|You are a developer in a manufacturing company that has several servers on-site.
The company decides to move new development to the cloud using serverless technology.
You decide to use the AWS Serverless Application Model (AWS SAM) and work with an AWS SAM template file to represent your serverless architecture.
Which of the following is NOT a valid serverless resource type? AWS::Serverless::UserPool AWS::Serverless::Function AWS::Serverless::Api AWS::Serverless::SimpleTable.
A development team lead is responsible for managing access for her IAM principals.
At the start of the cycle, she has granted excess privileges to users to keep them motivated for trying new things.
She now wants to ensure that the team has only the minimum permissions required to finish their work.
Which of the following will help her identify unused IAM roles and remove them without disrupting any service? Access Advisor feature on IAM console AWS Trusted Advisor IAM Access Analyzer Amazon Inspector.
Which of the following security credentials can only be created by the AWS Account root user? CloudFront Key Pairs EC2 Instance Key Pairs IAM User Access Keys IAM User passwords.
Amazon Simple Queue Service (SQS) has a set of APIs for various actions supported by the service.
As a developer associate, which of the following would you identify as correct regarding the CreateQueue API? (Select two) You can't change the queue type after you create it The visibility timeout value for the queue is in seconds, which defaults to 30 seconds The dead-letter queue of a FIFO queue must also be a FIFO queue. Whereas, the dead-letter queue of a standard queue can be a standard queue or a FIFO queue The length of time, in seconds, for which the delivery of all messages in the queue is delayed is configured using MessageRetentionPeriod attribute Queue tags are case insensitive. A new tag with a key identical to that of an existing tag overwrites the existing tag.
The development team at a company creates serverless solutions using AWS Lambda.
Functions are invoked by clients via AWS API Gateway which anyone can access.
The team lead would like to control access using a 3rd party authorization mechanism.
As a Developer Associate, which of the following options would you recommend for the given use-case? Lambda Authorizer IAM permissions with sigv4 Cognito User Pools API Gateway User Pools.
You have chosen AWS Elastic Beanstalk to upload your application code and allow it to handle details such as provisioning resources and monitoring.
When creating configuration files for AWS Elastic Beanstalk which naming convention should you follow? .ebextensions/<mysettings>.config .ebextensions_<mysettings>.config .config/<mysettings>.ebextensions .config_<mysettings>.ebextensions.
Your global organization has an IT infrastructure that is deployed using CloudFormation on AWS Cloud.
One employee, in us-east-1 Region, has created a stack 'Application1' and made an exported output with the name 'ELBDNSName'.
Another employee has created a stack for a different application 'Application2' in us-east-2 Region and also exported an output with the name 'ELBDNSName'.
The first employee wanted to deploy the CloudFormation stack 'Application1' in us-east-2, but it got an error.
What is the cause of the error? Exported Output Values in CloudFormation must have unique names within a single Region Output Values in CloudFormation must have unique names across all Regions Output Values in CloudFormation must have unique names within a single Region Exported Output Values in CloudFormation must have unique names across all Regions.
As an AWS Certified Developer Associate, you have configured the AWS CLI on your workstation.
Your default region is us-east-1 and your IAM user has permissions to operate commands on services such as EC2, S3 and RDS in any region.
You would like to execute a command to stop an EC2 instance in the us-east-2 region.
What of the following is the MOST optimal solution to address this use-case? Use the --region parameter You need to override the default region by using aws configure You should create a new IAM user just for that other region Use boto3 dependency injection.
Your company has configured AWS Organizations to manage multiple AWS accounts.
Within each AWS account, there are many CloudFormation scripts running.
Your manager has requested that each script output the account number of the account the script was executed in.
Which Pseudo parameter will you use to get this information? AWS::AccountId AWS::NoValue AWS::Region AWS::StackName.
A development team has configured inbound traffic for the relevant ports in both the Security Group of the EC2 instance as well as the Network Access Control List (NACL) of the subnet for the EC2 instance.
The team is, however, unable to connect to the service running on the Amazon EC2 instance.
As a developer associate, which of the following will you recommend to fix this issue? Security Groups are stateful, so allowing inbound traffic to the necessary ports enables the connection. Network ACLs are stateless, so you must allow both inbound and outbound traffic Network ACLs are stateful, so allowing inbound traffic to the necessary ports enables the connection. Security Groups are stateless, so you must allow both inbound and outbound traffic IAM Role defined in the Security Group is different from the IAM Role that is given access in the Network ACLs Rules associated with Network ACLs should never be modified from the command line. An attempt to modify rules from the command line blocks the rule and results in an erratic behavior.
When running a Rolling deployment in Elastic Beanstalk environment, only two batches completed the deployment successfully, while rest of the batches failed to deploy the updated version.
Following this, the development team terminated the instances from the failed deployment.
What will be the status of these failed instances post termination? Elastic Beanstalk will replace them with instances running the application version from the most recent successful deployment Elastic Beanstalk will not replace the failed instances Elastic Beanstalk will replace the failed instances with instances running the application version from the oldest successful deployment Elastic Beanstalk will replace the failed instances after the application version to be installed is manually chosen from AWS Console.
To enable HTTPS connections for his web application deployed on the AWS Cloud, a developer is in the process of creating server certificate.
Which AWS entities can be used to deploy SSL/TLS server certificates? (Select two) AWS Certificate Manager IAM AWS Secrets Manager AWS Systems Manager AWS CloudFormation.
An organization has hosted its EC2 instances in two AZs.
AZ1 has two instances and AZ2 has 8 instances.
The Elastic Load Balancer managing the instances in the two AZs has cross-zone load balancing enabled in its configuration.
What percentage traffic will each of the instances in AZ1 receive? 10 20 15 25.
You have created a Java application that uses RDS for its main data storage and ElastiCache for user session storage.
The application needs to be deployed using Elastic Beanstalk and every new deployment should allow the application servers to reuse the RDS database.
On the other hand, user session data stored in ElastiCache can be re-created for every deployment.
Which of the following configurations will allow you to achieve this? (Select two) ElastiCache defined in .ebextensions/ RDS database defined externally and referenced through environment variables ElastiCache bundled with the application source code RDS database defined in .ebextensions/ ElastiCache database defined externally and referenced through environment variables.
An E-commerce business, has its applications built on a fleet of Amazon EC2 instances, spread across various Regions and AZs.
The technical team has suggested using Elastic Load Balancers for better architectural design.
What characteristics of an Elastic Load Balancer make it a winning choice? (Select two) Separate public traffic from private traffic Build a highly available system The Load Balancer communicates with the underlying EC2 instances using their public IPs Improve vertical scalability of the system Deploy EC2 instances across multiple AWS Regions.