NEW QUESTION 1
When creating an Elastic Beanstalk environment using the Wizard, what are the 3 configuration options presented to you

• A. Choosingthetypeof Environment- Web or Worker environment
• B. Choosingtheplatformtype-Nodejs,IIS,etc
• C. Choosing the type of Notification - SNS or SQS
• D. Choosing whether you want a highly available environment or not

Answer: ABD

Explanation:
The below screens are what are presented to you when creating an Elastic Beanstalk environment

The high availability preset includes a load balancer; the low cost preset does not For more information on the configuration settings, please refer to the below link: http://docs.aws.amazon.com/elasticbeanstalk/latest/dg/environments-create-wizard.html

NEW QUESTION 2
Your application uses Cloud Formation to orchestrate your application's resources. During your testing phase before the application went live, your Amazon RDS instance type was changed and caused the instance to be re-created, resulting In the loss of test data. How should you prevent this from occurring in the future?

• A. Within the AWS CloudFormation parameter with which users can select the Amazon RDS instance type, set AllowedValues to only contain the current instance type.
• B. Use an AWS CloudFormation stack policy to deny updates to the instanc
• C. Only allow UpdateStack permission to 1AM principals that are denied SetStackPolicy.
• D. In the AWS CloudFormation template, set the AWS::RDS::DBInstance's DBInstanceClass property to be read-only.
• E. Subscribe to the AWS CloudFormation notification "BeforeResourcellpdate," and call CancelStackUpdate if the resource identified is the Amazon RDS instance.
• F. Update the stack using ChangeSets

Answer: E

Explanation:
When you need to update a stack, understanding how your changes will affect running resources before you implement them can help you update stacks with confidence. Change sets allow you to preview how proposed changes to a stack might impact your running resources, for example, whether your changes will delete or replace any critical resources, AWS CloudFormation makes the changes to your stack only when you decide to execute the change set, allowing you to decide whether to proceed with your proposed changes or explore other changes by creating another change set
For example, you can use a change set to verify that AWS CloudFormation won't replace your stack's database instances during an update.

NEW QUESTION 3
You have an application running in us-west-2 that requires 6 EC2 instances running at all times. With 3 AZ available in that region, which of the following deployments provides 100% fault tolerance if any single AZ in us-west-2 becomes unavailable. Choose 2 answers from the options below

• A. us-west-2awith 2 instances, us-west-2b with 2 instances, us-west-2c with 2 instances
• B. us-west-2awith 3 instances, us-west-2b with 3 instances, us-west-2c with 0 instances
• C. us-west-2awith 4 instances, us-west-2b with 2 instances, us-west-2c with 2 instances
• D. us-west-2awith 6 instances, us-west-2b with 6 instances, us-west-2c with 0 instances
• E. us-west-2awith 3 instances, us-west-2b with 3 instances, us-west-2c with 3 instances

Answer: DE

Explanation:
Since we need 6 instances running at all times, only D and C fulfil this option. The AWS documentation mentions the following on Availability zones
When you launch an instance, you can select an Availability Zone or let us choose one for you. If you distribute your instances across multiple Availability Zones and one instance fails, you can design your application so that an instance in another Availability Zone can handle requests.
For more information on Regions and AZ's please visit the URL:
• http://docs.aws.amazon.com/AWSCC2/latest/UserGuide/using-regions-avai lability-zones.htm I

NEW QUESTION 4
One of your instances is reporting an unhealthy system status check. However, this is not something you should have to monitor and repair on your own. How might you automate the repair of the system status check failure in an AWS environment? Choose the correct answer from the options given below

• A. Create Cloud Watch alarms for StatuscheckFailed_System metrics and select EC2 action-Recover the instance
• B. Writea script that queries the EC2 API for each instance status check
• C. Writea script that periodically shuts down and starts instances based on certainstats.
• D. Implementa third party monitoring tool.

Answer: A

Explanation:
Using Amazon Cloud Watch alarm actions, you can create alarms that automatically stop, terminate, reboot, or recover your CC2 instances. You can use the stop or terminate actions to help you save money when you no longer need an instance to be running. You can use the reboot and recover actions to automatically reboot those instances or recover them onto new hardware if a system impairment occurs.
For more information on using alarm actions, please refer to the below link: http://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/UsingAlarmActions.html

NEW QUESTION 5
You work as a Devops Engineer for your company. There are currently a number of environments hosted via Elastic beanstalk. There is a requirement to ensure to ensure that the rollback time for a new version application deployment is kept to a minimal. Which elastic beanstalk deployment method would fulfil this requirement ?

• A. Rollingwith additional batch
• B. AllatOnce
• C. Blue/Green
• D. Rolling

Answer: C

Explanation:
The below table from the AWS documentation shows that the least amount of time is spent in rollbacks when it comes to Blue Green deployments. This is because the only thing that needs to be done is for URL's to be swapped.

For more information on Elastic beanstalk deployment strategies, please visit the below URL: http://docs.aws.amazon.com/elasticbeanstalk/latest/dg/using-features.deploy-existing-version, htmI

NEW QUESTION 6
A user is trying to save some cost on the AWS services. Which of the below mentioned options will not help him save cost?

• A. Delete the unutilized EBS volumes once the instance is terminated
• B. Delete the AutoScaling launch configuration after the instances are terminated
• C. Release the elastic IP if not required once the instance is terminated
• D. Delete the AWS ELB after the instances are terminated

Answer: B

Explanation:
Option A is wrong because CBS volumes does have a costing aspect and hence deleting the volumes will save on cost
Option C is wrong because Elastic IP will consume cost if not removed. Option D is wrong because CLB also incur costs.
Only Autoscaling groups are free of cost. It's only the underlying resources which you are charged for. For more information on AWS Pricing, please visit the link: https://aws.amazon.com/pricing/services/

NEW QUESTION 7
You are a Devops Engineer for your company. There is a requirement to log each time an Instance is scaled in or scaled out from an existing Autoscaling Group. Which of the following steps can be implemented to fulfil this requirement. Each step forms part of the solution.

• A. Createa Lambda function which will write the event to Cloudwatch logs
• B. Createa Cloudwatch event which will trigger the Lambda function.
• C. Createan SQS queue which will write the event to Cloudwatch logs
• D. Createa Cloudwatch event which will trigger the SQS queue.

Answer: AB

Explanation:
The AWS documentation mentions the following
You can run an AWS Lambda function that logs an event whenever an Auto Scaling group launches or terminates an Amazon CC2 instance and whether the launch or terminate event was successful.
For more information on configuring lambda with Cloudwatch events for this scenario, please visit the URL:
◆ http://docs.aws.amazon.com/AmazonCloudWatch/latest/events/LogASGroupState.html

NEW QUESTION 8
You currently have EC2 Instances hosting an application. These instances are part of an Autoscaling Group. You now want to change the instance type of the EC2 Instances. How can you manage the deployment with the least amount of downtime

• A. Terminate the existing Auto Scalinggrou
• B. Create a new launch configuration with the new Instance typ
• C. Attach that to the new Autoscaing Group.
• D. Use the AutoScalingRollingUpdate policy on CloudFormation Template Auto Scalinggroup
• E. Use the Rolling Update feature which is available for EC2 Instances.
• F. Manually terminate the instances, launch new instances with the new instance type and attach them to the Autoscaling group

Answer: B

Explanation:
The AWS::AutoScaling::AutoScalingGroup resource supports an UpdatePolicy attribute. This is used to define how an Auto Scalinggroup resource is updated when
an update to the Cloud Formation stack occurs. A common approach to updating an Auto Scaling group is to perform a rolling update, which is done by specifying the
AutoScalingRollingUpdate policy. This retains the same Auto Scalinggroup and replaces old instances with new ones, according to the parameters specified.
For more information on AutoScaling Rolling Update, please refer to the below link:
• https://aws.amazon.com/premiumsupport/knowledge-center/auto-scaling-group-rolling- updates/

NEW QUESTION 9
You have an application hosted in AWS, which sits on EC2 Instances behind an Elastic Load Balancer. You have added a new feature to your application and are now receving complaints from users that the site has a slow response. Which of the below actions can you carry out to help you pinpoint the issue

• A. Use Cloudtrail to log all the API calls, and then traverse the log files to locate the issue
• B. Use Cloudwatch, monitor the CPU utilization to see the times when the CPU peaked
• C. Reviewthe Elastic Load Balancer logs
• D. Create some custom Cloudwatch metrics which are pertinent to the key features of your application

Answer: D

Explanation:
Since the issue is occuring after the new feature has been added, it could be relevant to the new feature.
Enabling Cloudtrail will just monitor all the API calls of all services and will not benefit the cause.
The monitoring of CPU utilization will just reverify that there is an issue but will not help pinpoint the issue.
The Elastic Load Balancer logs will also just reverify that there is an issue but will not help pinpoint the issue.
For more information on custom Cloudwatch metrics, please refer to the below link: http://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/publishingMetrics.html

NEW QUESTION 10
You work at a company that makes use of AWS resources. One of the key security policies is to ensure that all data is encrypted both at rest and in transit. Which of the following is not a right implementation which aligns to this policy?

• A. UsingS3 Server Side Encryption (SSE) to store the information
• B. Enable SSLtermination on the ELB C EnablingProxy ProtocolD- Enablingsticky sessions on your load balancer

Answer: B

Explanation:
Please note the keyword "NOT" in the question.
Option A is incorrect. Enabling S3 SSE encryption helps the encryption of data at rest in S3.So Option A is invalid.
Option B is correct. If you disable SSL termination on the ELB the traffic will be encrypted all the way to the backend. SSL termination allows encrypted traffic between the client
and the ELB but cause traffic to be unencrypted between the ELB and the backend (presumably EC2 or ECS/Task, etc.)
If SSL is not terminated on the ELB you must use Layer A to have traffic encrypted all the way.
Sticky sessions are not supported with Layer A (TCP endpoint). Thus option D" Enabling sticky sessions on your load balancer" can't be used and is the right answer
For more information on sticky sessions, please visit the below URL https://docs.aws.amazon.com/elasticloadbalancing/latest/classic/elb-sticky-sessions.html Requirements
• An HTTP/HTTPS load balancer.
• At least one healthy instance in each Availability Zone.
• At least one healthy instance in each Availability Zone.
If you don't want the load balancer to handle the SSL termination (known as SSL offloading), you can use TCP for both the front-end and back-end connections, and deploy certificates on the registered instances handling requests.
For more information on elb-listener-config, please visit the below
• https://docs.awsamazon.com/elasticloadbalancing/latest/classic/elb-listener-config.html If the front-end connection uses TCP or SSL, then your back-end connections can use either TCP or SSL. Note: You can use an HTTPS listener and still use SSL on the backend but the ELB must terminate, decrypt and re-encrypt. This is slower and less secure then using the same encryption all the way to the backend.. It also breaks the question requirement of having all data encrypted in transit since it force the ELB to decrypt Proxy protocol is used to provide a secure transport connection hence Option C is also incorrect. For more information on SSL Listeners for your load balancer, please visit the below URL
http://docsaws.amazon.com/elasticloadbalancing/latest/classic/elb-https-load-balancers.html
https://aws.amazon.com/blogs/aws/elastic-load-balancer-support-for-ssl-termination/

NEW QUESTION 11
Which of the following is not a supported platform for the Elastic beanstalk service

• A. Java
• B. AngularJS
• C. PHP
• D. .Net

Answer: B

Explanation:

For more information on Elastic beanstalk, please visit the below URL:
http://docs.aws.a mazon.com/elasticbeanstalk/latest/dg/concepts.platforms. htm I

NEW QUESTION 12
You have a set of EC2 Instances in an Autoscaling Group that processes messages from an SQS queue. The messages contain the location in S3 from where video's need to be processed by the EC2 Instances. When a scale in happens, it is noticed that an at times that the EC2 Instance is still in a state of processing a video when the instance is terminated. How can you implement a solution which will ensure this does not happen?

• A. ChangetheCoolDown property for the Auto scaling Group.
• B. SuspendtheAZRebalance termination policy
• C. Use lifecycle hooks to ensure the processing is complete before the termination occurs
• D. Increase the minimum and maximum size for the Auto Scaling group, and change the scaling policies so they scale less dynamically

Answer: C

Explanation:
This is a case where lifecycle policies can be used. The lifecycle policy can be used to put the instance in a state of Terminating:Wait, complete the processing and then send a signal to complete the termination
Auto Scaling lifecycle hooks enable you to perform custom actions by pausing instances as Auto Scaling launches or terminates them. For example, while your newly launched instance is paused, you could install or configure software on it.
For more information on Autoscaling lifecycle hooks, please visit the below U RL:
• http://docs.aws.a mazon.com/autoscaling/latest/userguide/lifecycle-hooks.htmI

NEW QUESTION 13
Which of these is not an instrinsic function in AWS CloudFormation?

• A. Fn::Equals
• B. Fn::lf
• C. Fn::Not
• D. Fn::Parse

Answer: D

Explanation:
You can use intrinsic functions, such as Fn::lf, Fn::Cquals, and Fn::Not, to conditionally create stack resources. These conditions are evaluated based on input parameters that you declare when you create or update a stack. After you define all your conditions, you can associate them with resources or resource properties in the Resources and Outputs sections of a template.
For more information on Cloud Formation template functions, please refer to the URL:
• http://docs.aws.amazon.com/AWSCIoudFormation/latest/UserGuide/intrinsic-function- reference.html and
• http://docs.aws.a mazon.com/AWSCIoudFormation/latest/UserGuide/intri nsic-function- reference-conditions.html

NEW QUESTION 14
You are planning on using encrypted snapshots in the design of your AWS Infrastructure. Which of the following statements are true with regards to EBS Encryption

• A. Snapshottingan encrypted volume makes an encrypted snapshot; restoring an encrypted snapshot creates an encrypted volume when specified / requested.
• B. Snapshotting an encrypted volume makes an encrypted snapshot when specified / requested; restoring an encrypted snapshot creates an encrypted volume when specified / requested.
• C. Snapshotting an encrypted volume makes an encrypted snapshot; restoring an encrypted snapshot always creates an encrypted volume.
• D. Snapshotting an encrypted volume makes an encrypted snapshot when specified / requested; restoring an encrypted snapshot always creates an encrypted volume.

Answer: C

Explanation:
Amazon CBS encryption offers you a simple encryption solution for your CBS volumes without the need for you to build, maintain, and secure your own key management infrastructure. When you create an encrypted CBS volume and attach it to a supported instance type, the following types of data are encrypted:
• Data at rest inside the volume
• All data moving between the volume and the instance
• All snapshots created from the volume
Snapshots that are taken from encrypted volumes are automatically encrypted. Volumes that are created from encrypted snapshots are also automatically
encrypted.
For more information on CBS encryption, please visit the below URL:
• http://docs.aws.amazon.com/AWSCC2/latest/UserGuide/ CBSCncryption.html

NEW QUESTION 15
You have deployed a Cloudformation template which is used to spin up resources in your account. Which of the following status in Cloudformation represents a failure.

• A. UPDATE_COMPLETE_CLEANUPJN_PROGRESS
• B. DELETE_COMPLETE
• C. ROLLBACK_IN_PROGRESS
• D. UPDATE_IN_PROGRESS

Answer: C

Explanation:
AWS Cloud Formation provisions and configures resources by making calls to the AWS services that are described in your template.
After all the resources have been created, AWS Cloud Formation reports that your stack has been created. You can then start using the resources in your stack. If
stack creation fails, AWS CloudFormation rolls back your changes by deleting the resources that it created.
The below snapshot from Cloudformation shows what happens when there is an error in the stack creation.

For more information on how Cloud Formation works, please refer to the below link: http://docs.ws.amazon.com/AWSCIoudFormation/latest/UserGuide/cfn-whatis-howdoesitwork-html

NEW QUESTION 16
There is a very serious outage at AWS. EC2 is not affected, but your EC2 instance deployment scripts
stopped working in the region with the outage. What might be the issue?

• A. The AWS Console is down, so your CLI commands do not work.
• B. S3 is unavailable, so you can't create EBS volumes from a snapshot you use to deploy new volumes.
• C. AWS turns off the DeployCode API call when there are major outages, to protect from system floods.
• D. None of the other answers make sens
• E. If EC2 is not affected, it must be some other issue.

Answer: B

Explanation:
The CBS Snapshots are stored in S3, so if you have an scripts which deploy CC2 Instances, the CBS volumes need to be constructed from snapshots stored in S3.
You can back up the data on your Amazon CBS volumes to Amazon S3 by taking point-in-time snapshots. Snapshots are incremental backups, which means that only the blocks on the device that have changed after your most recent snapshot are saved. This minimizes the time required to create the snapshot and saves on storage costs by not duplicating data. When you delete a snapshot, only the data unique to that snapshot is removed. Cach snapshot contains all of the information needed to restore your data (from the moment when the snapshot was taken) to a new CBS volume. For more information on CBS Snapshots, please visit the below URL:
• http://docs.aws.amazon.com/AWSCC2/latest/UserGuide/ CBSSnapshots.htm I

NEW QUESTION 17
Which of the following can be used in Cloudformation to coordinate the creation of stack resources. Choose 2 answers from the options given below

• A. AWS::CloudFormation::HoldCondition
• B. AWS::CloudFormation::WaitCondition
• C. HoldPolicyattribute
• D. CreationPolicyattribute

Answer: BD

Explanation:
The AWS Documentation mentions the following
Using the AWS::CloudFormation::WaitCondition resource and Creation Pol icy attribute, you can do the following:
Coordinate stack resource creation with other configuration actions that are external to the stack creation
Track the status of a configuration process For more information on wait conditions, please refer to the below link:
• http://docs.ws.amazon.com/AWSCIoudFormation/latest/UserGuide/using-cfn-waitcond ition.html

NEW QUESTION 18
You have instances running on your VPC. You have both production and development based instances running in the VPC. You want to ensure that people who are responsible for the development instances don't have the access to work on the production instances to ensure better security. Using policies, which of the following would be the best way to accomplish this? Choose the correct answer from the options given below

• A. Launchthe test and production instances in separate VPC's and use VPC peering
• B. Createan 1AM policy with a condition which allows access to only instances that areused for production or development
• C. Launchthe test and production instances in different Availability Zones and use MultiFactor Authentication
• D. Definethe tags on the test and production servers and add a condition to the lAMpolicy which allows access to specific tags

Answer: D

Explanation:
You can easily add tags which define which instances are production and which are development instances and then ensure these tags are used when controlling access via an 1AM policy.
For more information on tagging your resources, please refer to the below link: http://docs.aws.amazon.com/AWSCC2/latest/UserGuide/Using_Tags.html

NEW QUESTION 19
Your company needs to automate 3 layers of a large cloud deployment. You want to be able to track this deployment's evolution as it changes over time, and carefully control any alterations. What is a good way to automate a stack to meet these requirements?

• A. Use OpsWorks Stacks with three layers to model the layering in your stack.
• B. Use CloudFormation Nested Stack Templates, with three child stacks to represent the three logical layers of your cloud.
• C. Use AWS Config to declare a configuration set that AWS should roll out to your cloud.
• D. Use Elastic Beanstalk Linked Applications, passing the important DNS entires between layers using the metadata interface.

Answer: B

Explanation:
As your infrastructure grows, common patterns can emerge in which you declare the same components in each of your templates. You can separate out these common components and create dedicated templates for them. That way, you can mix and match different templates but use nested stacks to create a single,
unified stack. Nested stacks are stacks that create other stacks. To create nested stacks, use the AWS:: Cloud Form ation::Stackresource in your template to reference other templates.
For more information on nested stacks, please visit the below URL:
• http://docs^ws.amazon.com/AWSCIoudFormation/latest/UserGuide/best-practices.html#nested Note:
The query is, how you can automate a stack over the period of time, when changes are required, with out recreating the stack.
The function of Nested Stacks are to reuse Common Template Patterns.
For example, assume that you have a load balancer configuration that you use for most of your stacks. Instead of copying and pasting the same configurations into your templates, you can create a dedicated template for the load balancer. Then, you just use the resource to reference that template from within other templates.
Yet another example is if you have a launch configuration with certain specific configuration and you need to change the instance size only in the production environment and to leave it as it is in the development environment.
AWS also recommends that updates to nested stacks are run from the parent stack.
When you apply template changes to update a top-level stack, AWS CloudFormation updates the top-level stack and initiates an update to its nested stacks. AWS
Cloud Formation updates the resources of modified nested stacks, but does not update the resources of unmodified nested stacks.

NEW QUESTION 20
Your company has multiple applications running on AWS. Your company wants to develop a tool that notifies on-call teams immediately via email when an alarm is triggered in your environment. You have multiple on-call teams that work different shifts, and the tool should handle notifying the correct teams at the correct times. How should you implement this solution?

• A. Create an Amazon SNS topic and an Amazon SQS queu
• B. Configure the Amazon SQS queue as a subscriber to the Amazon SNS topic.Configure CloudWatch alarms to notify this topic when an alarm is triggere
• C. Create an Amazon EC2 Auto Scaling group with both minimum and desired Instances configured to 0. Worker nodes in thisgroup spawn when messages are added to the queu
• D. Workers then use Amazon Simple Email Service to send messages to your on call teams.
• E. Create an Amazon SNS topic and configure your on-call team email addresses as subscriber
• F. Use the AWS SDK tools to integrate your application with Amazon SNS and send messages to this new topi
• G. Notifications will be sent to on-call users when a CloudWatch alarm is triggered.
• H. Create an Amazon SNS topic and configure your on-call team email addresses as subscriber
• I. Create a secondary Amazon SNS topic for alarms and configure your CloudWatch alarms to notify this topic when triggere
• J. Create an HTTP subscriber to this topic that notifies your application via HTTP POST when an alarm is triggere
• K. Use the AWS SDK tools to integrate your application with Amazon SNS and send messages to the first topic so that on-call engineers receive alerts.
• L. Create an Amazon SNS topic for each on-call group, and configure each of these with the team member emails as subscriber
• M. Create another Amazon SNS topic and configure your CloudWatch alarms to notify this topic when triggere
• N. Create an HTTP subscriber to this topic that notifies your application via HTTP POST when an alarm is triggere
• O. Use the AWS SDK tools to integrate your application with Amazon SNS and send messages to the correct team topic when on shift.

Answer: D

Explanation:
Option D fulfils all the requirements
1) First is to create a SNS topic for each group so that the required members get the email addresses.
2) Ensure the application uses the HTTPS endpoint and the SDK to publish messages Option A is invalid because the SQS service is not required.
Option B and C are incorrect. As per the requirement we need to provide notification to only those on-call teams who are working in that particular shift when an alarm is triggered. It need not have to be send to all the on-call teams of the company. With Option B & C, since we are not configuring the SNS topic for each on call team the notifications will be send to all the on-call teams. Hence these 2 options are invalid. For more information on setting up notifications, please refer to the below document link: from AWS http://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/US_SetupSNS.html

NEW QUESTION 21
The project you are working on currently uses a single AWS CloudFormation template to deploy its AWS infrastructure, which supports a multi-tier web application. You have been tasked with organizing the AWS CloudFormation resources so that they can be maintained in the future, and so that different departments such as Networking and Security can review the architecture before it goes to Production. How should you do this in a way that accommodates each department, using their existing workflows?

• A. Organize the AWS CloudFormation template so that related resources are next to each other in the template, such as VPC subnets and routing rules for Networkingand security groups and 1AM information for Security.
• B. Separate the AWS CloudFormation template into a nested structure that has individual templates for the resources that are to be governed by different departments, and use the outputs from the networking and security stacks for the application template that you contro
• C. ^/
• D. Organize the AWS CloudFormation template so that related resources are next to each other in the template for each department's use, leverage your existing continuous integration tool to constantly deploy changes from all parties to the Production environment, and then run tests for validation.
• E. Use a custom application and the AWS SDK to replicate the resources defined in the current AWS CloudFormation template, and use the existing code review system to allow other departments to approve changes before altering the application for future deployments.

Answer: B

Explanation:
As your infrastructure grows, common patterns can emerge in which you declare the same components in each of your templates. You can separate out these common components and create dedicated templates for them. That way, you can mix and match different templates but use nested stacks to create a single, unified stack. Nested stacks are stacks that create other stacks. To create nested stacks, use the AWS:: Cloud Form ation::Stackresource in your template to reference other templates.
For more information on best practices for Cloudformation please refer to the below link: http://docs.aws.amazon.com/AWSCIoudFormation/latest/UserGuide/best-practices.html

NEW QUESTION 22
Which of the following file needs to be included along with your source code binaries when your application uses the EC2/On-Premises compute platform, and deploy it using the AWS Code Deploy service.

• A. appspec.yml
• B. appconfig.yml
• C. appspecjson
• D. appconfigjson

Answer: A

Explanation:
The AWS Documentation mentions the below
The application specification file (AppSpec file) is a YAML-formatted file used by AWS CodeDeploy to determine:
what it should install onto your instances from your application revision in Amazon S3 or GitHub. which lifecycle event hooks to run in response to deployment lifecycle events. An AppSpec file must be named appspec.yml and it must be placed in the root of an application's source code's directory structure. Otherwise, deployments will fail. For more information on the appspec file, please visit the below URL:
http://docs.aws.amazon.com/codedeploy/latest/userguide/reference-appspec-file.html
Note: If you deploying your code on AWS Lambda compute platform. An AppSpec file can be YAML- formatted or JSON-for matted. You can also enter the contents of an AppSpec file directly into AWS CodeDeploy console when you create a deployment.
However, this question is about along with your source code binaries on an CC2/On-Premises Compute Platform. So, an AppSpec file must be a YAM L-formatted file named appspec.yml and it must be placed in the root of the directory structure of an application's source code. Otherwise, deployments fail.

NEW QUESTION 23
You are hired as the new head of operations for a SaaS company. Your CTO has asked you to make debugging any part of your entire operation simpler and as fast as possible. She complains that she has no idea what is going on in the complex, service-oriented architecture, because the developers just log to disk, and it's very hard to find errors in logs on so many services. How can you best meet this requirement and satisfy your CTO?

• A. Copy all log files into AWS S3 using a cron job on each instanc
• B. Use an S3 Notification Configuration on the PutBucket event and publish events to AWS Lambd
• C. Use the Lambda to analyze logs as soon as they come in and flag issues.
• D. Begin using CloudWatch Logs on every servic
• E. Stream all Log Groups into S3 object
• F. Use AWS EMR clusterjobs to perform adhoc MapReduce analysis and write new queries when needed.
• G. Copy all log files into AWS S3 using a cron job on each instanc
• H. Use an S3 Notification Configuration on the PutBucket event and publish events to AWS Kinesi
• I. Use Apache Spark on AWS EMR to perform at-scale stream processing queries on the log chunks and flag issues.
• J. Begin using CloudWatch Logs on every servic
• K. Stream all Log Groups into an AWS Elastic search Service Domain running Kibana 4 and perform log analysis on a search cluster.

Answer: D

Explanation:
Amazon Dasticsearch Service makes it easy to deploy, operate, and scale dasticsearch for log analytics, full text search, application monitoring, and more. Amazon
Oasticsearch Service is a fully managed service that delivers Dasticsearch's easy-to-use APIs and real- time capabilities along with the availability, scalability, and security required by production workloads. The service offers built-in integrations with Kibana, Logstash, and AWS services including Amazon Kinesis Firehose, AWS Lambda, and Amazon Cloud Watch so that you can go from raw data to actionable insights quickly. For more information on Elastic Search, please refer to the below link:
• https://aws.amazon.com/elasticsearch-service/

NEW QUESTION 24
......