Kinesis Stream Metrics at Shard Level | AWS Security Exam Question

How to Record Metrics at Shard Level for Kinesis Streams

Prev Question Next Question

Question

Your company is making use of Kinesis streams.

There are several applications that are built on EC2 Instances with access to Kinesis streams via IAM Role.

As part of the security policy, it is mandated that metrics be recorded for the streams at the shard level.

How can this be accomplished?

Answers

A. Make use of AWS CloudTrail logs.

B. By default, the basic monitoring in CloudWatch for Kinesis covers the metrics at the shard level. The metrics can be found in the AWS/Kinesis namespace.

C. Enable Enhanced Monitoring in CloudWatch for the shard level data of Kinesis streams. Check the metrics in the AWS/Kinesis namespace.

D. Make use of AWS DynamoDB for storing the logs.

Show Answer

Explanations

Click on the arrows to vote for the correct answer

A. B. C. D.

Answer - C.

The AWS Documentation mentions the following.

All other options are incorrect because of the exact requirement which is given in the AWS Documentation.

For more information on monitoring with Cloudwatch, please refer to the below URL.

https://docs.aws.amazon.com/streams/latest/dev/monitoring-with-cloudwatch.html

The following table describes basic stream-level and enhanced shard-level monitoring for Kinesis streams.

Type Description

Basic (stream- _Stream-level data is sent automatically every minute at no charge.
level)

Enhanced (shard-

Shard-level data is sent every minute for an additional cost. To get this level of data, you must specifically enable it for the stream using the
level) EnableEnhancedMonitoring operation.

For information about pi

ing, see the Amazon CloudWatch product page.

To record metrics for Kinesis streams at the shard level, you can use CloudWatch. CloudWatch is a monitoring service provided by AWS that allows you to collect and track metrics, collect and monitor log files, and set alarms.

There are two types of monitoring for Kinesis streams in CloudWatch: Basic Monitoring and Enhanced Monitoring.

Basic Monitoring is enabled by default for all Kinesis streams and provides a set of metrics at the stream level, such as incoming bytes, outgoing bytes, and number of records. However, Basic Monitoring does not provide metrics at the shard level.

Enhanced Monitoring provides additional metrics for Kinesis streams at the shard level, including disk space utilization, iterator age, and read and write operations. To enable Enhanced Monitoring, you need to modify the stream settings and choose the metrics you want to monitor. Once enabled, the metrics can be viewed in the AWS/Kinesis namespace in CloudWatch.

Therefore, option C - Enable Enhanced Monitoring in CloudWatch for the shard level data of Kinesis streams. Check the metrics in the AWS/Kinesis namespace - is the correct answer.

Option A - Make use of AWS CloudTrail logs - is incorrect because CloudTrail logs provide information about the API calls made to Kinesis, but they do not provide metrics for the Kinesis streams.

Option B - By default, the basic monitoring in CloudWatch for Kinesis covers the metrics at the shard level. The metrics can be found in the AWS/Kinesis namespace - is incorrect because Basic Monitoring does not provide metrics at the shard level.

Option D - Make use of AWS DynamoDB for storing the logs - is incorrect because DynamoDB is a NoSQL database service provided by AWS and is not related to monitoring metrics for Kinesis streams.

Prev Question Next Question