Exam 2 Flashcards Preview

AWS Developer > Exam 2 > Flashcards

Flashcards in Exam 2 Deck (19)
Loading flashcards...
1
Q

Which section of a CloudFormation template does not allow for conditions?

A

Parameters

2
Q

Describe how KMS Encryption works?

A
  • KMS stores the Customer Master Key
  • KMS receives data from client
  • KMS encrypts data and sends it back
3
Q

What must you ensure when using Exported Output Values in Cloudformation?

A

You must ensure that Exported Output Values have unique names within a single region.

4
Q

What service would you use if you would like to deploy an application to a Docker container in AWS?

A

ECS

5
Q

What record would you create to point a domain such as yourapp.3rdparty.com to a custom domain such as www.mydomain.com in Route53?

A

Create a CNAME record.

6
Q

If you create a Map of all the possible values for a base AMI for your EC2 instances, how should you invoke the !FindInMap function?

A

!FindInMap [ MapName, TopLevelKey, SecondLevelKey ]

7
Q

What service would you use to debug and trace data across accounts and visualize it in a centralized account?

A

X-Ray

8
Q

How do you control access to specific Lambda functions if they are all accessible via a publicly available API Gateway?

A

Use Lambda Authorizor which uses bearer token authentication strategies, such as OAuth or SAML. You have to create a Lambda function to implement this logic.

9
Q

If you enabled CloudWatch Logs for API Gateway but CloudWatch logs are not being written, what could be the cause?

A

You need to enable X-Ray intergration

10
Q

What is X-Ray sampling?

A

X-Ray SDK applies a sampling algorithm to determine which requests get traced

11
Q

How can you debug CodeBuild?

A

Run CodeBuild locally

12
Q

What service would you use to deploy new versions of your Lambda function and shift traffic to them?

A

CodeDeploy

13
Q

What service will help you with JWT handling and validation?

A

Cognito UserPools

14
Q

What does Cognito User Pool do?

A

After successfully authenticating a user, Amazon Cognito issues JSON web tokens (JWT) that you can use to secure and authorize access to your own APIs, or exchange for AWS credentials.

15
Q

What would you do if you need to perform many kinds of queries, using different attributes as query criteria in DynamoDB?

A

Create a GSI (Global Secondary Index)

16
Q

What should you do if SQS consumers take a long time to process messages and other consumers are receiving duplicate messages from the SQS queue?

A

Use ChangeMessageVisibility

17
Q

What service would you use if you want full control over deployment steps using blue-green deployment?

A

Code Deploy

18
Q

What service would you use to investigate why instances were terminated?

A

Cloudtrail

19
Q

What service would you use to control access to your API Gateway?

A

STS