Tutorials Dojo Flashcards
(12 cards)
To trigger a Lambda function after a CF stack is in the UPDATE_COMPLETE status, what should you do?
Trigger the Lambda Function via an Amazon EventBridge rule that captures the UPDATE_COMPLETE status event for the CloudFormation stack
During a deployment, if the latency of the service increases more than the defined threshold then the deployment should be halted until the service has been fully recovered. How?
Calculate the average latency using Amazon CloudWatch metrics that monitors the Application Load Balancer. Associate a CloudWatch alarm with the CodeDeploy deployment group. When latency increases beyond the defined threshold, it will automatically trigger an alarm that automatically stops the on-going deployment.
How do you configure Amazon Route 53 to automatically route to an alternate endpoint when the primary application stack experiences an outage or degradation of service?
Set up health checks in Route 53 for non-alias records to each service endpoint. Configure the network access control list and the route table to allow Route 53 to send requests to the endpoints specified in the health checks.
Use a Failover routing policy configuration. Set up alias records in Route 53 that route traffic to AWS resources. Set the Evaluate Target Health option to Yes, then create all of the required non-alias records.
Are there custom environment variables in CodeDeploy?
Nope
In CodeDeploy, change a configuration dynamically when the deployment occurs by what method?
Develop a custom shell script that uses the DEPLOYMENT_GROUP_NAME environment variable in CodeDeploy to identify which deployment group the Amazon EC2 instance is associated with. In the appspec.yml config file, add a reference to this script as part of the Beforelnstall lifecycle hook. Configure the log level settings of the instance based on the result of the script.
Consistent and fast experience for all your users around the world using a Lambda function
Lambda@Edge
Amazon API Gateway with an Edge-optimized API endpoint
just a default hostname in API Gateway that is deployed to the specified region while using a CloudFront distribution to facilitate client access
Using a third-party payment service to handle and process credit card payments on their platform. The application is hosted EC2 instances, which are launched in private subnets behind an internal-facing Application Load Balancer. The system must connect to an external payment service over the Internet to complete the transactions.
A. Using a NAT Gateway, route credit card payment requests from the EC2 instances to the external payment service. Associate an Elastic IP address to the NAT Gateway. Update the route table associated with one or more of your private subnets to point Internet-bound traffic to the NAT gateway.
B. In the Security Group, whitelist the Public IP of the Internet Gateway. Route the user payment requests through the Internet Gateway. Update the route table associated with one or more of your private subnets to point Internet-bound traffic to the Internet Gateway.
A
A resource that enables instances in a private subnet to connect to the Internet or other AWS services, but prevent the Internet from initiating a connection with those instances
network address translation (NAT) gateway
automatically recover impaired EC2 instances
EC2Rescue
hybrid deployment (both on-premises application servers and On-Demand EC2 instances)
The application instances require secure access to database credentials, which must be encrypted both at rest and in transit.
A. Using AWS Systems Manager Parameter Store, upload and manage the database credentials with a Secure String data type. Create an IAM role that allows access and decryption of the database credentials. Associate this role to all the Amazon EC2 instances. Upload the application in AWS Elastic Beanstalk with a Node.js platform configuration and deploy the application revisions to both on-premises servers and EC2 instances using blue/green deployment.
B. Using AWS Systems Manager Parameter Store, upload and manage the database credentials with a Secure String data type. Create an IAM Policy that allows access and decryption of the database credentials. Attach the IAM policy to the instance profile for CodeDeploy-managed instances as well as to the on-premises instances using the register-on-premises-instance command. Deploy the application packages to the EC2 instances and on-premises servers using AWS CodeDeploy.
C. Using AWS Systems Manager Parameter Store, upload and manage the database credentials with a Secure String data type. Create an IAM role with an attached policy that allows access and decryption of the database credentials. Attach this role to the instance profile of the CodeDeploy-managed instances as well as to the on-premises instances using the register-on-premises-instance command. Deploy the application packages to the EC2 instances and on-premises servers using AWS CodeDeploy.
C
