0
0
AWScloud~20 mins

Task definitions in AWS - Practice Problems & Coding Challenges

Choose your learning style9 modes available
LearnWhyDeepVisualTryChallengeProjectRecallTime
Challenge - 5 Problems
🎖️
Task Definition Mastery
Get all challenges correct to earn this badge!
Test your skills under time pressure!
🧠 Conceptual
intermediate
2:00remaining
Understanding Task Definition Components
Which part of an AWS ECS task definition specifies the Docker image to use for a container?
AtaskRoleArn
Bfamily
CexecutionRoleArn
DcontainerDefinitions.image
Attempts:
2 left
💡 Hint
Think about where you tell ECS what container to run.
Configuration
intermediate
2:00remaining
Task Definition JSON Validation
Given the following partial task definition snippet, which option correctly specifies the network mode? { "family": "my-task", "containerDefinitions": [ { "name": "app", "image": "myapp:latest", "memory": 512, "cpu": 256, "portMappings": [ {"containerPort": 80, "hostPort": 80} ] } ] } Options are possible values for "networkMode" to add at the root level.
A"networkMode": "bridge"
B"networkMode": "host"
C"networkMode": "none"
D"networkMode": "invalid"
Attempts:
2 left
💡 Hint
The default network mode for EC2 launch type is bridge.
Architecture
advanced
2:00remaining
Task Definition and IAM Roles
Which IAM role should be specified in a task definition to allow the ECS agent to pull container images from a private ECR repository?
AexecutionRoleArn
BtaskRoleArn
CserviceRoleArn
DinstanceRoleArn
Attempts:
2 left
💡 Hint
This role is used by ECS to perform actions on your behalf during task startup.
service_behavior
advanced
2:00remaining
Effect of Task Definition Revision on Running Tasks
What happens to running ECS tasks when a new revision of a task definition is registered and a service is updated to use it?
AExisting tasks automatically update in place to the new revision.
BExisting tasks are immediately stopped and replaced by new tasks.
CExisting tasks continue running until replaced by new tasks with the new revision.
DExisting tasks run both old and new revisions simultaneously without replacement.
Attempts:
2 left
💡 Hint
Consider how ECS handles rolling updates.
security
expert
2:00remaining
Least Privilege Principle in Task Role Assignment
You want to allow your ECS task to access only a specific S3 bucket. Which approach best follows the least privilege principle when assigning IAM roles in the task definition?
AUse the default ECS task execution role with full S3 access.
BCreate a taskRoleArn with a policy granting access only to the specific S3 bucket.
CAssign the EC2 instance role with S3 full access to the task.
DDo not assign any IAM role and rely on public bucket access.
Attempts:
2 left
💡 Hint
Think about granting only the permissions the task needs.