











Study with the several resources on Docsity
Earn points by helping other students or get them with a premium plan
Prepare for your exams
Study with the several resources on Docsity
Earn points to download
Earn points by helping other students or get them with a premium plan
AWS CERTIFIED DEVOPS ENGINEER PROFESSIONAL TEST [SOFTWARE ENGINEERING] QUESTIONS WITH CORRECT ANSWERS
Typology: Exams
1 / 19
This page cannot be seen from the preview
Don't miss anything!












Why don't we use CodeCommit to store/version large files, database, backups, many number of branches?--ANS--Git repositories grow larger over time and getting slower.
The ways to clone and using CodeCommit repos? (2)--ANS--1. HTTPS users using Git credentials.
How to Configure notifications for events in an AWS CodeCommit repository?--ANS--Create notifications rule to send to SNS.
How build notifications are sent?--ANS--Codebuild – > Cloudwatch
Why do we need to enable caching for AWS CodeBuild?--ANS-- Downloading dependencies is a critical phase in the build process. These dependent files can range in size from a few KBs to multiple MBs. Because most of the dependent files do not change frequently between builds, you can noticeably reduce your build time by caching dependencies.
What do we do with CloudWatch alarms for Codebuild?--ANS-- You can specify any of the actions supported by CloudWatch
when a threshold is exceeded. For example, you can specify that an Amazon SNS notification is sent when more than three builds in your account fail within fifteen minutes.
Deployment types of CodeDeploy?--ANS--1. In–place deployment.
How blue/green deployment works for AWS Lambda or Amazon ECS compute platform with CodeDeploy?--ANS-- Traffic is shifted in increments according to a canary, linear, or all–at–once deployment configuration.
Which 2 compute services CodeDeploy does not support with In–place deployment?--ANS--Lambda and ECS.
What areCodeDeploy primary components?--ANS--1. Application.2. Compute platform.
the first time?--ANS--– CloudFormation uploads it to an S bucket in your AWS account.
How can we specific our own buckets for CloudFormation?--ANS-- Whenever you create or update a stack, specify the Amazon S URL of a template file.
What is the fee for CloudFormation?--ANS--AWS CloudFormation is a free service; however, you are charged for the AWS resources you include in your stacks at the current rates for each.
The required sections in CloudFormation template?--ANS--
Resources section is the only one. What are six top–level sections
of CloudFormation?--ANS--1. AWSTemplateFormatVersion.
What if we don't provide default values for CloudFormation stack parameters?--ANS--We need to input it during the stack creation.
How can we monitor the progress of stack creation? and what are the statuses and how can we view the root cause of failings?-
How CloudFormation controls resource references and what happens when stack creation failed?--ANS--1. CloudFormation controls the resource references automatically.
Usage:
!Base64 valueToEncode
What is Fn::Base64 in CloudFormation? How to use?--ANS--The intrinsic function Fn::GetAZs returns an array that lists Availability Zones for a specified region in alphabetical order.
Usage:
!GetAZs region
What is Fn::Join in CloudFormation? How to use?--ANS--The intrinsic function Fn::Join appends a set of values into a single value, separated by the specified delimiter. If a delimiter is the empty string, the set of values are concatenated with no delimiter.
Usage:
!Join [ delimiter, [ comma–delimited list of values ] ]
How the CloudFormation's Parameters section looks like?--ANS--https://images.cram.com/images/upload- flashcard/73/10/83/36731083_m.png
What is NoEcho in CloudFormation?--ANS--If you set the NoEcho attribute to true, CloudFormation returns the parameter value masked as asterisks (*****) for any calls that describe the stack or stack events.
Which sections NoEcho does not mask?--ANS--1. Metadata section.
How to reference the params store in AWS Systems Manager Parameter Store or AWS Secrets Manager from CloudFormation?--ANS--Using Dynamic parameters.
The structure of Outputs object?--ANS--Each output value has a name, a Value attribute that contains declaration of the value returned as the output value, and optionally a description of the value:--ANS--https://images.cram.com/images/upload- flashcard/73/11/96/36731196_m.png
What is cfn–hup daemon and why it is important?--ANS--The cfn–hup helper is a daemon that detects changes in resource metadata and runs user–specified actions when a change is detected. This allows you to make configuration updates on your running Amazon EC2 instances through the UpdateStack API action.
property and hence creating a new physical resource" and UPDATE_CLEANUP?--ANS--After the new instance is running, AWS CloudFormation updates the other resources in the stack to point to the new resource. When all new resources are created, the old resource is deleted
What should be done to update EC2 in ASG belong to existing cloudformation stack?--ANS--With Auto Scaling resources, the configuration of the Amazon EC2 instances, such as the instance type or the AMI ID is encapsulated in the Auto Scaling launch configuration. You can make changes to the launch configuration in the same way as we made changes to the Amazon EC instance resources in the previous sections.
However, changing the launch configuration doesn't impact any of the running Amazon EC2 instances in the Auto Scaling group. An updated launch configuration applies only to new instances that are created after the update.
If you want to propagate the change to your launch configuration across all the instances in your Auto Scaling group, you can use an update attribute.
What is view only CloudFormation stack permission looks like?--ANS-- https://images.cram.com/images/upload- flashcard/73/19/74/36731974_m.png
What are the differences regrading permission while using cloudformation with API vs Console?
Example A sample policy that denies the delete and update stack actions for the specific stack?
What is the scope of the trail in CloudTrail once enabled and where is the destination for logs?--ANS--It will be applied to all regions and the logs will be delivered to S3.
Differences between input parameter key names vs Parameter values in Cloudtrail log?--ANS--Only the input parameter keys are logged.
What should be care if we use # comments in YAML format of Cloudformation template? Why?--ANS--No, it would be lost if we convert to JSON or using CF designer.
When can we update metadata section in CF template?--ANS-- During a stack update, you cannot update the Metadata section by itself. You can update it only when you include changes that add, modify, or delete resources.
Security best practice for Metadata section?--ANS-- CloudFormation does not transform, modify, or redact any information you include in the Metadata section. Because of this, we strongly recommend you do not use this section to store sensitive information, such as passwords or secrets.
List the AWS CloudFormation–specific metadata keys
{{resolve:secretsmanager:secret–id:secret–string:json– key:version–stage:version–id}}
What we need to take care for creating nested stacks CF?--ANS-- Ensure that your S3 bucket contains the necessary files and directories.
Is bucket created by CF encrypted?--ANS--By default, it's server– side encryption enabled.
How AWS–specific parameter types displayed during CF creation? Which resource types are not supported to be displayed like that?--ANS--Dropdown values to be selected. AWS::EC2::Image::Id is not supported.
What is stack failure options and explain about that?--ANS--– Roll back all stack resources: Roll back all resources specified in the template when the stack status is CREATE_FAILED or UPDATE_FAILED.
failed resources will stay in a failed state until the next update operation is performed.
Failed resources to the last known stable state. Failed resources will be in an UPDATE_FAILED state. Resources without a last known stable state will be deleted upon the next stack operation.
What is stack policy in CF?--ANS--Defines the resources that you want to protect from unintentional updates during a stack update. By default, all resources can be updated during a stack update.
How rollback configuration works in CF?--ANS--Specify the CloudWatch alarms that CloudFormation should monitor. If any of the alarms goes to ALARM state during the stack operation or the monitoring period, CloudFormation rolls back the entire stack operation
What is notification options in CF?--ANS--You can specify a new or existing Amazon Simple Notification Service topic where notifications about stack events are sent.
Stack creation options that only available for creation?--ANS--Stack creation timeout.
How creating change sets from existing stack works?-
What happen with rollback configuration if we set a monitoring time of 0 minutes?--ANS--CF still monitors the rollback triggers during stack creation and update operations and rolls back the operation if an alarm goes to ALARM state. Then, for update operations with no breaching
What is the status of nested stack during main stack deleting?-- ANS--The delete operation for change sets for nested stacks is asynchronous and will show a DELETE_PENDING status, followed by a DELETE_IN_PROGRESS status. Upon completion of the delete change set operation, the change sets will be removed from the list. Nested stacks in the REVIEW_IN_PROGRESS status will also be deleted if they were created during the change set creation.
What is Replacement in change set?--ANS--Indicate that the resource will be replaced once change set executed.
Can we cancel the CF stack update if the status is UPDATE_IN_PROGRESS?--ANS--Yes.
What if CF want to remove/replace existing old resources with no permission?--ANS-- https://images.cram.com/images/upload- flashcard/80/49/64/36804964_m.png
What happens if we cancel the stack update?--ANS--The stack is rolled back to the stack configuration that existed before initiating the stack update.
What is CF StackSets diagram?--ANS-- https://images.cram.com/images/upload- flashcard/83/20/77/36832077_m.png
How many permission models for stack sets?--ANS--self– managed permissions or service–managed permissions.
Stack instances diagram?--ANS-- https://images.cram.com/images/upload- flashcard/83/20/87/36832087_m.png
How many stack set operations? Briefly explain?--ANS--–Create stack set: Consistent deployments across all accounts/regions.
How maximum concurrent accounts works in CF stack set operation?--ANS--Lets you specify the maximum number OR percentage of target accounts in which an operation performs at one time. In one region at a time, in the order specified in the Deployment order box.
What would happens if you are deploying stacks to 10 target accounts within two Regions, setting Maximum concurrent accounts to 50 and By percentage?--ANS--Deploys stacks to five accounts in the first Region, then the second five accounts within the first Region, before moving on to the next Region and beginning deployment to the first five target accounts.
permission to create stack set? How to modify/delete those roles?--ANS--CloudFormationStackSetsOrgAdmin (can be modified if AWS Organizations is disabled) and CloudFormationStackSetsOrgMember (can be modified if AWS Organizations is disabled, or if the account is removed from OU).
Where stack sets can send event to?--ANS--EventBridge.