Free AWS-Certified-Developer-Associate Exam Braindumps

A developer maintains a critical business application that uses Amazon DynamoDB as the primary data store The DynamoDB table contains millions of documents and receives 30- 60 requests each minute The developer needs to perform processing in near-real time on the documents when they are added or updated in the DynamoDB table
How can the developer implement this feature with the LEAST amount of change to the existing application code?

1. A. Set up a cron job on an Amazon EC2 instance Run a script every hour to query the table for changes and process the documents
2. B. Enable a DynamoDB stream on the table Invoke an AWS Lambda function to process the documents.
3. C. Update the application to send a PutEvents request to Amazon EventBridg
4. D. Create an EventBridge rule to invoke an AWS Lambda function to process the documents.
5. E. Update the application to synchronously process the documents directly after the DynamoDB write

Correct Answer: B
https://aws.amazon.com/blogs/database/dynamodb-streams-use-cases-and- design-patterns/

A developer wants to expand an application to run in multiple AWS Regions. The developer wants to copy Amazon Machine Images (AMIs) with the latest changes and create a new application stack in the destination Region. According to company requirements, all AMIs must be encrypted in all Regions. However, not all the AMIs that the company uses are encrypted.
How can the developer expand the application to run in the destination Region while meeting the encryption requirement?
Solution:
Amazon Machine Images (AMIs) are encrypted snapshots of EC2 instances that can be used to launch new instances. The developer can create new AMIs from the existing instances and specify encryption parameters. The developer can copy the encrypted AMIs to the destination Region and use them to create a new application stack. The developer can delete the unencrypted AMIs after the encryption process is complete. This solution will meet the encryption requirement and allow the developer to expand the application to run in the destination Region.
References:
✑ [Amazon Machine Images (AMI) - Amazon Elastic Compute Cloud]
✑ [Encrypting an Amazon EBS Snapshot - Amazon Elastic Compute Cloud]
✑ [Copying an AMI - Amazon Elastic Compute Cloud]

Does this meet the goal?

1. A. Yes
2. B. No

Correct Answer: A

A developer is creating a template that uses AWS CloudFormation to deploy an application. The application is serverless and uses Amazon API Gateway, Amazon DynamoDB, and AWS Lambda.
Which AWS service or tool should the developer use to define serverless resources in YAML?

1. A. CloudFormation serverless intrinsic functions
2. B. AWS Elastic Beanstalk
3. C. AWS Serverless Application Model (AWS SAM)
4. D. AWS Cloud Development Kit (AWS CDK)

Correct Answer: C
AWS Serverless Application Model (AWS SAM) is an open-source framework that enables developers to build and deploy serverless applications on AWS. AWS SAM uses a template specification that extends AWS CloudFormation to simplify the
definition of serverless resources such as API Gateway, DynamoDB, and Lambda. The developer can use AWS SAM to define serverless resources in YAML and deploy them using the AWS SAM CLI.
References:
✑ [What Is the AWS Serverless Application Model (AWS SAM)? - AWS Serverless Application Model]
✑ [AWS SAM Template Specification - AWS Serverless Application Model]

An online food company provides an Amazon API Gateway HTTP API 1o receive orders for partners. The API is integrated with an AWS Lambda function. The Lambda function stores the orders in an Amazon DynamoDB table.
The company expects to onboard additional partners Some to me panthers require additional Lambda function to receive orders. The company has created an Amazon S3 bucket. The company needs 10 store all orders and updates m the S3 bucket for future analysis
How can the developer ensure that an orders and updates are stored to Amazon S3 with the LEAST development effort?

1. A. Create a new Lambda function and a new API Gateway API endpoin
2. B. Configure the new Lambda function to write to the S3 bucke
3. C. Modify the original Lambda function to post updates to the new API endpoint.
4. D. Use Amazon Kinesis Data Streams to create a new data strea
5. E. Modify the Lambda function to publish orders to the oats stream Configure in data stream to write to the S3 bucket.
6. F. Enable DynamoDB Streams on me DynamoOB tabl
7. G. Create a new lambda functio
8. H. Associate the stream's Amazon Resource Name (ARN) with the Lambda FunctionConfigure the Lambda function to write to the S3 bucket as records appear in the table’s stream.
9. I. Modify the Lambda function to punish to a new Amazo
10. J. Simple Lambda function receives order
11. K. Subscribe a new Lambda function to the topi
12. L. Configure the new Lambda function to write to the S3 bucket as updates come through the topic.

Correct Answer: C
This solution will ensure that all orders and updates are stored to Amazon S3 with the least development effort because it uses DynamoDB Streams to capture changes in the DynamoDB table and trigger a Lambda function to write those changes to the S3 bucket. This way, the original Lambda function and API Gateway API endpoint do not need to be modified, and no additional services are required. Option A is not optimal because it will require more development effort to create a new Lambda function and a new API Gateway API endpoint, and to modify the original Lambda function to post updates to the new API endpoint. Option B is not optimal because it will introduce additional costs and complexity to use Amazon Kinesis Data Streams to create a new data stream, and to modify the Lambda function to publish orders to the data stream. Option D is not optimal because it will require more development effort to modify the Lambda function to publish to a new Amazon SNS topic, and to create and subscribe a new Lambda function to the topic. References: Using DynamoDB Streams, Using AWS Lambda with Amazon S3

A company has an Amazon S3 bucket that contains sensitive data. The data must be encrypted in transit and at rest. The company encrypts the data in the S3 bucket by using an AWS Key Management Service (AWS KMS) key. A developer needs to grant several other AWS accounts the permission to use the S3 GetObject operation to retrieve the data from the S3 bucket.
How can the developer enforce that all requests to retrieve the data provide encryption in transit?

1. A. Define a resource-based policy on the S3 bucket to deny access when a request meets the condition “aws:SecureTransport”: “false”.
2. B. Define a resource-based policy on the S3 bucket to allow access when a request meets the condition “aws:SecureTransport”: “false”.
3. C. Define a role-based policy on the other accounts' roles to deny access when a request meets the condition of “aws:SecureTransport”: “false”.
4. D. Define a resource-based policy on the KMS key to deny access when a request meets the condition of “aws:SecureTransport”: “false”.

Correct Answer: A
Amazon S3 supports resource-based policies, which are JSON documents that specify the permissions for accessing S3 resources. A resource-based policy can be used to enforce encryption in transit by denying access to requests that do not use HTTPS. The condition key aws:SecureTransport can be used to check if the request was sent using SSL. If the value of this key is false, the request is denied; otherwise, the request is allowed. Reference: How do I use an S3 bucket policy to require requests to use Secure Socket Layer (SSL)?