AWS Developer Associate - C02 (Set 3) Flashcards
How would you set up the permissions for an AWS Lambda function that should be triggered by objects being uploaded to an S3 bucket?
Grant the S3 bucket permissions to invoke the Lambda function
Other than permissions, what needs to be set up on the Lambda side to connect a Lambda function to a DynamoDB Stream?
Create an event-source mapping on AWS Lambda to connect it to the DynamoDB Stream
Can an SNS filter policy be applied to a single receiver, or must it include the whole topic?
It can be applied to a single receiver.
What is a main difference between EFS and S3?
EFS has a file system, while S3 does not provide a file system, just object storage.
What is the best way that you can store database credentials for an EC2 instance to use on AWS?
Create a secret on AWS Secrets Manager
What is the best serverless option for a PostgreSQL database on AWS?
Amazon Aurora Serverless
What is the default length of time Kinesis data streams store records?
24 hours by default
Will AWS CodePipeline run automatically after making changes to the pipeline, or would you have to rerun it manually to get the changes?
You will have to rerun it manually. Unlike creating a pipeline, editing a pipeline does not rerun the most recent revision of it.
What is the simplest way to deploy a serverless application with CloudFormation?
Using a Serverless ApplicationModel (SAM) template.
What is AWS Elastic Beanstalk proxy server used for?
Serving static files from a set of directories from within your web application
What is likely the solution if you get an error from Lambda similar to “Code storage limit exceeded”?
You need to reduce the size of your code storage
In what section of a CloudFormation template can you deploy variable sized EC2 instances based on the environment (dev, test, prod..)?
The conditions section
What is the main difference between AWS SSM Parameter Store and AWS Secrets Manager?
Parameter Store only allows one version of a secret to be active at any given time, while Secrets Manager allows multiple versions to exist at the same time when you are performing a secret rotation. Parameter Store is also cheaper as it incurs no additional cost.
What does the cli command “aws s3 presign…” do?
Generates a pre-signed URL for an S3 object
What parameter can you add to the CreateFunction or UpdateFunction request to automatically publish a Lambda function after creating/updating it?
The publish parameter
How can you save costs on an SQS queue that has a low volume of messages?
Enable Long polling
What is an SQS LIFO queue?
It does not exist, SQS does not support LIFO
How can you increase throughput on an SQS Queue?
Use SQS batch actions
Would you use SQS or Kinesis Stream if you want to decouple components of an application?
SQS
Would you use SQS or Kinesis Stream if you want to allow multiple applications to consume the same stream concurrently?
Kinesis Stream
Would you use SQS or Kinesis Stream if you want to configure individual message delay?
SQS
Would you use SQS or Kinesis Stream if you need to scale transparently?
SQS
What does the “describe-identity” API do?
It returns metadata related to the given identity.
What does the “get-credentials-for-identity” API do?
It returns credentials for the provided identity ID using Cognito
Do customers have to manually rotate their customer-managed keys in KMS?
No, KMS has automatic key rotation even for customer-managed keys
Do customer-managed keys in KMS have automatic key rotation by default?
No, you would have to turn it on.
T/F: After you call a re-sharding operation in Amazon Kinesis, you do not need to wait for the stream to become active again.
False: After you call a re-sharding operation, you need to wait for the stream to become active again
When using SSE-C in S3, is it possible to have different encryption keys for different versions of the same object?
Yes, it is, but the user is then responsible for tracking which encryption key was used for which object’s version
What type of encryption is used to encrypt data larger than 4KB?
Envelope Encryption
What is the GenerateDataKey API call used for?
It returns a Data Encryption Key so that you can encrypt data larger than 4KB
What type of key is used in Envelope encryption to encrypt objects larger than 4KB?
A Data Encryption Key
What is the best solution to debugging a Lambda function?
AWS-Ray
What does web identity federation allow your web application’s users to do?
Sign in with Amazon, Facebook, Google, or other well-known accounts
How many MB/s can a Kinesis Data Stream shard ingest?
1 MB/s
How many MB/s can a Kinesis Data Stream shard write?
2 MB/s
How can you reduce duplicated work in creating a Lambda function with a basic function?
Use a shared Lambda layer from the AWS Serverless Application Registry
Which EB automated deployment type will ensure app performance is unaffected by a new application version deployment?
Immutable
What is AWS CDK?
AWS Cloud Development Kit accelerates cloud development by using IaC with common programming languages to set up the cloud environment, like TypeScript, Python and Java.
What does an S3 CLI command start with?
aws s3api…
What is the default Lambda function timeout?
3 seconds
What is the default Lambda function memory?
128 MB
With AWS CloudTrail, creating multiple trails in one region allows ______ to focus on one aspect of AWS operation.
Stakeholders
If you have one or more objects with one million+ versions in an S3 bucket, PUT and DELETE requests will likely return what HTTP Error code?
HTTP 503-slow down
What can you use to determine which objects in an S3 bucket may have millions of versions?
The Amazon S3 Inventory Tool
What is Cache-Aside caching?
Cache-Aside is a lazy loading technique that only writes data to the cache after it is not found in the cache.
What is Write-Through caching?
It stores data in the cache regardless of whether or not it has been read, as it is written to the cache at the same time it is written to the database.
What is Write-Back caching?
Also called write-behind caching, it is a technique that is optimized for write-intensive workloads.
What is Refresh-Ahead caching?
It enables users to configure expirations for items in a cache and refresh them in advance of the expiration time.
What is the WaitTimeSeconds parameter associated with in SQS?
Long/Short polling
