Spring Sale Special - Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: sntaclus

A company is building a serverless application on AWS. The application uses an AWS Lambda function to process customer orders 24 hours a day, 7 days a week. The Lambda function calls an external vendor's HTTP API to process payments.

During load tests, a developer discovers that the external vendor payment processing API occasionally times out and returns errors. The company expects that some payment processing API calls will return errors.

The company wants the support team to receive notifications in near real time only when the payment processing external API error rate exceed 5% of the total number of transactions in an hour. Developers need to use an existing Amazon Simple Notification Service (Amazon SNS) topic that is configured to notify the support team.

Which solution will meet these requirements?

A.

Write the results of payment processing API calls to Amazon CloudWatch. Use Amazon CloudWatch Logs Insights to query the CloudWatch logs. Schedule the Lambda function to check the CloudWatch logs and notify the existing SNS topic.

B.

Publish custom metrics to CloudWatch that record the failures of the external payment processing API calls. Configure a CloudWatch alarm to notify the existing SNS topic when error rate exceeds the specified rate.

C.

Publish the results of the external payment processing API calls to a new Amazon SNS topic. Subscribe the support team members to the new SNS topic.

D.

Write the results of the external payment processing API calls to Amazon S3. Schedule an Amazon Athena query to run at regular intervals. Configure Athena to send notifications to the existing SNS topic when the error rate exceeds the specified rate.

A company is building a micro services app1 cation that consists of many AWS Lambda functions. The development team wants to use AWS Serverless Application Model (AWS SAM) templates to automatically test the Lambda functions. The development team plans to test a small percentage of traffic that is directed to new updates before the team commits to a full deployment of the application.

Which combination of steps will meet these requirements in the MOST operationally efficient way? (Select TWO.)

A.

Use AWS SAM CLI commands in AWS CodeDeploy lo invoke the Lambda functions to lest the deployment

B.

Declare the EventlnvokeConfig on the Lambda functions in the AWS SAM templates with OnSuccess and OnFailure configurations.

C.

Enable gradual deployments through AWS SAM templates.

D.

Set the deployment preference type to Canary10Percen130Minutes Use hooks to test the deployment.

E.

Set the deployment preference type to Linear10PefcentEvery10Minutes Use hooks to test the deployment.

A social media company is designing a platform that allows users to upload data, which is stored in Amazon S3. Users can upload data encrypted with a public key. The company wants to ensure that only the company can decrypt the uploaded content using an asymmetric encryption key. The data must always be encrypted in transit and at rest.

Options:

A.

Use server-side encryption with Amazon S3 managed keys (SSE-S3) to encrypt the data.

B.

Use server-side encryption with customer-provided encryption keys (SSE-C) to encrypt the data.

C.

Use client-side encryption with a data key to encrypt the data.

D.

Use client-side encryption with a customer-managed encryption key to encrypt the data.

A company recently deployed an AWS Lambda function. A developer notices an increase in the function throttle metrics in Amazon CloudWatch.

What are the MOST operationally efficient solutions to reduce the function throttling? (Select TWO.)

A.

Migrate the function to Amazon EKS.

B.

Increase the maximum age of events in Lambda.

C.

Increase the function’s reserved concurrency.

D.

Add the lambda:GetFunctionConcurrency action to the execution role.

E.

Request a service quota change for increased concurrency.

A developer must securely access a secret during a build process in an AWS CodeBuild project that has an IAM role. The secret must remain encrypted at rest and must be passed to the buildspec.yml file without appearing in build logs.

Which solution will meet these requirements with the LEAST operational overhead?

A.

Store the secret in AWS Secrets Manager. Reference the secret in the env section of the buildspec.yml file by using secrets-manager. Grant the CodeBuild IAM role least-privilege access.

B.

Store the secret in an encrypted Amazon S3 bucket and download it during the build.

C.

Store the secret in AWS Systems Manager Parameter Store and reference it in the env section by using parameter-store.

D.

Retrieve the parameter manually in a pre-build phase and mask it in the build logs.

A developer has created an AWS Lambda function that is written in Python. The Lambda function reads data from objects in Amazon S3 and writes data to an Amazon DynamoDB table.

The function is successfully invoked from an S3 event notification when an object is created. However, the function fails when it attempts to write to the DynamoDB table.

What is the MOST likely cause of this issue?

A.

The Lambda function's concurrency limit has been exceeded.

B.

The DynamoDB table requires a global secondary index (GSI) to support writes.

C.

The Lambda function does not have IAM permissions to write to DynamoDB.

D.

The DynamoDB table is not running in the same Availability Zone as the Lambda function.

A company is using Amazon API Gateway to invoke a new AWS Lambda function The company has Lambda function versions in its PROD and DEV environments. In each environment, there is a Lambda function alias pointing to the corresponding Lambda function version API Gateway has one stage that is configured to point at the PROD alias

The company wants to configure API Gateway to enable the PROD and DEV Lambda function versions to be simultaneously and distinctly available

Which solution will meet these requirements?

A.

Enable a Lambda authorizer for the Lambda function alias in API Gateway Republish PROD and create a new stage for DEV Create API Gateway stage variables for the PROD and DEV stages. Point each stage variable to the PROD Lambda authorizer to the DEV Lambda authorizer.

B.

Set up a gateway response in API Gateway for the Lambda function alias. Republish PROD and create a new stage for DEV. Create gateway responses in API Gateway for PROD and DEV Lambda aliases

C.

Use an environment variable for the Lambda function alias in API Gateway. Republish PROD and create a new stage for development. Create API gateway environment variables for PROD and DEV stages. Point each stage variable to the PROD Lambda function alias to the DEV Lambda function alias.

D.

Use an API Gateway stage variable to configure the Lambda function alias Republish PROD and create a new stage for development Create API Gateway stage variables for PROD and DEV stages Point each stage variable to the PROD Lambda function alias and to the DEV Lambda function alias

A developer registered an AWS Lambda function as a target for an Application Load Balancer (ALB) using a CLI command. However, the Lambda function is not being invoked when the client sends requests through the ALB.

Why is the Lambda function not being invoked?

A.

A Lambda function cannot be registered as a target for an ALB.

B.

A Lambda function can be registered with an ALB using AWS Management Console only.

C.

The permissions to invoke the Lambda function are missing.

D.

Cross-zone is not enabled on the ALB.

A company deploys a new application to AWS. The company is streaming application logs to Amazon CloudWatch Logs. The company's development team must receive notification by email when the word "ERROR" appears in any log lines. A developer sets up an Amazon SNS topic and subscribes the development team to the topic.

What should the developer do next to meet the requirements?

A.

Select the appropriate log group. Create a CloudWatch metric filter with "ERROR" as the search term. Create an alarm on this metric that notifies the SNS topic when the metric is 1 or higher.

B.

In CloudWatch Logs Insights, select the appropriate log group. Create a metric query to search for the term "ERROR" in the logs. Create an alarm on this metric that notifies the SNS topic when the metric is 1 or higher.

C.

Select the appropriate log group. Create an SNS subscription filter with "ERROR" as the filter pattern. Select the SNS topic as the destination.

D.

Create a CloudWatch alarm that includes "ERROR" as a filter pattern, a log group dimension that defines the appropriate log group, and a destination that notifies the SNS topic.

A developer is investigating recent performance bottlenecks within a company's distributed web application that runs on various AWS services, including Amazon EC2 and Amazon DynamoDB.

How can the developer determine the length of time of the application's calls to the various downstream AWS services?

A.

Enable VPC Flow Logs and analyze them in Amazon OpenSearch Service.

B.

Use Amazon CloudWatch Logs to analyze application logs for the various calls.

C.

Enable detailed monitoring for the EC2 instances in Amazon CloudWatch.

D.

Implement AWS X-Ray with client handlers for the various downstream calls.