Practice Free DVA-C02 Exam Online Questions
An ecommerce company is using an AWS Lambda function behind Amazon API Gateway as its application tier. To process orders during checkout, the application calls a POST API from the frontend. The POST API invokes the Lambda function asynchronously. In rare situations, the application has not processed orders. The Lambda application logs show no errors or failures.
What should a developer do to solve this problem?
- A . Inspect the frontend logs for API failures. Call the POST API manually by using the requests from the log file.
- B . Create and inspect the Lambda dead-letter queue. Troubleshoot the failed functions. Reprocess the events.
- C . Inspect the Lambda logs in Amazon CloudWatch for possible errors. Fix the errors.
- D . Make sure that caching is disabled for the POST API in API Gateway.
B
Explanation:
The solution that will solve this problem is to create and inspect the Lambda dead-letter queue. Troubleshoot the failed functions. Reprocess the events. This way, the developer can identify and fix any issues that caused the Lambda function to fail when invoked asynchronously by API Gateway. The developer can also reprocess any orders that were not processed due to failures. The other options either do not address the root cause of the problem, or do not help recover from failures.
Reference: Asynchronous invocation
A company’s development team uses an SSH key pair to copy files among a large fleet of development servers. The SSH key pair has been compromised. A developer has generated a replacement key pair. The company has deployed the AWS Systems Manager Agent (SSM Agent) and the Amazon CloudWatch agent on all of the development servers.
The developer needs a solution to distribute the new key to all the Linux servers.
Which solution will meet these requirements in the MOST operationally efficient way?
- A . Create an Amazon S3 bucket. Store the public key in the root of the S3 bucket. Log in to each server. Copy the private key from the S3 bucket to the appropriate directory of each server.
- B . Create an Amazon S3 bucket. Store the public key in the root of the S3 bucket. Create a script to copy the private key from the S3 bucket to the appropriate directory of each server. Use Systems Manager Run Command to run the script on all Linux servers.
- C . Upload the new SSH key pair to AWS Secrets Manager as a new secret. Grant the team members permissions to download the secret into the appropriate directory of each server.
- D . Upload the new SSH key pair to AWS Systems Manager Parameter Store. Make each key a new parameter. Grant the team members permissions to download the parameters into the appropriate directory of each server.
B
Explanation:
The company already has SSM Agent deployed on all servers, which enables centralized, scalable fleet operations without logging in to each instance. The most operationally efficient solution is to automate key distribution using Systems Manager Run Command, executing a script across the entire fleet (or a targeted subset) in one action.
Option B uses S3 as a simple distribution source and Run Command to perform the update at scale. The developer can store the required key material in a controlled S3 location and write a script that places the key in the correct filesystem path (with correct permissions/ownership), updates authorized_keys if needed, and restarts any services if required. Run Command can target instances by tags, resource groups, or instance IDs and provides execution logging and status.
Option A is not operationally efficient because it requires logging into each server manually.
Option C and D push the distribution burden to humans (“grant team members permissions to download”), which is error-prone, slow, and not scalable. Also, distributing private keys broadly to individuals increases risk.