Spring Sale Special - Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: sntaclus

A developer is planning to migrate on-premises company data to Amazon S3. The data must be encrypted, and the encryption Keys must support automate annual rotation. The company must use AWS Key Management Service (AWS KMS) to encrypt the data.

When type of keys should the developer use to meet these requirements?

A.

Amazon S3 managed keys

B.

Symmetric customer managed keys with key material that is generated by AWS

C.

Asymmetric customer managed keys with key material that generated by AWS

D.

Symmetric customer managed keys with imported key material

A developer is using an AWS CloudFormation template to create a pipeline in AWS CodePipeline. The template creates an Amazon S3 bucket that the pipeline references in a source stage. The template also creates an AWS CodeBuild project for a build stage. The pipeline sends notifications to an Amazon SNS topic. Logs for the CodeBuild project are stored in Amazon CloudWatch Logs.

The company needs to ensure that the pipeline's artifacts are encrypted with an existing customer-managed AWS KMS key. The developer has granted the pipeline permissions to use the KMS key.

Which additional step will meet these requirements?

A.

Create an Amazon S3 gateway endpoint that the pipeline can access.

B.

In the CloudFormation template, use the KMS key to encrypt the logs in CloudWatch Logs.

C.

Apply an S3 bucket policy that ensures the pipeline sends only encrypted objects to the S3 bucket.

D.

Configure the notification topic to use the existing KMS key to enable encryption with the existing KMS key.

A developer has code that is stored in an Amazon S3 bucket. The code must be deployed as an AWS Lambda function across multiple accounts in the same AWS Region as the S3 bucket an AWS CloudPormation template that runs for each account will deploy the Lambda function.

What is the MOST secure way to allow CloudFormaton to access the Lambda Code in the S3 bucket?

A.

Grant the CloudFormation service role the S3 ListBucket and GetObject permissions. Add a bucket policy to Amazon S3 with the principal of "AWS" (account numbers)

B.

Grant the CloudFormation service row the S3 GetObfect permission. Add a Bucket policy to Amazon S3 with the principal of "'"

C.

Use a service-based link to grant the Lambda function the S3 ListBucket and GetObject permissions by explicitly adding the S3 bucket's account number in the resource.

D.

Use a service-based link to grant the Lambda function the S3 GetObject permission Add a resource of "** to allow access to the S3 bucket.

A social media application is experiencing high volumes of new user requests after a recent marketing campaign. The application is served by an Amazon RDS for MySQL instance. A solutions architect examines the database performance and notices high CPU usage and many "too many connections" errors that lead to failed requests on the database. The solutions architect needs to address the failed requests.

Which solution will meet this requirement?

A.

Deploy an Amazon DynamoDB Accelerator (DAX) cluster. Configure the application to use the DAX cluster.

B.

Deploy an RDS Proxy. Configure the application to use the RDS Proxy.

C.

Migrate the database to an Amazon RDS for PostgreSQL instance.

D.

Deploy an Amazon ElastiCache (Redis OSS) cluster. Configure the application to use the ElastiCache cluster.

A developer must analyze performance issues with production-distributed applications written as AWS Lambda functions. These distributed Lambda applications invoke other components that make up me applications. How should the developer identify and troubleshoot the root cause of the performance issues in production?

A.

Add logging statements to the Lambda functions. then use Amazon CloudWatch to view the logs.

B.

Use AWS CloudTrail and then examine the logs.

C.

Use AWS X-Ray. then examine the segments and errors.

D.

Run Amazon inspector agents and then analyze performance.

A developer has created an AWS Lambda function to provide notification through Amazon Simple Notification Service (Amazon SNS) whenever a file is uploaded to Amazon S3 that is larger than 50 MB. The developer has deployed and tested the Lambda function by using the CLI. However, when the event notification is added to the S3 bucket and a 3.000 MB file is uploaded, the Lambda function does not launch.

Which of the following Is a possible reason for the Lambda function's inability to launch?

A.

The S3 event notification does not activate for files that are larger than 1.000 MB.

B.

The resource-based policy for the Lambda function does not have the required permissions to be invoked by Amazon S3.

C.

Lambda functions cannot be invoked directly from an S3 event.

D.

The S3 bucket needs to be made public.

A company is building a scalable data management solution by using AWS services to improve the speed and agility of development. The solution will ingest large volumes of data from various sources and will process this data through multiple business rules and transformations.

The solution requires business rules to run in sequence and to handle reprocessing of data if errors occur when the business rules run. The company needs the solution to be scalable and to require the least possible maintenance.

Which AWS service should the company use to manage and automate the orchestration of the data flows to meet these requirements?

A.

AWS Batch

B.

AWS Step Functions

C.

AWS Glue

D.

AWS Lambda

A company offers a business-to-business software service that runs on dedicated infrastructure deployed in each customer's AWS account. Before a feature release, the company needs to run integration tests on real AWS test infrastructure. The test infrastructure consists of Amazon EC2 instances and an Amazon RDS database.

A developer must set up a continuous delivery process that will provision the test infrastructure across the different AWS accounts. The developer then must run the integration tests.

Which solution will meet these requirements with the LEAST administrative effort?

A.

Use AWS CodeDeploy with AWS CloudFormation StackSets to deploy the infrastructure. Use Amazon CodeGuru to run the tests.

B.

Use AWS CodePipeline with AWS CloudFormation StackSets to deploy the infrastructure. Use AWS CodeBuild to run the tests.

C.

Use AWS CodePipeline with AWS CloudFormation change sets to deploy the infrastructure. Use a CloudFormation custom resource to run the tests.

D.

Use AWS Serverless Application Model (AWS SAM) templates with AWS CloudFormation change sets to deploy the infrastructure. Use AWS CodeDeploy to run the tests.

A developer is troubleshooting an application in an integration environment. In the application, an Amazon Simple Queue Service (Amazon SQS) queue consumes messages and then an AWS Lambda function processes the messages. The Lambda function transforms the messages and makes an API call to a third-party service.

There has been an increase in application usage. The third-party API frequently returns an HTTP 429 Too Many Requests error message. The error message prevents a significant number of messages from being processed successfully.

How can the developer resolve this issue?

A.

Increase the SQS event source's batch size setting.

B.

Configure provisioned concurrency for the Lambda function based on the third-party API's documented rate limits.

C.

Increase the retry attempts and maximum event age in the Lambda function's asynchronous configuration.

D.

Configure maximum concurrency on the SQS event source based on the third-party service's documented rate limits.

A company wants to automate part of its deployment process. A developer needs to automate the process of checking for and deleting unused resources that supported previously deployed stacks but that are no longer used.

The company has a central application that uses the AWS Cloud Development Kit (AWS CDK) to manage all deployment stacks. The stacks are spread out across multiple accounts. The developer’s solution must integrate as seamlessly as possible within the current deployment process.

Which solution will meet these requirements with the LEAST amount of configuration?

A.

In the central AWS CDK application, write a handler function in the code that uses AWS SDK calls to check for and delete unused resources. Create an AWS CloudPormation template from a JSON file. Use the template to attach the function code to an AWS Lambda function and lo invoke the Lambda function when the deployment slack runs.

B.

In the central AWS CDK application. write a handler function in the code that uses AWS SDK calls to check for and delete unused resources. Create an AWS CDK custom resource Use the custom resource to attach the function code to an AWS Lambda function and to invoke the Lambda function when the deployment stack runs.

C.

In the central AWS CDK, write a handler function m the code that uses AWS SDK calls to check for and delete unused resources. Create an API in AWS Amplify Use the API to attach the function code to an AWS Lambda function and to invoke the Lambda function when the deployment stack runs.

D.

In the AWS Lambda console write a handler function in the code that uses AWS SDK calls to check for and delete unused resources. Create an AWS CDK custom resource. Use the custom resource to import the Lambda function into the stack and to Invoke the Lambda function when the deployment stack runs.