AWS Quiz 1
AWS Quiz 1
Answer these 5 simple questions on AWS and judge where you stand with your knowledge about this Cloud provider.
Congratulations - you have completed AWS Quiz 1.
You scored %%SCORE%% out of %%TOTAL%%.
Your performance has been rated as %%RATING%%
Your answers are highlighted below.
As a Solutions Architect you are designing a shared service for hosting containers from several customers on Amazon ECS. These containers will call several AWS services. However, a container from one customer should not be able access data from another customer. Which of the below solutions should you employ to satisfy this requirement?
IAM Instance profile for EC2 Instances
Security Group rules
IAM roles for tasks
IAM roles for EC2 Instances
Question 1 Explanation:
With IAM roles for Amazon ECS tasks, you can specify an IAM role to be used by the containers in a task. Applications are required to sign their AWS API requests with AWS credentials, and this feature provides a strategy to manage credentials for your application’s use. This is similar to how Amazon EC2 instance profiles provide credentials to EC2 instances.
You have been tasked with architecting an application in AWS. The architecture would consist of EC2, the Classic Load Balancer, Auto Scaling and Route 53. There is a directive to ensure that Blue-Green deployments are possible in this architecture. Which routing policy could you ideally use in Route 53 for achieving Blue-Green deployments?
Question 2 Explanation:
AWS Documentation mentions that Weighted routing policy is good for testing new versions of software and is the ideal approach for Blue-Green deployments. Weighted routing lets you associate multiple resources with a single domain name (example.com) or subdomain name (acme.example.com) and choose how much traffic is routed to each resource. For more information on Route 53 routing policies, please visit the following URL: https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/routing-policy.html
Bounty Airlines has couple of EC2 Instances hosted inside a VPC in a private subnet. Due to a new feature being added these instances now need to access resources stored in a S3 bucket. However, due to security constraints the traffic should not traverse the internet. Which of the following would help cater to this requirement?
Virtual Private Gateway
Question 3 Explanation:
A VPC endpoint enables you to privately connect your VPC to supported AWS services and VPC endpoint services powered by PrivateLink without requiring an internet gateway, NAT device, VPN connection, or AWS Direct Connect connection. Instances in your VPC do not require public IP addresses to communicate with resources in the service. Traffic between your VPC and the other service does not leave the Amazon network. For more information visit https://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/vpc-endpoints.html
You have been directed to deploy your Spring Boot application on your Amazon EC2 production instances. Your application makes AWS API calls. How could you securely pass credentials to the application to do so?
Hard-code the API credentials into your application (example using Java property file).
Convey the API credentials to the instance using Instance userdata.
Store the API credentials as an object in Amazon S3.
Assign IAM roles to the EC2 Instances.
Question 4 Explanation:
AWS clearly states that we should use roles to delegate access to users, applications, or services that don’t normally have access to our AWS resources. It is not a good practice to directly use IAM credentials for a production based application.
Your company presently hosts huge amount of data on its on-premises location. You have been told by the CIO that the company wants to store the backups of this data on AWS while continuing to provide a low-latency access to the entire dataset. Which is the most efficient way to achieve this?
Create EBS Snapshots and store the data.
Create EBS Volumes and store the data.
Use Amazon Glacier.
Use Storage Gateway Stored volumes.
Question 5 Explanation:
By using stored volumes, you can store your primary data locally, while asynchronously backing up that data to AWS. Stored volumes provide your on-premises applications with low-latency access to their entire datasets. At the same time, they provide durable, offsite backups. You can create storage volumes and mount them as iSCSI devices from your on-premises application servers. Data written to your stored volumes is stored on your on-premises storage hardware. This data is asynchronously backed up to Amazon S3 as Amazon Elastic Block Store (Amazon EBS) snapshots.
Once you are finished, click the button below. Any items you have not completed will be marked incorrect. Get Results
There are 5 questions to complete.
Shaded items are complete.
You have completed
Your score is
You have not finished your quiz. If you leave this page, your progress will be lost.
Final Score on Quiz
Attempted Questions Correct
Attempted Questions Wrong
Questions Not Attempted
Total Questions on Quiz
Answer Choice(s) Selected
Need more practice!