Free Practice Questions for Amazon Web Services DVA-C02 Exam

https://aws.amazon.com/blogs/devops/automated-code-review-on-pull-requests-using-aws-codecommit-and-aws-codebuild/

Instance Metadata Service: EC2 instances have access to an internal metadata service. It provides instance-specific information like instance ID, security groups, and public IP address.

Accessing Metadata:

Make an HTTP GET request to the base URL: http://169.254.169.254/latest/meta-data/

You'll get a list of available categories. The public IPv4 address is under public-ipv4.

AWS CloudFormation is a service that allows developers to model and provision AWS resources using templates. A CloudFormation template can define the load test resources, such as EC2 instances, load balancers, and Auto Scaling groups. A CloudFormation stack set is a collection of stacks that can be created and managed from a single template in multiple Regions and accounts. The AWS CLI create-stack-set command can be used to create a stack set from a template and specify the Regions where the stacks should be created. Reference: Working with AWS CloudFormation stack sets

This solution will meet the requirements by using AWS Encryption SDK, which is a client-side encryption library that enables developers to encrypt and decrypt data using data encryption keys that are protected by AWS Key Management Service (AWS KMS). The SDK encrypts the data encryption key with a customer master key (CMK) that is managed by AWS KMS, and stores it (encrypted) as part of the returned ciphertext. The developer does not need to keep track of the data encryption keys used to encrypt data, as they are stored with the encrypted data and can be retrieved and decrypted by using AWS KMS when needed. Option A is not optimal because it will require manual tracking of the data encryption keys used for each data object, which is error-prone and inefficient. Option C is not optimal because it will store the data encryption keys automatically in Amazon S3, which is unnecessary and insecure as Amazon S3 is not designed for storing encryption keys. Option D is not optimal because it will store the data encryption key in the user data for the EC2 instance, which is also unnecessary and insecure as user data is not encrypted by default.

The combination of steps that the developer should take to fix the errors is to deploy AWS X-Ray as a sidecar container to the microservices and instrument the ECS task to send the stdout and stderr output to Amazon CloudWatch Logs. This way, the developer can use AWS X-Ray to analyze and debug the performance of the microservices and identify any issues or bottlenecks. The developer can also use CloudWatch Logs to monitor and troubleshoot the logs from the ECS task and detect any errors or exceptions. The other options either involve using AWS X-Ray as a daemon set, which is not supported by Fargate, or using the PutTraceSegments API call, which is not necessary when using a sidecar container.

This solution will ensure that all orders and updates are stored to Amazon S3 with the least development effort because it uses DynamoDB Streams to capture changes in the DynamoDB table and trigger a Lambda function to write those changes to the S3 bucket. This way, the original Lambda function and API Gateway API endpoint do not need to be modified, and no additional services are required. Option A is not optimal because it will require more development effort to create a new Lambda function and a new API Gateway API endpoint, and to modify the original Lambda function to post updates to the new API endpoint. Option B is not optimal because it will introduce additional costs and complexity to use Amazon Kinesis Data Streams to create a new data stream, and to modify the Lambda function to publish orders to the data stream. Option D is not optimal because it will require more development effort to modify the Lambda function to publish to a new Amazon SNS topic, and to create and subscribe a new Lambda function to the topic.

Step-by-Step Breakdown:

Requirement Summary:

AWS AppSync API needs toinvoke Lambda functions

Some Lambda functions arelong-running

AppSync shouldreturn immediately, minimizingoperational overhead

**Option A: AppSync + Lambda as data source usingEvent Mode

✅Correct: AWS AppSync supportsasynchronous (event) invocationof Lambda data sources usingEvent Mode.

Event Mode means:

AppSync invokes Lambdaasynchronously

Immediately returns aresponseto the client (typically a predefined payload or null)

Ideal forfire-and-forgetworkloads or when the response is not immediately needed

Option B: Increase Lambda timeout

❌Incorrect: This keeps AppSync waiting.

Even with increased timeout, synchronous invocations wouldblock AppSync responses.

Option C: SQS queue + polling Lambda

❌Possible but too complex for this use case.

Requires additional infrastructure: queue + mapping + custom logic.

Higheroperational overheadcompared to built-in AppSync Event Mode.

Option D: Enable caching in AppSync

❌Irrelevant: AppSync cache is for optimizing repeated read queries,not for async workflows.

Asynchronous Lambda with AppSync:https://docs.aws.amazon.com/appsync/latest/devguide/resolver-mapping-template-reference-lambda.html#async-lambda-invocation

Lambda as AppSync Data Source:https://docs.aws.amazon.com/appsync/latest/devguide/tutorial-lambda-resolvers.html

Event Mode Docs:https://docs.aws.amazon.com/appsync/latest/devguide/lambda-resolvers.html#event-invocation-mode