AWS Developer Associate - C02 (Set 3)

Question 1

How would you set up the permissions for an AWS Lambda function that should be triggered by objects being uploaded to an S3 bucket?

Answer 1

Grant the S3 bucket permissions to invoke the Lambda function

Question 2

Other than permissions, what needs to be set up on the Lambda side to connect a Lambda function to a DynamoDB Stream?

Answer 2

Create an event-source mapping on AWS Lambda to connect it to the DynamoDB Stream

Question 3

Can an SNS filter policy be applied to a single receiver, or must it include the whole topic?

Answer 3

It can be applied to a single receiver.

Question 4

What is a main difference between EFS and S3?

Answer 4

EFS has a file system, while S3 does not provide a file system, just object storage.

Question 5

What is the best way that you can store database credentials for an EC2 instance to use on AWS?

Answer 5

Create a secret on AWS Secrets Manager

Question 6

What is the best serverless option for a PostgreSQL database on AWS?

Answer 6

Amazon Aurora Serverless

Question 7

What is the default length of time Kinesis data streams store records?

Answer 7

24 hours by default

Question 8

Will AWS CodePipeline run automatically after making changes to the pipeline, or would you have to rerun it manually to get the changes?

Answer 8

You will have to rerun it manually. Unlike creating a pipeline, editing a pipeline does not rerun the most recent revision of it.

Question 9

What is the simplest way to deploy a serverless application with CloudFormation?

Answer 9

Using a Serverless ApplicationModel (SAM) template.

Question 10

What is AWS Elastic Beanstalk proxy server used for?

Answer 10

Serving static files from a set of directories from within your web application

Question 11

What is likely the solution if you get an error from Lambda similar to “Code storage limit exceeded”?

Answer 11

You need to reduce the size of your code storage

Question 12

In what section of a CloudFormation template can you deploy variable sized EC2 instances based on the environment (dev, test, prod..)?

Answer 12

The conditions section

Question 13

What is the main difference between AWS SSM Parameter Store and AWS Secrets Manager?

Answer 13

Parameter Store only allows one version of a secret to be active at any given time, while Secrets Manager allows multiple versions to exist at the same time when you are performing a secret rotation. Parameter Store is also cheaper as it incurs no additional cost.

Question 14

What does the cli command “aws s3 presign…” do?

Answer 14

Generates a pre-signed URL for an S3 object

Question 15

What parameter can you add to the CreateFunction or UpdateFunction request to automatically publish a Lambda function after creating/updating it?

Answer 15

The publish parameter

Question 16

How can you save costs on an SQS queue that has a low volume of messages?

Answer 16

Enable Long polling

Question 17

What is an SQS LIFO queue?

Answer 17

It does not exist, SQS does not support LIFO

Question 18

How can you increase throughput on an SQS Queue?

Answer 18

Use SQS batch actions

Question 19

Would you use SQS or Kinesis Stream if you want to decouple components of an application?

Answer 19

SQS

Question 20

Would you use SQS or Kinesis Stream if you want to allow multiple applications to consume the same stream concurrently?

Answer 20

Kinesis Stream

Question 21

Would you use SQS or Kinesis Stream if you want to configure individual message delay?

Answer 21

SQS

Question 22

Would you use SQS or Kinesis Stream if you need to scale transparently?

Answer 22

SQS

Question 23

What does the “describe-identity” API do?

Answer 23

It returns metadata related to the given identity.

Question 24

What does the “get-credentials-for-identity” API do?

Answer 24

It returns credentials for the provided identity ID using Cognito

Question 25

Do customers have to manually rotate their customer-managed keys in KMS?

Answer 25

No, KMS has automatic key rotation even for customer-managed keys

Question 26

Do customer-managed keys in KMS have automatic key rotation by default?

Answer 26

No, you would have to turn it on.

Question 27

T/F: After you call a re-sharding operation in Amazon Kinesis, you do not need to wait for the stream to become active again.

Answer 27

False: After you call a re-sharding operation, you need to wait for the stream to become active again

Question 28

When using SSE-C in S3, is it possible to have different encryption keys for different versions of the same object?

Answer 28

Yes, it is, but the user is then responsible for tracking which encryption key was used for which object’s version

Question 29

What type of encryption is used to encrypt data larger than 4KB?

Answer 29

Envelope Encryption

Question 30

What is the GenerateDataKey API call used for?

Answer 30

It returns a Data Encryption Key so that you can encrypt data larger than 4KB

Question 31

What type of key is used in Envelope encryption to encrypt objects larger than 4KB?

Answer 31

A Data Encryption Key

Question 32

What is the best solution to debugging a Lambda function?

Answer 32

AWS-Ray

Question 33

What does web identity federation allow your web application’s users to do?

Answer 33

Sign in with Amazon, Facebook, Google, or other well-known accounts

Question 34

How many MB/s can a Kinesis Data Stream shard ingest?

Answer 34

1 MB/s

Question 35

How many MB/s can a Kinesis Data Stream shard write?

Answer 35

2 MB/s

Question 36

How can you reduce duplicated work in creating a Lambda function with a basic function?

Answer 36

Use a shared Lambda layer from the AWS Serverless Application Registry

Question 37

Which EB automated deployment type will ensure app performance is unaffected by a new application version deployment?

Answer 37

Immutable

Question 38

What is AWS CDK?

Answer 38

AWS Cloud Development Kit accelerates cloud development by using IaC with common programming languages to set up the cloud environment, like TypeScript, Python and Java.

Question 39

What does an S3 CLI command start with?

Answer 39

aws s3api…

Question 40

What is the default Lambda function timeout?

Answer 40

3 seconds

Question 41

What is the default Lambda function memory?

Answer 41

128 MB

Question 42

With AWS CloudTrail, creating multiple trails in one region allows ______ to focus on one aspect of AWS operation.

Answer 42

Stakeholders

Question 43

If you have one or more objects with one million+ versions in an S3 bucket, PUT and DELETE requests will likely return what HTTP Error code?

Answer 43

HTTP 503-slow down

Question 44

What can you use to determine which objects in an S3 bucket may have millions of versions?

Answer 44

The Amazon S3 Inventory Tool

Question 45

What is Cache-Aside caching?

Answer 45

Cache-Aside is a lazy loading technique that only writes data to the cache after it is not found in the cache.

Question 46

What is Write-Through caching?

Answer 46

It stores data in the cache regardless of whether or not it has been read, as it is written to the cache at the same time it is written to the database.

Question 47

What is Write-Back caching?

Answer 47

Also called write-behind caching, it is a technique that is optimized for write-intensive workloads.

Question 48

What is Refresh-Ahead caching?

Answer 48

It enables users to configure expirations for items in a cache and refresh them in advance of the expiration time.

Question 49

What is the WaitTimeSeconds parameter associated with in SQS?

Answer 49

Long/Short polling