CloudFront And Elastic Beanstalk

Question 1

What is CloudFront?

Answer 1

A CDN that improves content delivery using edge caching and integrates with Shield and WAF.

Question 2

What are CloudFront origins?

Answer 2

S3 Buckets, ALB, EC2, S3 website, or any HTTP backend.

Question 3

What is the difference between CloudFront and S3 Cross Region Replication?

Answer 3

CloudFront caches globally for performance; S3 CRR replicates objects for availability in multiple regions.

Question 4

What is a CloudFront Cache Key?

Answer 4

A unique identifier for cached objects, default is hostname + URL; can include headers, cookies, and query strings.

Already cached this exact req? y: serve from cache no: fwd to origin.

Question 5

What is a CloudFront Cache Policy?

Answer 5

A Cache Policy tells CloudFront what makes each request unique for caching purposes—customizing this is the key to balancing performance, accuracy, and cost.

Question 6

What are options for Cache Policy headers?

Answer 6

Use None for static content or Whitelist only for the headers that affect your content rendering; headers control caching performance.

Question 7

What are options for Cache Policy query strings?

Answer 7

None, Whitelist, Include All-Except, or All.

Question 8

What is an Origin Request Policy in CloudFront?

Answer 8

Defines headers, cookies, and query strings sent to origin but not used in caching.

Defines what gets forwarded to your origin when a viewer makes a request

Question 9

What is a CloudFront Invalidation?

Answer 9

You just updated a file, like index.html, but CloudFront is still serving the old cached version. Instead of waiting for the TTL to expire, you can force CloudFront to fetch the latest version from the origin.

Forces cache refresh before TTL expires using CreateInvalidation API.

Question 10

What is CloudFront Cache Behavior?

Answer 10

CloudFront Cache Behavior defines how CloudFront should handle requests for specific URL patterns in your distribution.

Different settings per URL path pattern, can route to different origins.

Question 11

What are CloudFront Geo Restrictions?

Answer 11

Restrict access by country using allowlists or blocklists based on Geo-IP.

Question 12

What are CloudFront Signed URLs and Cookies?

Answer 12

Allow restricted content delivery with custom access policy including expiration and IP filtering.

Question 13

When to use Signed URL vs Signed Cookie?

Answer 13

Control access to private content served through CloudFront — like protecting paid content, internal files, or personalized data. They allow you to grant temporary access to content only to authorized users.

Signed URL: one file; Signed Cookie: multiple files.

Question 14

How are Signed URLs verified?

Answer 14

CloudFront checks 3 things to validate a Signed URL.
Signature: Ensures the URL was signed with a trusted private key. Policy: Enforces expiration time, resource path, and optional IP/start time rules. Key Group: The signing key must belong to a trusted key group on the distribution

Question 15

What is CloudFront Pricing based on?

Answer 15

Edge location region; higher costs in more expensive regions.

Question 16

What are CloudFront Price Classes?

Answer 16

Price Classes: All, 200, and 100 reduce cost by limiting edge locations.

Question 17

What is CloudFront Multiple Origin routing?

Answer 17

Route to different backend origins (like S3, EC2, ALB, etc.) based on path patterns like /images/*.

Question 18

What is a CloudFront Origin Group?

Answer 18

Defines primary and secondary origins for failover.

Question 19

What is CloudFront Field-Level Encryption?

Answer 19

Encrypts sensitive fields in requests at the edge location using asymmetric encryption.

Question 20

What are CloudFront Real-Time Logs?

Answer 20

CloudFront Real-Time Logs let you stream detailed logs of every request made to your CloudFront distribution in near real time—useful for monitoring, debugging, and analytics.

Logs sent to Kinesis Data Streams with selectable fields and sample rate

Question 21

What is AWS Elastic Beanstalk?

Answer 21

A developer-centric service for deploying applications using familiar AWS components like EC2, ASG, and ELB.

Question 22

What AWS resources does Elastic Beanstalk manage?

Answer 22

EC2, ASG, ELB, RDS, scaling, load balancing, instance config, and health monitoring.

Question 23

What are the main components of Elastic Beanstalk?

Answer 23

Application, Application Version, and Environment.

Question 24

What are the Elastic Beanstalk environment tiers?

Answer 24

Web Server Environment Tier for applications that handle HTTP(S) requests directly, and Worker Environment Tier for background processing of tasks.

Question 25

Name three supported platforms in Elastic Beanstalk.

Answer 25

Java, Node.js, Python (and more like .NET, PHP, Ruby).

Question 26

What is a good Elastic Beanstalk deployment mode for development?

Answer 26

Single Instance.

Question 27

What is 'All at once' deployment mode?

Answer 27

Deploys all instances at once, causing downtime but fastest deployment.

Question 28

What is 'Rolling' deployment mode?

Answer 28

Updates a few instances at a time with no additional cost but some capacity loss.

Question 29

What is 'Rolling with additional batches' deployment mode?

Answer 29

Adds extra capacity temporarily to keep service available during deployment.

Question 30

What is 'Immutable' deployment mode?

Answer 30

Uses new instances for new version and swaps when healthy; zero downtime but high cost.

Question 31

What is Blue/Green deployment in Elastic Beanstalk?

Answer 31

Creates a new environment with the new version and swaps it in when ready.

Question 32

What is Traffic Splitting in Elastic Beanstalk?

Answer 32

Sends a percentage of traffic to a new version to test stability before full rollout.

Question 33

What CLI tool helps manage Elastic Beanstalk applications?

Answer 33

EB CLI.

Question 34

Name two EB CLI commands.

Answer 34

eb deploy, eb status (others include eb create, eb logs, eb terminate).

Question 35

What format is used in .ebextensions files?

Answer 35

YAML or JSON with .config extensions.

Question 36

Where are .ebextensions placed?

Answer 36

In the root directory of the application source code.

Question 37

How many versions does Elastic Beanstalk store by default?

Answer 37

Up to 1000 application versions.

Question 38

What is a Beanstalk lifecycle policy?

Answer 38

Removes old versions based on time or space to manage application versions.

Question 39

What is Elastic Beanstalk cloning?

Answer 39

Lets you create an exact duplicate of an existing environment, including its configuration and platform settings — it’s super useful for testing, debugging, or blue/green deployments.

Question 40

What service does Elastic Beanstalk use under the hood?

Answer 40

AWS CloudFormation.

Question 41

Why should you not use RDS provisioned by Elastic Beanstalk in production?

Answer 41

Because the database lifecycle is tied to the Beanstalk environment, so if you terminate the environment, the RDS instance is deleted as well

Question 42

How do you migrate Elastic Beanstalk environments with a different ELB type?

Answer 42

Create a new environment, deploy app, and swap DNS (CNAME/Route 53).

Question 43

How do you decouple RDS from an Elastic Beanstalk environment?

Answer 43

To decouple RDS from Elastic Beanstalk, create a DB snapshot, protect it from deletion, launch a new environment without RDS, point it to the existing DB, test, swap CNAMEs, and terminate the old environment.