DVA-C01 : AWS Certified Developer Associate : Part 02
-
A server less application uses an API Gateway and AWS Lambda.
Where should the Lambda function store its session information across function calls?
- In an Amazon DynamoDB table
- In an Amazon SQS queue
- In the local filesystem
- In an SQLite session table using –DSQLITE_ENABLE_SESSION
-
A Developer has created a software package to be deployed on multiple EC2 instances using IAM roles.
What actions could be performed to verify IAM access to get records from Amazon Kinesis Streams? (Choose two.)
- Use the AWS CLI to retrieve the IAM group.
- Query Amazon EC2 metadata for in-line IAM policies.
- Request a token from AWS STS, and perform a describe action.
- Perform a get action using the –-dry-run argument.
- Validate the IAM role policy with the IAM policy simulator.
-
When writing a Lambda function, what is the benefit of instantiating AWS clients outside the scope of the handler?
- Legibility and stylistic convention
- Taking advantage of connection re-use
- Better error handling
- Creating a new instance per invocation
-
An application on AWS is using third-party APIs. The Developer needs to monitor API errors in the code, and wants to receive notifications if failures go above a set threshold value.
How can the Developer achieve these requirements?
- Publish a custom metric on Amazon CloudWatch and use Amazon SES for notification.
- Use an Amazon CloudWatch API-error metric and use Amazon SNS for notification.
- Use an Amazon CloudWatch API-error metric and use Amazon SES for notification.
- Publish a custom metric on Amazon CloudWatch and use Amazon SNS for notification.
-
A Developer has an application that can upload tens of thousands of objects per second to Amazon S3 in parallel within a single AWS account. As part of new requirements, data stored in S3 must use server side encryption with AWS KMS (SSE-KMS). After creating this change, performance of the application is slower.
Which of the following is MOST likely the cause of the application latency?
- Amazon S3 throttles the rate at which uploaded objects can be encrypted using Customer Master Keys.
- The AWS KMS API calls limit is less than needed to achieve the desired performance.
- The client encryption of the objects is using a poor algorithm.
- KMS requires that an alias be used to create an independent display name that can be mapped to a CMK.
-
A company wants to migrate its web application to AWS and leverage Auto Scaling to handle pear workloads. The Solutions Architect determined that the best metric for an Auto Scaling event is the number of concurrent users.
Based on this information, what should the Developer use to autoscale based on concurrent users?
- An Amazon SNS topic to be triggered when a concurrent user threshold is met
- An Amazon Cloudwatch Networkin metric
- Amazon CloudFront to leverage AWS Edge Locations
- A Custom Amazon CloudWatch metric for concurrent users.
-
A company is migrating its on-premises database to Amazon RDS for MySQL. The company has read-heavy workloads, and wants to make sure it re-factors its code to achieve optimum read performance for its queries.
How can this objective be met?
- Add database retries to effectively use RDS with vertical scaling
- Use RDS with multi-AZ deployment
- Add a connection string to use an RDS read replica for read queries
- Add a connection string to use a read replica on an EC2 instance.
-
A Developer is receiving HTTP 400: ThrottlingException errors intermittently when calling the Amazon CloudWatch API. When a call fails, no data is retrieved.
What best practice should first be applied to address this issue?
- Contact AWS Support for a limit increase.
- Use the AWS CLI to get the metrics
- Analyze the applications and remove the API call
- Retry the call with exponential backoff
-
A Developer is testing a Docker-based application that uses the AWS SDK to interact with Amazon DynamoDB. In the local development environment, the application has used IAM access keys. The application is now ready for deployment onto an ECS cluster.
How should the application authenticate with AWS services in production?
- Configure an ECS task IAM role for the application to use
- Refactor the application to call AWS STS AssumeRole based on an instance role
- Configure AWS access key/secret access key environment variables with new credentials
- Configure the credentials file with a new access key/secret access key
-
A Developer created a Lambda function for a web application backend. When testing the Lambda function from the AWS Lambda console, the Developer can see that the function is being executed, but there is no log data being generated in Amazon CloudWatch Logs, even after several minutes.
What could cause this situation?
- The Lambda function does not have any explicit log statements for the log data to send it to CloudWatch Logs.
- The Lambda function is missing CloudWatch Logs as a source trigger to send log data.
- The execution role for the Lambda function is missing permissions to write log data to the CloudWatch Logs.
- The Lambda function is missing a target CloudWatch Log group.
-
An application has hundreds of users. Each user may use multiple devices to access the application. The Developer wants to assign unique identifiers to these users regardless of the device they use.
Which of the following methods should be used to obtain unique identifiers?
- Create a user table in Amazon DynamoDB as key-value pairs of users and their devices. Use these keys as unique identifiers.
- Use IAM-generated access key IDs for the users as the unique identifier, but do not store secret keys.
- Implement developer-authenticated identities by using Amazon Cognito, and get credentials for these identities.
- Assign IAM users and roles to the users. Use the unique IAM resource ID as the unique identifier.
-
An application is designed to use Amazon SQS to manage messages from many independent senders. Each sender’s messages must be processed in the order they are received.
Which SQS feature should be implemented by the Developer?
- Configure each sender with a unique MessageGroupId
- Enable MessageDeduplicationIds on the SQS queue
- Configure each message with unique MessageGroupIds.
- Enable ContentBasedDeduplication on the SQS queue
-
A deployment package uses the AWS CLI to copy files into any S3 bucket in the account, using access keys stored in environment variables. The package is running on EC2 instances, and the instances have been modified to run with an assumed IAM role and a more restrictive policy that allows access to only one bucket. After the change, the Developer logs into the host and still has the ability to write into all of the S3 buckets in that account.
What is the MOST likely cause of this situation?
- An IAM inline policy is being used on the IAM role
- An IAM managed policy is being used on the IAM role
- The AWS CLI is corrupt and needs to be reinstalled
- The AWS credential provider looks for instance profile credentials last
-
A Developer is writing transactions into a DynamoDB table called “SystemUpdates” that has 5 write capacity units.
Which option has the highest read throughput?
- Eventually consistent reads of 5 read capacity units reading items that are 4 KB in size
- Strongly consistent reads of 5 read capacity units reading items that are 4 KB in size
- Eventually consistent reads of 15 read capacity units reading items that are 1 KB in size
- Strongly consistent reads of 15 read capacity units reading items that are 1 KB in size
-
Where should an Elastic Beanstalk configuration file named healthcheckur1.config be placed in the application source bundle?
- In the root of the application
- In the bin folder
- In healthcheckur1.config.ebextension under root
- In the .ebextensions folder
-
During non-peak hours, a Developer wants to minimize the execution time of a full Amazon DynamoDB table scan without affecting normal workloads. The workloads average half of the strongly consistent read capacity units during non-peak hours.
How would the Developer optimize this scan?
- Use parallel scans while limiting the rate
- Use sequential scans
- Increase read capacity units during the scan operation
- Change consistency to eventually consistent during the scan operation
-
A Developer is creating a Lambda function and will be using external libraries that are not included in the standard Lambda libraries.
What action would minimize the Lambda compute time consumed?
- Install the dependencies and external libraries at the beginning of the Lambda function.
- Create a Lambda deployment package that includes the external libraries.
- Copy the external libraries to Amazon S3, and reference the external libraries to the S3 location.
- Install the external libraries in Lambda to be available to all Lambda functions.
-
A Developer is writing a Linux-based application to run on AWS Elastic Beanstalk. Application requirements state that the application must maintain full capacity during updates while minimizing cost.
Which type of Elastic Beanstalk deployment policy should the Developer specify for the environment?
- Immutable
- Rolling
- All at Once
- Rolling with additional batch
-
An application under development is required to store hundreds of video files. The data must be encrypted within the application prior to storage, with a unique key for each video file.
How should the Developer code the application?
- Use the KMS Encrypt API to encrypt the data. Store the encrypted data key and data.
- Use a cryptography library to generate an encryption key for the application. Use the encryption key to encrypt the data. Store the encrypted data.
- Use the KMS GenerateDataKey API to get a data key. Encrypt the data with the data key. Store the encrypted data key and data.
- Upload the data to an S3 bucket using server side-encryption with an AWS KMS key.
-
A Developer is creating an application that needs to locate the public IPv4 address of the Amazon EC2 instance on which it runs. How can the application locate this information?
- Get the instance metadata by retrieving http://169.254.169.254/latest/metadata/.
- Get the instance user data by retrieving http://169.254.169.254/latest/userdata/.
- Get the application to run IFCONFIG to get the public IP address.
- Get the application to run IPCONFIG to get the public IP address.
Subscribe
0 Comments
Newest