AWS Developer Prep

Tricky Nasty Sneaky Questions

Benefits of using Fargate Launch Type over EC2 Launch Type

Elastic IP address

AutoScaling Group access to CloudWatch

placementStrategy to distribute request evenly using spread

visibility timeout in SQS

About CodeDeploy

Meet AWS CodeStar

Memcached vs Redis

Stateful Web Service to AWS, what options do we have?

Did you know that you could write code inside CloudFormation Templates?

CodeCommit permissions

AWS X-Ray SDK intrumentation

AppSpec.yml or buildSpec.yml know the difference

Tricky Order of hooks depends on whether you are deploying to EC2 or ECS

S3 object keys

Read the question carefully, it says managed service

Read the question carefully, it says on-prem server connecting to AWS services

Service Control Policies (SCPs) have you heard of them?

This is what we do to our accounts!!

ECS Task Definitions

Concept of User Pools in Cognito

SAM question again for Serverless

Read Replicas or Elastic Cache to improve read performance

Linear deployment option

Spread or Random for Task placement?

Read the question carefully, it says only web and app tiers

Read-replicas Multi-Region AZ blah blah blah

Session data in ElasticCache or ELB?

SQS questions are tricky

S3 CRR

Data Engineer Questions

Increase the shard count

Ugly Security Questions

Should you terminate SSL at ELB or not?

Order in which Security is applied

What is this AWS credential provider?:

GetSessionToken API

sts:AssumeRole

IAM flow chart

  • CORRECT: “There is another policy attached to the IAM role that allows access” is a correct answer.

  • CORRECT: “A resource-based policy attached to the S3 bucket is allowing access” is also a correct answer.

  • INCORRECT: “The evaluation logic checked the IAM user identity-based policy and found an allow” is incorrect as the EC2 instance is using a role, not a user account.

  • INCORRECT: “IAM is eventually consistent, the changes may not have synchronized yet” is incorrect. Yes, IAM is eventually consistent however the question states that the changes were made a few hours ago which is ample time for IAM to synchronize.

  • INCORRECT: “It is not possible to restrict access to multiple buckets from a single policy” is incorrect. This is not true; you can certainly do this using multiple resources in the policy.

Bucket Policy: SEPAR SID, Effect, Principal, Affect, Resource

IAM policy condition statements

Don’t confuse what KMS does