Troubleshooting and Optimisation Flashcards
(43 cards)
Amazon X-ray annotations
- indexed key-value pairs that are used to filter traces
- designed to be used for querying X-Ray traces, enabling you to find traces that match specific conditions
- apply annotations to include important attributes such as user IDs, order IDs, account IDs, or any other attribute that you might want to quickly filter and search for during trace analysis
Amazon X-ray metadata
- used to store additional information that is not indexed and is more contextual than annotations
- key-value pairs that provide supplemental data to your traces and segments for more detailed analysis and debugging
Amazon Athena
interactive query service provided by Amazon Web Services (AWS) that allows you to analyze data directly in Amazon S3 using standard SQL
X-ray BatchGetTraces API
this API retrieves a list of traces specified by ID
Sampling Rules in the AWS X-Ray Console
sampling rules tell the X-Ray SDK how many requests to record for a set of criteria
X-ray GetTraceSummaries API
GetTraceSummaries operation retrieves IDs and annotations for traces available for a specified time frame using an optional filter
API Gateway Private Integrations
- makes it easier to expose your HTTP/HTTPS resources behind an Amazon VPC for access by clients outside of the VPC
- you can enable access to HTTP/HTTPS resources within a VPC without detailed knowledge of private network configurations or technology-specific appliances
AWS WAF
- web application firewall that lets you monitor the HTTP and HTTPS requests that are forwarded to an Amazon API Gateway API, Amazon CloudFront or an Application Load Balancer
- lets you control requests to your content (eg. allow all except x, block all except x)
Amazon GuardDuty
a threat detection service that continuously monitors malicious activity and unauthorized behavior to protect your AWS accounts and workloads
AWS Firewall Manager
simplifies your AWS WAF and AWS Shield Advanced administration and maintenance tasks across multiple accounts and resources
Network Access Control List
optional layer of security for your VPC that acts as a firewall for controlling traffic in and out of one or more subnets
CloudWatch vs Enhanced Monitoring Metrics for RDS
- CloudWatch gathers metrics about CPU utilization from the hypervisor for a DB instance, and Enhanced Monitoring gathers its metrics from an agent on the instance
- you might find differences between the measurements, because the hypervisor layer performs a small amount of work
VPC Flow Logs
- enables you to capture information about the IP traffic going to and from network interfaces in your VPC
- Flow log data can be published to Amazon CloudWatch Logs and Amazon S3
CloudTrail
- enables you to track and log all actions taken within your AWS environment
- includes API calls made through the AWS Management Console, AWS SDKs, command-line tools, and other AWS services
AWS Inspector
- automated security assessment service that helps improve the security and compliance of applications deployed on AWS
Amazon CloudWatch
- enables you to collect both system metrics and log files from AWS services
- take note that CloudWatch does not monitor the memory, swap, and disk space utilization of your instances
CloudWatch detailed monitoring for EC2
- sends metric data for your instance to CloudWatch in 1-minute periods instead of 5 minute periods
- does not include the memory utilisation
Which environment variables are used by AWS Lambda to facilitate communication with X-Ray?
- AWS_XRAY_CONTEXT_MISSING (x-ray sdk usis this to determine behaviour in the event your function tries to record X-ray data but tracing header is not available, LOG_ERROR by default)
- _X_AMZN_TRACE_ID (tracing header = contains sampling decision, trace ID, parent segment ID)
cron.yaml
You can define periodic tasks in a file named cron.yaml in your source bundle to add jobs to your worker environment’s queue automatically at a regular intervals
appspec.yml
- defines how the CodeDeploy deployment should proceed
- it specifies the deployment process, including which files should be deployed, where they should be deployed, and any scripts or hooks that should be executed during the deployment
env.yaml
this is primarily used to configure the environment name, solution stack, and environment links to use when creating your environment in Elastic Beanstalk.
Dockerrun.aws.json
primarily used in multi-container Docker environments that are hosted in Elastic Beanstalk
X-ray segment document
- JSON formatted string that contains information about the work that your application does in service of a request
- your application can record data about the work that it does itself in segments or work that uses downstream services and resources in subsegments
What is an X-ray segment?
- The compute resources running your application logic send data about their work as segments
- A segment provides the resource’s name, details about the request, and details about the work done