AWS Assignment– 8

Monitoring, Logging & Alerts for DevOps Learners

Basic Questions

  1. Use Terraform to create a CloudWatch metric alarm for build failures in CodeBuild.
  2. Configure a CloudWatch dashboard to monitor pipeline execution time in CodePipeline.
  3. Stream CodeBuild logs to CloudWatch Logs automatically.
  4. Configure CloudWatch custom metrics for Jenkins running on EC2.
  5. Write a CloudFormation template to create an SNS topic and link it to a CloudWatch alarm.
  6. Use CloudWatch Events (EventBridge) to trigger a Lambda function when a pipeline stage fails.
  7. Configure a metric alarm for ECS service CPUReservation metric.
  8. Enable CloudWatch Application Insights for a deployed .NET or Java app.
  9. Create CloudWatch alarms for RDS database free storage space.
  10. Build a CloudWatch dashboard to track Auto Scaling activity.
  11. Configure a CloudTrail trail to exclude data events but capture management events.
  12. Use CloudTrail to track IAM policy changes and send to CloudWatch Logs.
  13. Write a CloudFormation template to automatically enable CloudTrail in all regions.
  14. Create a CloudTrail event selector for only Lambda function invocations.
  15. Enable CloudTrail Insights to detect unusual API activity.
  16. Store CloudTrail logs in S3 and configure lifecycle rules for cost optimization.
  17. Enable X-Ray tracing in a Lambda function.
  18. Instrument an API Gateway endpoint with X-Ray tracing.
  19. Use X-Ray service map to identify bottlenecks in a microservices app.
  20. Document how DevOps teams use CloudWatch, CloudTrail, and X-Ray differently than sysadmins.

Intermediate Questions

  1. Automate multi-account CloudWatch dashboards with Terraform.
  2. Use Terraform to deploy composite alarms that combine multiple metrics (e.g., EC2 CPU + ELB latency).
  3. Configure a CloudWatch alarm that triggers rollback in CodeDeploy if errors > threshold.
  4. Use CloudFormation to deploy a CloudWatch Log group with retention policy set to 7 days.
  5. Configure centralized log aggregation from multiple AWS accounts into a single CloudWatch Logs group.
  6. Use EventBridge to invoke a Lambda whenever a CloudTrail event detects root user login.
  7. Create a pipeline that validates Terraform code quality and logs results to CloudWatch.
  8. Configure CloudWatch alarms to monitor EKS pod failures.
  9. Deploy Container Insights for ECS with Terraform.
  10. Set up CloudWatch Contributor Insights to detect top IAM API users.
  11. Automate CloudTrail creation across all AWS accounts using an Organizations SCP.
  12. Enable CloudTrail event data stores for compliance auditing.
  13. Build an Athena table to query CloudTrail logs for unauthorized API calls.
  14. Configure X-Ray tracing for a service mesh (App Mesh or Istio on EKS).
  15. Create a CloudWatch Logs Insights query to detect application errors.
  16. Export CloudWatch Logs to Kinesis Firehose → S3 → Elasticsearch for centralized analysis.
  17. Configure CloudWatch alarms for Lambda concurrency limits.
  18. Integrate CloudWatch with PagerDuty or Opsgenie for on-call alerts.
  19. Automate dashboard deployment with CloudFormation across dev, staging, prod environments.
  20. Document DevOps incident response workflows with CloudWatch + CloudTrail + X-Ray.

Advanced Questions

  1. Build a Terraform module for CloudWatch dashboards, alarms, and logs that can be reused across projects.
  2. Configure cross-account CloudTrail logging into a central security account.
  3. Write a CloudFormation StackSet to enable CloudTrail + CloudWatch alarms across multiple AWS accounts.
  4. Build a log analytics pipeline: CloudWatch Logs → Kinesis → S3 → Athena → QuickSight dashboards.
  5. Automate anomaly detection in CloudWatch for pipeline execution times.
  6. Implement X-Ray tracing in a microservices app deployed to ECS with App Mesh.
  7. Configure alarms to trigger automatic scaling policies in ECS based on CloudWatch metrics.
  8. Use Terraform + GitHub Actions to validate CloudTrail compliance before merging IaC changes.
  9. Design a centralized monitoring system where CloudWatch collects metrics/logs from multiple accounts & regions, then pushes them to a monitoring account.
  10. Final Hands-on Project:
    • Build multi-account CloudTrail with centralized S3 + CloudWatch Logs
    • Enable anomaly detection alarms in CloudWatch for infra + app performance
    • Deploy microservices app with X-Ray tracing enabled
    • Automate dashboards/alarms with Terraform + CloudFormation
    • Integrate alerts with CI/CD pipeline failures
    • Document compliance + observability best practices