Lambda

Question 1

Which AWS service provides event-driven, serverless computing capabilities, enabling developers to execute code in response to events without managing or provisioning servers, while automatically handling the required computing resources?

Answer 1

AWS Lambda - a fundamental component of serverless architecture

Question 2

What is the primary element of a Lambda function that must be specified upon creation, where the function’s code is loaded and executed?

Answer 2

Runtime Environment (e.g. Python 3.8), which includes allocated memory, the amount of memory determines the vCPU allocation (e.g. 1769MB of memory equals 1 vCPU)

Question 3

What feature allows for the creation of custom runtime environments in AWS Lambda?

Answer 3

Layers can be used to create custom runtime (e.g. Rust)

Question 4

How is AWS Lambda billed?

Answer 4

Billed for the duration that the function runs

Question 5

Can a Lambda function maintain a persistent state?

Answer 5

No, Lambda functions are stateless

Question 6

What is the maximum allowed size for an AWS Lambda deployment package (the code deployed to the function)?

Answer 6

Up to 50MB zipped, 250MB unzipped, or 10GB for an uncompressed container image including all layers

Question 7

What are the minimum and maximum memory allocations for a Lambda function?

Answer 7

Memory can be defined from 128MB to 10,240MB in 1MB increments, the amount of memory directly affects the vCPU allocation (e.g. 1769MB equals 1 vCPU)

Question 8

Does AWS Lambda provide temporary storage for data?

Answer 8

Yes, Lambda provides 512MB of default storage at /tmp, which can be increased up to 10,240MB

Question 9

Is there a limit on the execution time for AWS Lambda functions?

Answer 9

Yes, Lambda functions can run for a maximum of 900 seconds (15 minutes) before timing out, making it unsuitable for tasks exceeding 15 minutes in execution time

Question 10

Can AWS Lambda execute functions within Docker containers?

Answer 10

Technically, yes, Lambda can run Docker images specifically built for its environment, however, during exams, Docker is generally considered an anti-pattern for Lambda

Question 11

How does AWS Lambda address security concerns, and how can a function access other AWS services?

Answer 11

Lambda functions use an Execution Role with an IAM policy that grants necessary permissions to access other AWS services during execution, and the Trust Policy, that allows Lambda to assume this role.

Lambda has a resource-based policy that controls who can interact with it and which services or AWS accounts can trigger or invoke the function

Question 12

What are some ideal use cases for AWS Lambda?

Answer 12

• Core component of serverless architectures (along with S3 and API Gateway)
• File processing (with S3 and S3 Events)
• Database triggers (with DynamoDB and DynamoDB Streams)
• Serverless CRON jobs (with EventBridge/CloudWatch Events)
• Real-time stream data processing (with Kinesis)

Question 13

What are the two networking modes available for AWS Lambda?

Answer 13

Public Networking (the default) and VPC Networking

Question 14

Which AWS Lambda networking mode provides access to public AWS services (e.g., SQS, DynamoDB) and the public internet?

Answer 14

Public Networking mode

Question 15

Which AWS Lambda networking mode offers the best performance?

Answer 15

Public Networking mode, as it does not require customer-specific VPC networking

Question 16

Which AWS Lambda networking mode does not provide access to services within a VPC, unless those services have public IP addresses and security controls permit external access?

Answer 16

Public Networking mode

Question 17

Which AWS Lambda networking mode is typically the default choice?

Answer 17

Public Networking mode.

Question 18

What configuration is needed for an AWS Lambda function in VPC Networking mode to access the public internet?

Answer 18

You need to configure it similarly to other private services, using a VPC gateway endpoint for services like DynamoDB or a NAT Gateway in a public subnet for outbound internet access

Question 19

Which AWS Lambda networking mode operates in a private subnet within a VPC?

Answer 19

VPC Networking mode

Question 20

Which AWS Lambda networking mode adheres to the same rules as other services within a VPC?

Answer 20

VPC Networking mode

Question 21

Which AWS Lambda networking mode can freely access other VPC-based resources?

Answer 21

VPC Networking mode

Question 22

Which AWS Lambda networking mode has no access outside the VPC unless configured otherwise?

Answer 22

VPC Networking mode

Question 23

What tracing and monitoring options are available for AWS Lambda functions?

Answer 23

• CloudWatch for tracking invocation success/failure, retries, and latency
• CloudWatch Logs for Lambda execution logs
• AWS X-Ray for distributed tracing

Question 23

Which AWS Lambda networking mode may experience an initial invocation delay of up to 90 seconds?

Answer 23

VPC Networking mode, due to the setup of Security Groups and Subnets, and the allocation of an Elastic Network Interface (ENI) in the customer’s VPC

Question 24

Does AWS Lambda require additional permissions to use CloudWatch Logs?

Answer 24

Yes, these permissions are provided via the Execution Role

Question 25

Which AWS Lambda component represents the combination of function configuration and code?

Answer 25

Version, once a version is published, it becomes immutable and has its own ARN, while $Latest points to the most recent version

Question 26

Which AWS Lambda feature allows you to point to a specific function version?

Answer 26

An Alias can be used to point to a specific function version (e.g. Prod, Stage)

Question 27

What invocation modes are supported by AWS Lambda?

Answer 27

Synchronous Invocation, Asynchronous Invocation, and Polling Invocation

Question 28

Which AWS Lambda invocation mode is used to invoke the function directly via API/CLI or indirectly through API Gateway?

Answer 28

Synchronous Invocation mode

Question 29

Which AWS Lambda invocation mode is used when providing the function with data during the call?

Answer 29

Synchronous Invocation mode

Question 30

Which AWS Lambda invocation mode is used when services invoke the Lambda function on your behalf, such as S3 event triggers invoking the function when an object is uploaded to the bucket?

Answer 30

Asynchronous Invocation mode

Question 30

Which AWS Lambda invocation mode is used when the client is waiting for the response?

Answer 30

Synchronous Invocation mode

Question 31

Which AWS Lambda invocation mode is used when successful or unsuccessful responses are returned?

Answer 31

Synchronous Invocation mode

Question 32

Which AWS Lambda invocation mode is used when errors or retries are handled by the client?

Answer 32

Synchronous Invocation mode

Question 33

Which AWS Lambda invocation mode is used when the service does not wait for the response?

Answer 33

Asynchronous Invocation mode

Question 34

Which AWS Lambda invocation mode is used when the Lambda service is responsible for retries (configurable between 0 and 2 times)?

Answer 34

Asynchronous Invocation mode

Question 35

Which AWS Lambda invocation mode is used when the function needs to be idempotent?

Answer 35

Asynchronous Invocation mode, (e.g. ensure a $10 balance is increased to $20 by setting the balance to $20, and not adding another $10)

Question 36

Which AWS Lambda invocation mode allows SQS queues or SNS topics to be used as a dead letter queue (DLQ) to store failed invocation attempts for further analysis?

Answer 36

Asynchronous Invocation and Polling Invocation modes

Question 37

Which AWS Lambda invocation mode allows an event processed by Lambda functions to be delivered to other destinations (e.g., SNS, SQS, Lambda, EventBridge), with separate destinations for successful or failed processing?

Answer 37

Asynchronous Invocation mode

Question 38

Which AWS Lambda invocation mode is used for streams or queues that don’t support event generation to invoke Lambda (e.g., Kinesis, DynamoDB Streams, SQS)?

Answer 38

Polling Invocation mode, this mode polls streams and retrieves source batches, breaking them into event batches to send to Lambda, a single invocation can process many events in a batch, and the event source mapping reads from the source using permissions defined in the Lambda Execution Role

Question 39

What steps occur when an AWS Lambda function is executed?

Answer 39

• The execution context is initialized (underlying physical hardware)
• The runtime environment is downloaded and installed
• The deployment package, along with any dependencies, is downloaded and installed

Each of these steps adds to the overall execution time

Question 40

What is the process called when a Lambda function is invoked and the execution context needs to be initialized from scratch?

Answer 40

Cold Start (this invocation can take several hundred milliseconds or more)

Question 41

What is the process called when a Lambda function is invoked, and the execution context has already been initialized with the deployment package downloaded and installed?

Answer 41

Warm Start (this invocation typically takes just a few milliseconds)

Question 42

Which AWS Lambda feature can be used to keep multiple execution contexts pre-warmed and ready to improve invocation speed?

Answer 42

Provisioned Concurrency

Question 42

How many Lambda functions can run concurrently within a single execution context?

Answer 42

Only one function can run per execution context, therefore, if 20 functions are triggered simultaneously, 20 separate Cold Starts would be initiated

Question 43

Can a service that invokes AWS Lambda always guarantee that the function will be executed in a Warm Start?

Answer 43

No, every function invocation should expect to be executed as a Cold Start

Question 44

How can you optimize AWS Lambda invocation if downloading specific assets within the function is causing delays?

Answer 44

Use the /tmp storage to pre-download necessary assets (the /tmp storage can be configured to range between 512 MB and 10,240 MB)