A rapidly growing company wants to scale for developer demand for AWS development environments. Development environments are created manually in the AWS Management Console. The networking team uses AWS CloudFormation to manage the networking infrastructure, exporting stack output values for the Amazon VPC and all subnets. The development environments have common standards, such as Application Load Balancers, Amazon EC2 Auto Scaling groups, security groups, and Amazon DynamoDB tables.
To keep up with demand, the DevOps engineer wants to automate the creation of development environments. Because the infrastructure required to support the application is expected to grow, there must be a way to easily update the deployed infrastructure. CloudFormation will be used to create a template for the development environments.
Which approach will meet these requirements and quickly provide consistent AWS environments for developers?

1. A. Use Fn::ImportValue intrinsic functions in the Resources section of the template to retrieve VirtualPrivate Cloud (VPC) and subnet value
2. B. Use CloudFormation StackSets for the development environments, using the Count input parameter to indicate the number of environments neede
3. C. Use the UpdateStackSet command to update existing development environments.
4. D. Use nested stacks to define common infrastructure component
5. E. To access the exported values, use TemplateURL to reference the networking team’s templat
6. F. To retrieve Virtual Private Cloud (VPC) and subnet values, use Fn::ImportValue intrinsic functions in the Parameters section of the root templat
7. G. Use the CreateChangeSet and ExecuteChangeSet commands to update existing development environments.
8. H. Use nested stacks to define common infrastructure component
9. I. Use Fn::ImportValue intrinsic functions with the resources of the nested stack to retrieve Virtual Private Cloud (VPC) and subnet value
10. J. Use the CreateChangeSet and ExecuteChangeSet commands to update existing development environments.
11. K. Use Fn::ImportValue intrinsic functions in the Parameters section of the root template to retrieve Virtual Private Cloud (VPC) and subnet value
12. L. Define the development resources in the order they need to be created in the CloudFormation nested stack
13. M. Use the CreateChangeSe
14. N. and ExecuteChangeSet commands to update existing development environments.

Correct Answer: C
https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/intrinsic-function-reference-importvalue.h https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/intrinsic-function-reference-importvalue.h
CF of network exports the VPC, subnet or needed information CF of application imports the above information to its stack and UpdateChangeSet/ ExecuteChangeSet

A company is implementing an Amazon Elastic Container Service (Amazon ECS) cluster to run its workload. The company architecture will run multiple ECS services on the cluster. The architecture includes an Application Load Balancer on the front end and uses multiple target groups to route traffic.
A DevOps engineer must collect application and access logs. The DevOps engineer then needs to send the logs to an Amazon S3 bucket for near-real-time analysis.
Which combination of steps must the DevOps engineer take to meet these requirements? (Choose three.)

1. A. Download the Amazon CloudWatch Logs container instance from AW
2. B. Configure this instance as a tas
3. C. Update the application service definitions to include the logging task.
4. D. Install the Amazon CloudWatch Logs agent on the ECS instance
5. E. Change the logging driver in the ECS task definition to awslogs.
6. F. Use Amazon EventBridge to schedule an AWS Lambda function that will run every 60 seconds and will run the Amazon CloudWatch Logs create-export-task comman
7. G. Then point the output to the logging S3 bucket.
8. H. Activate access logging on the AL
9. I. Then point the ALB directly to the logging S3 bucket.
10. J. Activate access logging on the target groups that the ECS services us
11. K. Then send the logs directly to the logging S3 bucket.
12. L. Create an Amazon Kinesis Data Firehose delivery stream that has a destination of the logging S3 bucket.Then create an Amazon CloudWatch Logs subscription filter for Kinesis Data Firehose.

Correct Answer: BDF
https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-logging-monitoring.html

A DevOps engineer has implemented a Cl/CO pipeline to deploy an AWS Cloud Format ion template that provisions a web application. The web application consists of an Application Load Balancer (ALB) a target group, a launch template that uses an Amazon Linux 2 AMI an Auto Scaling group of Amazon EC2 instances, a security group and an Amazon RDS for MySQL database The launch template includes user data that specifies a script to install and start the application.
The initial deployment of the application was successful. The DevOps engineer made changes to update the version of the application with the user data. The CI/CD pipeline has deployed a new version of the template However, the health checks on the ALB are now failing The health checks have marked all targets as unhealthy.
During investigation the DevOps engineer notices that the Cloud Formation stack has a status of UPDATE_COMPLETE. However, when the DevOps engineer connects to one of the EC2 instances and checks /varar/log messages, the DevOps engineer notices that the Apache web server failed to start successfully because of a configuration error
How can the DevOps engineer ensure that the CloudFormation deployment will fail if the user data fails to successfully finish running?

1. A. Use the cfn-signal helper script to signal success or failure to CloudFormation Use the WaitOnResourceSignals update policy within the CloudFormation template Set an appropriate timeout for the update policy.
2. B. Create an Amazon CloudWatch alarm for the UnhealthyHostCount metri
3. C. Include an appropriate alarm threshold for the target group Create an Amazon Simple Notification Service (Amazon SNS) topic as the target to signal success or failure to CloudFormation
4. D. Create a lifecycle hook on the Auto Scaling group by using the AWS AutoScaling LifecycleHook resource Create an Amazon Simple Notification Service (Amazon SNS) topic as the target to signal success or failure to CloudFormation Set an appropriate timeout on the lifecycle hook.
5. E. Use the Amazon CloudWatch agent to stream the cloud-init logs Create a subscription filter that includes an AWS Lambda function with an appropriate invocation timeout Configure the Lambda function to use the SignalResource API operation to signal success or failure to CloudFormation.

Correct Answer: A
https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-updatepolicy.html

A DevOps engineer is creating an AWS CloudFormation template to deploy a web service. The web service will run on Amazon EC2 instances in a private subnet behind an Application Load Balancer (ALB). The DevOps engineer must ensure that the service can accept requests from clients that have IPv6 addresses.
What should the DevOps engineer do with the CloudFormation template so that IPv6 clients can access the web service?

1. A. Add an IPv6 CIDR block to the VPC and the private subnet for the EC2 instance
2. B. Create route table entries for the IPv6 network, use EC2 instance types that support IPv6, and assign IPv6 addresses to each EC2 instance.
3. C. Assign each EC2 instance an IPv6 Elastic IP addres
4. D. Create a target group, and add the EC2 instances as target
5. E. Create a listener on port 443 of the ALB, and associate the target group with the ALB.
6. F. Replace the ALB with a Network Load Balancer (NLB). Add an IPv6 CIDR block to the VPC and subnets for the NLB, and assign the NLB an IPv6 Elastic IP address.
7. G. Add an IPv6 CIDR block to the VPC and subnets for the AL
8. H. Create a listener on port 443. and specify the dualstack IP address type on the AL
9. I. Create a target group, and add the EC2 instances as target
10. J. Associate the target group with the ALB.

Correct Answer: D
it involves adding an IPv6 CIDR block to the VPC and subnets for the ALB and specifying the dualstack IP
address type on the ALB listener. This allows the ALB to listen on both IPv4 and IPv6 addresses, and forward requests to the EC2 instances that are added as targets to the target group associated with the ALB.

A development team manually builds an artifact locally and then places it in an Amazon S3 bucket. The application has a local cache that must be cleared when a deployment occurs. The team runs a command to do this downloads the artifact from Amazon S3 and unzips the artifact to complete the deployment.
A DevOps team wants to migrate to a CI/CD process and build in checks to stop and roll back the deployment when a failure occurs. This requires the team to track the progression of the deployment.
Which combination of actions will accomplish this? (Select THREE)

1. A. Allow developers to check the code into a code repository Using Amazon EventBridge on every pull into the mam branch invoke an AWS Lambda function to build the artifact and store it in Amazon S3.
2. B. Create a custom script to clear the cache Specify the script in the Beforelnstall lifecycle hook in the AppSpec file.
3. C. Create user data for each Amazon EC2 instance that contains the clear cache script Once deployed test the application If it is not successful deploy it again.
4. D. Set up AWS CodePipeline to deploy the application Allow developers to check the code into a code repository as a source tor the pipeline.
5. E. Use AWS CodeBuild to build the artifact and place it in Amazon S3 Use AWS CodeDeploy to deploy the artifact to Amazon EC2 instances.
6. F. Use AWS Systems Manager to fetch the artifact from Amazon S3 and deploy it to all the instances.

Correct Answer: BDE