DVA-C01

A developer is creating a serverless orchestrator that performs a series of steps to processes incoming IoT data.The orchestrator transforms the data, performs a series of calculations, and stores the results in Amazon DynamoDB.The entire process is completed in less than a minute.The orchestrator must process tens of thousands of transactions each second.The orchestrator must not miss a transaction and must process each transaction at least once.Which solution will meet these requirements MOST cost-effectively?Read More →

A developer is testing a new file storage application that uses an Amazon CloudFront distribution to serve content from an Amazon S3 bucket.The distribution accesses the S3 bucket by using an origin access identity (OAI).The S3 bucket’s permissions explicitly deny access to all other users.The application prompts users to authenticate on a login page and then uses signed cookies to allow users to access their personal storage directories.The developer has configured the distribution to use its default cache behavior with restricted viewer access and has set the origin to point to the S3 bucket.However, when the developer tries to navigate to the login page, the developer receives a 403 Forbidden error.The developer needs to implement a solution to allow unauthenticated access to the login page.The solution also must keep all private content secure.Which solution will meet these requirements?Read More →

A company is running its application on the most recent generation of hare metal Amazon EC2 instances.A developer is adding a low-latency computation feature to the application.The feature depends on highly sensitive personally identifiable information (PII).When computation occurs on unencrypted data, the feature needs to run in an isolated environment that provides CPU and memory isolation.Which solution will meet these requirements?Read More →

A developer is creating an AWS Lambda function in VPC mode.An Amazon S3 event will invoke the Lambda function when an object is uploaded into an S3 bucket.The Lambda function will process the object and produce some analytic results that will be recorded into a file.Each processed object will also generate a log entry that will be recorded into a file.Other Lambda functions, AWS services, and on-premises resources must have access to the result files and log file.Each log entry must also be appended to the same shared log file.The developer needs a solution that can share files and append results into an existing file.Which solution should the developer use to meet these requirements?Read More →

A development team is working on a mobile app that allows users to upload pictures to Amazon S3.The team expects the app will be used by hundreds of thousands of users during a single event simultaneously.Once the pictures are uploaded, the backend service will scan and parse the pictures for inappropriate content.Which approach is the MOST resilient way to achieve this goal, which also smooths out temporary volume spikes for the backend service?Read More →

A company is automating a process and is moving the process from on premises to AWS.The company is using an AWS CodePipeline pipeline.Before publishing the code, the company wants to create and implement test suites when the pipeline is running.The pipeline should publish the code only after the pipeline passes all the checks.Which solution will implement this functionality with the LEAST operational overhead?Read More →

A developer is deploying Amazon Cognito as part of a new application.The Amazon Cognito user pool domain’s hosted UI must match the application’s deployed domain.DNS records must be updated appropriately.What should the developer do to meet these requirements?Read More →

A company that manages movie reviews wants to make its movie review data available to its customers by calling a set of REST web service endpoints.The company will develop the retrieval functionality as AWS Lambda functions and will expose the functionality to customers as an Amazon API Gateway REST API.The company needs to ensure that no consumer exceeds 100 requests a day to the API during the initial deployment.The company decides to use API Gateway API keys to restrict access.The company creates and issues API keys for each customer.What should the company do next to meet these requirements with the LEAST administrative effort?Read More →

A web application is using Amazon Kinesis Streams for clickstream data that may not be consumed for up to 12 hours.How can the developer implement encryption at rest for data within the Kinesis Streams?Read More →

A developer has an application that pushes files from an on-premises local server to an Amazon S3 bucket.The application uses an AWS access key and a secret key that are stored on the server for authentication.The application calls AWS Security Token Service (AWS STS) to assume a role with access to perform the S3 PUT operation to upload the file.The developer is migrating the server to an Amazon EC2 instance.The EC2 instance is configured with an IAM instance profile in the same AWS account that owns the S3 bucket.What is the MOST secure solution for the developer to use to migrate the automation code?Read More →