .>>This parameter of the buildspec.yml file allows you to designate commands that will occur during the install, pre_build, build, and post_build stages of the build/test.artifacts .>>This parameter of the buildspec.yml file allows you to save various files after a build is done (S3). cache .>>This parameter of the buildspec.yml file is used to store files which can speed up deployment during subsequent builds/tests. finally .>>This parameter of the buildspec.yml file will allow you to designate commands to run even if prior commands fail. override .>>You can specify env variables in buildspec.yml OR you can add them as environment variables ___________ when configuring a new build operation (from the console). Parameter Store, Secrets manager .>>What two services can you utilize/integrate with your code build deployment to encrypt your environment variables during a build? T .>>T/F: Code Build allows you to encrypt artifacts before your upload them to S3 (natively within Code Build) Cloudwatch Logs .>>How can you view your previous Code Build history if the docker container that was spun up to build your application has been terminated post-build? T .>>T/F: You can utilize pre-built dashboards, create your own, and view metrics related to your Code Build deployments. CloudWatch Events .>>Using this service, you can trigger code build at certain fixed intervals OR trigger a build in response to certain actions (i.e. code commit push) Code Deploy .>>A fully managed deployment service that automates software deployments to a variety of compute services such as Amazon EC2, AWS Fargate, AWS Lambda, and your on-premises servers. Code Deploy Agent .>>In order for EC2/On-premise server to work with Code Deploy, what must each instance have? F: only works for EC2 .>>T/F: Blue/Green deployment works for both EC2 and on-prem T .>>T/F: Code Deploy does NOT provision resources (i.e. EC2 instances/lambda functions) Tags .>>You can utilize ____ with deployment groups to separate your different environment types (for example) within a Code Deploy deployment. In-Place .>>This type of Code Deploy deployment updates existing applications directly (may result in down time).Blue/Green .>>This type of Code Deploy deployment replaces existing instances with new or pre-existing instances. This requires an autoscaling group (or manually provisioned instances) OR a load balancer. T .>>T/F: There is NO direct integration between Code Deploy and Cloudwatch Logs. You would need to ensure the Code Deploy & Cloudwatch Logs agents are installed. triggers .>>To directly connect Code Deploy with (for example) an SNS topic, you can utilize _______. Manual .>>Rollback that occurs if a Code Deploy automatic rollback is not enabled. This simply allows you to rollback by redeploying the previous version/revision. deployment failure, alarm threshold met .>>What are the two automatic rollback options within Code Deploy? root directory .>>Where must the buildspec.yml file be placed by default (if you include it as part of the source code)? one .>>You can specify only ____ buildspec for a build project, regardless of the buildspec file's name. APPLICATION_NAME .>>The name of the application in CodeDeploy that is part of the current deployment (for example, WordPress_App). (Hooks environment variable) DEPLOYMENT_ID .>>The ID CodeDeploy has assigned to the current deployment (for example, d-AB1CDEF23). (Hooks environment variable) DEPLOYMENT_GROUP_NAME .>>The name of the deployment group in CodeDeploy that is part of the current deployment (for example, WordPress_DepGroup). (Hooks environment variable) DEPLOYMENT_GROUP_ID .>>The ID of the deployment group in CodeDeploy that is part of the current deployment (for example, b1a2189b-dd90-4ef5-8f40- 4c1c5EXAMPLE). (Hooks environment variable) LIFECYCLE_EVENT .>>The name of the current deployment lifecycle event (for example, AfterInstall). (Hooks environment variable) Code Deploy .>>Tagging on-premise instances are only required/applicable for what AWS Service? IAM .>>To register on-premise instances for Code Deploy, you MUST use ______ to authenticate. IAM UserIAM Role .>>What are the two ARN options used to authenticate requests with AWS Code Deploy for on-premise instances? small .>>IAM user ARN for authenticating requests for Code Deploy is useful for ______ number of instances. This is due to the administrative burden of having to create an IAM user per instance. sts, large .>>IAM role ARN for authenticating requests for Code Deploy utilizes _____ to generate temporary credentials. It is more secure and is recommended for ________ number of instances. shift traffic .>>With Code Deploy for Lambda, it allows you to _______ _______ from an existing lambda function(s) to the newly deployed version(s) with various deployment settings. Linear .>>Code Deploy deployment setting in which traffic is shifted in equal increments with an equal number of minutes in between each increment. (Gradual shift) Canary .>>Code Deployment deployment settting in which traffic is shifted in TWO increments. You choose a predefined option that specify the percentage of traffic shifted to lambda in the first increment, interval in mins in between, then the remaining percentage of traffic is shifted in the second increment. (One then all shift) Start Before Allow Traffic (hook) Allow Traffic After Allow Traffic (hook) End .>>What are the steps for Lambda Code Deploy appspec.yml file and identify the hooks. central, new .>>When you initially set up your Code Pipeline, you can select your artifact store to use a _______ S3 bucket (re-use) or a default bucket which will create a ______ bucket per pipeline. T .>>T/F: You must create 1 Pipeline PER branch in your Git Repo/Code Commit repo. Cloudwatch Events (auto-trigger pipeline when change event occurs i.e. code source updated) Code Pipeline (periodically check for changes itself) .>>What are the two options for change detection in Code Pipeline? Explain them. F (You can select any region outside of where you defined your Pipeline for various stages and their action groups) .>>T/F: It is NOT possible to use code pipeline in a different region than where you would like to deploy/test your code in various stages.Stages .>>Code Pipeline _______ contain action groups that can execute steps in parallel or sequential order. AWS Managed, customer managed .>>In the Code Pipeline setup configuration, you can choose to use a default ______ ______ key or a custom _____ _______ key from KMS (that you created) for the encryption settings. Artifacts .>>_________ (stored in S3) allow Code Pipeline to pass data between services in each stage and their corresponding action group actions. S3 .>>__ is the backbone of Code Pipeline. Each Pipeline execution will interact with this service many times. (Read from and write data there) Manual Approval .>>You can add _______ _______ action(s) to various stages in a Code Pipeline to require various approvals before the subsequent action is executed (i.e. Continuous Delivery) runOrder .>>You can utilize the _________ parameter in Code Pipeline to dictate the order of actions within your stages in an execution. higher .>>A ______ runOrder value indicates that particular action will run after another previous action. (i.e runOrder = 5 will run after runOrder = 4) equal .>>Two actions with _______ runOrder values will execute in parallel. T .>>T/F: A Code Pipeline action group within a stage can have multiple "mixed and matched" parallel and sequential actions. PutJobSuccessResult, PutJobFailureResult .>>In order to use Lambda custom action jobs with CodePipeline, you must include what two API calls? continuationToken .>>token generated by a job worker (such as an AWS CodeDeploy deployment or Code Pipeline action) that a successful job provides to identify the running instance of the action. T .>>T/F: You need the continuationToken in order to be able to obtain a result form the PutJobSuccess API call for Lambda with CodePipeline. AWS Code Star .>>An all in one (AIO) integrated development environment for your application. It integrates with many AWS and 3rd party dev tools. template.yml .>>To modify/customize/configure your Code Star deployment, you must edit the _________ file.Jenkins .>>Open sources CI/CD tool which can be used to replace CodeBuild, CodePipeline, and CodeDeploy and integrate into Code Pipeline as well. It must be managed in a master slave configuration and is deployed on EC2. CloudFormation .>>Service which uses declarative programming languages to create AWS infrastructure as code. Resources .>>What is the only mandatory/required section of a CloudFormation template? cloud_init_output.log .>>The CloudFormation User Data logs are stored in /var/log/______? cfn-init .>>CloudFormation feature which helps make complex EC2 configurations more user readable with various prebuilt key-value pairs cfn-init.log .>>The CloudFormation cfn-init log file is stored in /var/log/____? cfn-signal .>>This CloudFormation feature paired with a Wait Condition will tell the CF stack to wait and either fail or succeed based on the signal sent back to CF. Creation Policy .>>This CloudFormation key dictates how many cfn-signals to look out for and how long to wait. rollback .>>By default, CloudFormation will automatically __________ stack(s) upon failure. ROLLBack, DO_NOTHING, DELETE .>>What are the three options for the OnFailure CloudFormation rollback control switch? Parent .>>For nested stacks, you always update the _____ stack to make changes to the child stacks. Change Sets .>>This feature of CF tells you what changes will occur to the stack before execution. Deletion Policy .>>This feature of CF controls what happens to a resource when a CF template is deleted. Retain, Snapshot .>>What are the two options for Deletion Policies for resources in CF? Termination Protection .>>This feature of CF prevents accidental deletes for CF stacks themselves.central .>>One value of using SSM Parameter store to reference parameter values is that it provides a ________ location to store values referenced by (potentially) hundreds of templates. This way, you only need to update SSM and not the individual templates. T .>>T/F: You can leverage AWS public SSM Parameters such as the latest ami-id for a specific OS. Inline code, zipped code from s3 .>>What are the two methods for deploying Lambda functions via CloudFormation? bucket name, object key .>>What two parameters do you need in order to reference the zipped code in s3 to deploy Lambda via CloudFormation? T .>>T/F: You can add references to different Lambda versions uploaded to S3 when deploying/updating Lambda functions via CloudFormation. Custom Resources .>>This CF feature enables you to write custom provisioning logic in templates that AWS CloudFormation runs anytime you create, update, or delete the stack. Drift Detection .>>Feature of CF that allows you to detect manual changes to any resources deployed in the original stack. It must be manually enabled and cannot revert changes (only for monitoring changes) Update Rollback Failed .>>What CF Error code requires manual intervention and is usually the result of a resource being manually deleted, service limit reached, or a dependent resource cannot return to its original state. InsufficientCapabilitiesException .>>Error message that indicates CloudFormation has not been provided the necessary capabilities to provision IAM resources. cfn-hup .>>CloudFormation feature that detects changes in a resource's metadata and runs user-specified actions when a change is detected 15 .>>The default interval at which cfn-hub checks for changes in the resource meta data is _____ minutes. Stack Policy .>>JSON policy document that can be included/uploaded with your CloudFormation template which controls which resources within your stack can be updated. T .>>T/F: When you modify/change a stack policy when updated a CloudFormation template, the stack policy is modified only for that one instance.Saved Configuration .>>Elastic Beanstalk _______ ________ provide an easy way to back up and propagate your EB config settings across applications and regions. It also allows you to deploy different settings to varying applications. non-default .>>Elastic Beanstalk saved configurations only preserve _____-_______ settings when you save an application's configuration settings. T .>>T/F: Elastic Beanstalk saved configurations also preserve user specified environment variables. .ebextensions, .config .>>Another way to configure application settings in Elastic Beanstalk is to use a ___________ directory. Within this directory, you can utilize ________ files (written in YAML) to define application and environment configuration settings. root .>>Where in the directory structure is an Elastic Beanstalk's .ebextensions directory placed? eb deploy .>>What is the CLI command to deploy your current source code to the Elastic Beanstalk environment? 1. Settings directly applied to environment 2. Saved Configurations 3. Config files (.ebextensions) 4. Default Values .>>What is the Elastic Beanstalk configuration type precedence order? (default values, saved configurations, config files, settings directly applied to environment) CloudFormation .>>At its core, Elastic Beanstalk and its subsequent applications deployments are run by which AWS Service? T .>>T/F: You can use .config files in Elastic Beanstalk to define resources using CloudFormation syntax in your .ebextensions configurations. option_settings .>>You can use this key within a .config files in .ebextensions to assign environment variables to your application. Inside Environment (quick, for dev, single deployment) Outside Environment (preserves data, for prod) .>>What are the two options for provisioning your database with Elastic Beanstalk and the use cases for each? commands .>>You can use the ________ key to execute commands before the application and web server are set up and the application version file is extracted (Elastic Beanstalk).container_commands .>>The ___________commands key allows you to execute commands that affect your application source code. These commands run after the application and web server have been set up and the application version archive has been extracted but BEFORE the application is deployed (Elastic Beanstalk) leader_only .>>Within the container_commands key, you can use the __________ __________ parameter (bool) to only execute commands during environment creation and deployments. Conversely, other container_commands and commands execute each time an instance is provisioned or updated. Application Version Lifecycle .>>This feature of the application version in Elastic Beanstalk makes it easy to automatically maintain your application version history to avoid reaching the limit. All At Once .>>Elastic Beanstalk deployment option which is the fastest. It deploys your application all in one go but results in downtime and the inability for your app to serve traffic for some time. Rolling .>>Elastic Beanstalk deployment option which updates a group of instances at a time (referred to as a "bucket"). As the initial bucket is reporting healthy, the update then moves on to the next bucket(s). Rolling with additional batches .>>Elastic Beanstalk deployment option which is similar to rolling, but spins up new instances to move the batches to. This allows the old application to still serve traffic, albeit at lower capacity. Immutable .>>Elastic Beanstalk deployment option which spins up new instances in a new auto-scaling group, deploys the new version to these instances, and then swaps pointers to point to the new autoscaling group. If the new instances don't pass health checks, Elastic Beanstalk terminates them, leaving the original instances untouched. Blue/Green .>>Elastic Beanstalk deployment option (not a direct feature of EB) which creates a new stage environment in EB and deploys the new version of the application there. It the uses a Route53 weighted routing policy to point traffic to the new instances. Name the two primary ways of implementing a blue/green deployment strategy for your Elastic Beanstalk application environments. .>>Swap URL, Route 53 (weighted routing policy) Web Server Worker .>>What are the only two environment tier options in Elastic Beanstalk? Worker .>>The ________ environment in Elastic Beanstalk is useful for applications that need to process long-running workloads on demand or perform tasks on a running scheduleSQS Queue .>>The Worker environment in Elastic Beanstalk utilizes ______ _______ to poll for work to perform. cron.yaml .>>You can use the ______._____ configuration file in the worker environment in Elastic Beanstalk to define tasks that can be performed on a schedule within the environment. Dockerrun.aws.json .>>For advanced Multi-Docker integration in Elastic Beanstalk, you must configure this JSON file to customize your Environment. 15 minutes .>>What is the upper bound execution duration limit for Lambda functions? ALB, API Gateway .>>What are the two Lambda integration triggers that can be used to provide an HTTP endpoint that can trigger your lambda function(s)? mutable .>>The $LATEST version of a lambda function is always ______ (can be modified) immutable .>>The published versions of lambda functions are always ______ (cannot be modified) Aliases .>>You can utilize Lambda _______ to point to different Lambda versions. You can also utilize the built in percentage and weight distribution to slowly direct traffic to new versions. template.yml .>>The most important file in the Lambda SAM directory. It defines resources within the file which is then transformed to full-fledged CloudFormation by SAM when you deploy your application. basic, cloudformation template .>>The premise of SAM is to be able to create a simple application with a very _____ template.yml file defining the resources which will then be automatically processed and outputted as a full _______ ______ upon deployment. app.py .>>In SAM, this important file which comes with the initial SAM file structure contains Lambda handler logic (extension if you were using python). requirements.txt .>>In SAM, this important file with comes with the initial SAM file structure contains any dependencies that the application requires and is used for the "sam build" execution. CodeDeploy, gradual .>>You can use SAM and the built-in _______________ support for ________ lambda deployments. Edge Optimized .>>This API Gateway endpoint is best for g [Show More]

Last updated: 3 years ago

Preview 1 out of 24 pages