Amazon AWS Certified Developer - Associate DVA-C02
Prev

There are 313 results

Next
#271 (Accuracy: 100% / 4 votes)
A developer is setting up a deployment pipeline. The pipeline includes an AWS CodeBuild build stage that requires access to a database to run integration tests. The developer is using a buildspec.yml file to configure the database connection. Company policy requires automatic rotation of all database credentials.

Which solution will handle the database credentials MOST securely?
  • A. Retrieve the credentials from variables that are hardcoded in the buildspec.yml file. Configure an AWS Lambda function to rotate the credentials.
  • B. Retrieve the credentials from an environment variable that is linked to a SecureString parameter in AWS Systems Manager Parameter Store. Configure Parameter Store for automatic rotation.
  • C. Retrieve the credentials from an environment variable that is linked to an AWS Secrets Manager secret. Configure Secrets Manager for automatic rotation.
  • D. Retrieve the credentials from an environment variable that contains the connection string in plaintext. Configure an Amazon EventBridge event to rotate the credentials.
#272 (Accuracy: 90% / 10 votes)
A company is developing a serverless application that consists of various AWS Lambda functions behind Amazon API Gateway APIs. A developer needs to automate the deployment of Lambda function code. The developer will deploy updated Lambda functions with AWS CodeDeploy. The deployment must minimize the exposure of potential errors to end users. When the application is in production, the application cannot experience downtime outside the specified maintenance window.

Which deployment configuration will meet these requirements with the LEAST deployment time?
  • A. Use the AWS CodeDeploy in-place deployment configuration for the Lambda functions. Shift all traffic immediately after deployment.
  • B. Use the AWS CodeDeploy linear deployment configuration to shift 10% of the traffic every minute.
  • C. Use the AWS CodeDeploy all-at-once deployment configuration to shift all traffic to the updated versions immediately.
  • D. Use the AWS CodeDeploy predefined canary deployment configuration to shift 10% of the traffic immediately and shift the remaining traffic after 5 minutes.
#273 (Accuracy: 100% / 7 votes)
A developer creates an AWS Lambda function that retrieves and groups data from several public API endpoints. The Lambda function has been updated and configured to connect to the private subnet of a VPC. An internet gateway is attached to the VPC. The VPC uses the default network ACL and security group configurations.

The developer finds that the Lambda function can no longer access the public API. The developer has ensured that the public API is accessible, but the Lambda function cannot connect to the API

How should the developer fix the connection issue?
  • A. Ensure that the network ACL allows outbound traffic to the public internet.
  • B. Ensure that the security group allows outbound traffic to the public internet.
  • C. Ensure that outbound traffic from the private subnet is routed to a public NAT gateway.
  • D. Ensure that outbound traffic from the private subnet is routed to a new internet gateway.
#274 (Accuracy: 93% / 7 votes)
A developer is creating an AWS Serverless Application Model (AWS SAM) template. The AWS SAM template contains the definition of multiple AWS Lambda functions, an Amazon S3 bucket, and an Amazon CloudFront distribution. One of the Lambda functions runs on Lambda@Edge in the CloudFront distribution. The S3 bucket is configured as an origin for the CloudFront distribution.

When the developer deploys the AWS SAM template in the eu-west-1 Region, the creation of the stack fails.

Which of the following could be the reason for this issue?
  • A. CloudFront distributions can be created only in the us-east-1 Region.
  • B. Lambda@Edge functions can be created only in the us-east-1 Region.
  • C. A single AWS SAM template cannot contain multiple Lambda functions.
  • D. The CloudFront distribution and the S3 bucket cannot be created in the same Region.
#275 (Accuracy: 100% / 5 votes)
A developer is developing an application that uses signed requests (Signature Version 4) to call other AWS services. The developer has created a canonical request, has created the string to sign, and has calculated signing information.

Which methods could the developer use to complete a signed request? (Choose two.)
  • A. Add the signature to an HTTP header that is named Authorization.
  • B. Add the signature to a session cookie.
  • C. Add the signature to an HTTP header that is named Authentication.
  • D. Add the signature to a query string parameter that is named X-Amz-Signature.
  • E. Add the signature to an HTTP header that is named WWW-Authenticate.
#276 (Accuracy: 100% / 5 votes)
A company's developer is building a static website to be deployed in Amazon S3 for a production environment. The website integrates with an Amazon Aurora PostgreSQL database by using an AWS Lambda function. The website that is deployed to production will use a Lambda alias that points to a specific version of the Lambda function.

The company must rotate the database credentials every 2 weeks. Lambda functions that the company deployed previously must be able to use the most recent credentials.

Which solution will meet these requirements?
  • A. Store the database credentials in AWS Secrets Manager. Turn on rotation. Write code in the Lambda function to retrieve the credentials from Secrets Manager.
  • B. Include the database credentials as part of the Lambda function code. Update the credentials periodically and deploy the new Lambda function.
  • C. Use Lambda environment variables. Update the environment variables when new credentials are available.
  • D. Store the database credentials in AWS Systems Manager Parameter Store. Turn on rotation. Write code in the Lambda function to retrieve the credentials from Systems Manager Parameter Store.
#277 (Accuracy: 100% / 4 votes)
A developer has written code for an application and wants to share it with other developers on the team to receive feedback. The shared application code needs to be stored long-term with multiple versions and batch change tracking.

Which AWS service should the developer use?
  • A. AWS CodeBuild
  • B. Amazon S3
  • C. AWS CodeCommit
  • D. AWS Cloud9
#278 (Accuracy: 100% / 4 votes)
A developer maintains a critical business application that uses Amazon DynamoDB as the primary data store. The DynamoDB table contains millions of documents and receives 30-60 requests each minute. The developer needs to perform processing in near-real time on the documents when they are added or updated in the DynamoDB table.

How can the developer implement this feature with the LEAST amount of change to the existing application code?
  • A. Set up a cron job on an Amazon EC2 instance. Run a script every hour to query the table for changes and process the documents.
  • B. Enable a DynamoDB stream on the table. Invoke an AWS Lambda function to process the documents.
  • C. Update the application to send a PutEvents request to Amazon EventBridge. Create an EventBridge rule to invoke an AWS Lambda function to process the documents.
  • D. Update the application to synchronously process the documents directly after the DynamoDB write.
#279 (Accuracy: 100% / 4 votes)
A developer is working on an ecommerce website. The developer wants to review server logs without logging in to each of the application servers individually. The website runs on multiple Amazon EC2 instances, is written in Python, and needs to be highly available.

How can the developer update the application to meet these requirements with MINIMUM changes?
  • A. Rewrite the application to be cloud native and to run on AWS Lambda, where the logs can be reviewed in Amazon CloudWatch.
  • B. Set up centralized logging by using Amazon OpenSearch Service, Logstash, and OpenSearch Dashboards.
  • C. Scale down the application to one larger EC2 instance where only one instance is recording logs.
  • D. Install the unified Amazon CloudWatch agent on the EC2 instances. Configure the agent to push the application logs to CloudWatch.
#280 (Accuracy: 91% / 7 votes)
A team is developing an application that is deployed on Amazon EC2 instances. During testing, the team receives an error. The EC2 instances are unable to access an Amazon S3 bucket.

Which steps should the team take to troubleshoot this issue? (Choose two.)
  • A. Check whether the policy that is assigned to the IAM role that is attached to the EC2 instances grants access to Amazon S3.
  • B. Check the S3 bucket policy to validate the access permissions for the S3 bucket.
  • C. Check whether the policy that is assigned to the IAM user that is attached to the EC2 instances grants access to Amazon S3.
  • D. Check the S3 Lifecycle policy to validate the permissions that are assigned to the S3 bucket.
  • E. Check the security groups that are assigned to the EC2 instances. Make sure that a rule is not blocking the access to Amazon S3.