質問 # 128 An ecommerce company is receiving reports that its order history page is experiencing delays in reflecting the processing status of orders. The order processing system consists of an AWS Lambda function using reserved concurrency. The Lambda function processes order messages from an Amazon SQS queue and inserts processed orders into an Amazon DynamoDB table. The DynamoDB table has Auto Scaling enabled for read and write capacity. Which actions will diagnose and resolve the delay? (Select TWO.)
A. Check the Throttles metric for the Lambda function and increase the Lambda function timeout.
B. Check the ApproximateAgeOfOldestMessage metric for the SQS queue and increase the Lambda function concurrency limit.
C. Check the ThrottledWriteRequests metric for the DynamoDB table and increase the maximum write capacity units for the table's Auto Scaling policy.
D. Check the ApproximateAgeOfOldestMessage metric for the SQS queue and configure a redrive policy on the SQS queue.
E. Check the NumberOfMessagesSent metric for the SQS queue and increase the SQS queue visibility timeout.
正解:B、D 質問 # 129 A company is using an AWS CodeBuild project to build and package an application. The packages are copied to a shared Amazon S3 bucket before being deployed across multiple AWS accounts. The buildspec.yml file contains the following:
The DevOps Engineer has noticed that anybody with an AWS account is able to download the artifacts. What steps should the DevOps Engineer take to stop this?
A. Modify the post_build command to remove --acl authenticated-readand configure a bucket policy that allows read access to the relevant AWS accounts only.
B. Create an S3 bucket policy that grants read access to the relevant AWS accounts and denies read access to the principal "*"
C. Configure a default ACL for the S3 bucket that defines the set of authenticated users as the relevant AWS accounts only and grants read-only access.
D. Modify the post_buildto command to use --acl public-readand configure a bucket policy that grants read access to the relevant AWS accounts only.
正解:D
解説: Explanation/Reference: 質問 # 130 For AWS CloudFormation, which stack state refuses UpdateStack calls?
A. <code>UPDATE_COMPLETE</code>
B. <code>UPDATEROLLBACKFAILED</code>
C. <code>UPDATEROLLBACKCOMPLETE</code>
D. <code>CREATE_COMPLETE</code>
正解:B
解説: When a stack is in the UPDATEROLLBACKFAILED state, you can continue rolling it back to return it to a working state (to UPDATEROLLBACKCOMPLETE). You cannot update a stack that is in the UPDATEROLLBACKFAILED state. However, if you can continue to roll it back, you can return the stack to its original settings and try to update it again. http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks- continueu pdaterollback.html 質問 # 131 A rapidly growing company wants to scale for Developer demand for AWS development environments. Development environments are created manually in the AWS Management Console. The Networking team uses AWS CloudFormation to manage the networking infrastructure, exporting stack output values for the Amazon VPC and all subnets. The development environments have common standards, such as Application Load Balancers, Amazon EC2 Auto Scaling groups, security groups, and Amazon DynamoDB tables. To keep up with the demand, the DevOps Engineer wants to automate the creation of development environments. Because the infrastructure required to support the application is expected to grow, there must be a way to easily update the deployed infrastructure. CloudFormation will be used to create a template for the development environments. Which approach will meet these requirements and quickly provide consistent AWS environments for Developers?
A. Use Fn:ImportValue intrinsic functions in the Parameters section of the master template to retrieve Virtual Private Cloud (VPC) and subnet values. Define the development resources in the order they need to be created in the CloudFormation nested stacks. Use the CreateChangeSet and commands to update existing development environments. ExecuteChangeSet
B. Use nested stacks to define common infrastructure components. To access the exported values, use to reference the Networking team's template. To retrieve Virtual Private Cloud (VPC) TemplateURL and subnet values, use Fn::ImportValue intrinsic functions in the Parameters section of the master template. Use the CreateChangeSet and ExecuteChangeSet commands to update existing development environments.
C. Use nested stacks to define common infrastructure components. Use Fn::ImportValue intrinsic functions with the resources of the nested stack to retrieve Virtual Private Cloud (VPC) and subnet values. Use the CreateChangeSet and ExecuteChangeSet commands to update existing development environments.
D. Use Fn:ImportValue intrinsic functions in the Resources section of the template to retrieve Virtual Private Cloud (VPC) and subnet values. Use CloudFormation StackSets for the development environments, using the Count input parameter to indicate the number of environments needed. use the UpdateStackSet command to update existing development environments.
正解:D 質問 # 132 A DevOps Engineer is developing a deployment strategy that will allow for data-driven decisions before a feature is fully approved for general availability. The current deployment process uses AWS CloudFormation and blue/green-style deployments. The development team has decided that customers should be randomly assigned to groups, rather than using a set percentage, and redirects should be avoided. What process should be followed to implement the new deployment strategy?
A. Configure Amazon CloudFront with an AWS [email protected] function to set a cookie when CloudFront receives a request. Assign the user to a version A or B, then return the corresponding version to the viewer.
B. Configure Amazon CloudFront with an AWS [email protected] function to set a cookie when CloudFront receives a request. Assign the user to a version A or B, and configure the web server to redirect to version A or B.
C. Configure Amazon Route 53 with an AWS Lambda function to set a cookie when Amazon CloudFront receives a request. Assign the user to version A or B, then return the corresponding version to the viewer.
D. Configure Amazon Route 53 weighted records for the blue and green stacks, with 50% of traffic configured to route to each stack.