Pass the Amazon Web Services AWS Certified Associate DVA-C02 Questions and answers with CertsForce

Step-by-Step Breakdown:

Requirement Summary:

AWS AppSync API needs toinvoke Lambda functions

Some Lambda functions arelong-running

AppSync shouldreturn immediately, minimizingoperational overhead

**Option A: AppSync + Lambda as data source usingEvent Mode

✅Correct: AWS AppSync supportsasynchronous (event) invocationof Lambda data sources usingEvent Mode.

Event Mode means:

AppSync invokes Lambdaasynchronously

Immediately returns aresponseto the client (typically a predefined payload or null)

Ideal forfire-and-forgetworkloads or when the response is not immediately needed

Option B: Increase Lambda timeout

❌Incorrect: This keeps AppSync waiting.

Even with increased timeout, synchronous invocations wouldblock AppSync responses.

Option C: SQS queue + polling Lambda

❌Possible but too complex for this use case.

Requires additional infrastructure: queue + mapping + custom logic.

Higheroperational overheadcompared to built-in AppSync Event Mode.

Option D: Enable caching in AppSync

❌Irrelevant: AppSync cache is for optimizing repeated read queries,not for async workflows.

Asynchronous Lambda with AppSync:https://docs.aws.amazon.com/appsync/latest/devguide/resolver-mapping-template-reference-lambda.html#async-lambda-invocation

Lambda as AppSync Data Source:https://docs.aws.amazon.com/appsync/latest/devguide/tutorial-lambda-resolvers.html

Event Mode Docs:https://docs.aws.amazon.com/appsync/latest/devguide/lambda-resolvers.html#event-invocation-mode

This solution will meet the requirements by creating an advanced parameter in AWS Systems Manager Parameter Store, which is a secure and scalable service for storing and managing configuration data and secrets. The advanced parameter allows setting expiration and expiration notification policy types, which enable specifying an expiration date and time for the configuration and receiving notifications before the configuration expires. The Lambda code will be refactored to load the Root CA Cert from the parameter store and modify the runtime trust store outside the Lambda function handler, which will improve performance and reduce latency by avoiding repeated calls to Parameter Store and trust store modifications for each invocation of the Lambda function. Option A is not optimal because it will create a standard parameter in AWS Systems Manager Parameter Store, which does not support expiration and expiration notification policy types. Option B is not optimal because it will create a secret access key and access key ID with permission to access the S3 bucket, which will introduce additional security risks and complexity for storing and managing credentials. Option D is not optimal because it will create a Docker container from Node.js base image to invoke Lambda functions, which will incur additional costs and overhead for creating and running Docker containers.

Comprehensive and Detailed Step-by-Step Explanation:

Option A: Provisioned Capacity with Exponential Backoff:

Using provisioned capacity ensures sufficient throughput for the DynamoDB table.

Configuring the Lambda function to implement exponential backoff retries reduces the chance of exceeding capacity during peak usage.

This combination addresses the root cause (ProvisionedThroughputExceededException) and prevents errors without overprovisioning.

Why Other Options Are Incorrect:

Option B:Using SQS adds unnecessary latency and complexity. The issue lies in DynamoDB throughput, not request management.

Option C:A usage plan for the API does not address throughput issues in DynamoDB.

Option D:Invoking the Lambda function asynchronously does not resolve the DynamoDB capacity issue and might lead to delayed processing.

The X-Ray daemon is a software that collects trace data from the X-Ray SDK and relays it to the X-Ray service. The X-Ray daemon can run on any platform that supports Go, including Linux, Windows, and macOS. The developer can install and run the X-Ray daemon on the on-premises servers to capture and relay the data to the X-Ray service with minimal configuration. The X-Ray SDK is used to instrument the application code, not to capture and relay data. The Lambda function solutions are more complex and require additional configuration.

The immutable deployment method is the best option for this scenario, because it meets the requirements of maintaining full capacity, avoiding service interruption, and minimizing the cost of additional resources.

The immutable deployment method creates a new set of instances in a separate Auto Scaling group and deploys the new version of the application to them. Then, it swaps the new instances with the old ones and terminates the old instances. This way, the application maintains full capacity during the deployment and avoids any downtime. The cost of additional resources is also minimized, because the new instances are only created for a short time and then replaced by the old ones.

The other deployment methods do not meet all the requirements:

The all at once method deploys the new version to all instances simultaneously, which causes a short period of downtime and reduced capacity.

The rolling with additional batch method deploys the new version in batches, but for the first batch it creates new instances instead of using the existing ones. This increases the cost of additional resources and reduces the capacity of the original environment.

The blue/green method creates a new environment with a new set of instances and deploys the new version to them. Then, it swaps the URLs between the old and new environments. This method maintains full capacity and avoids service interruption, but it also increases the cost of additional resources significantly, because it duplicates the entire environment.

AWS Systems Manager Parameter Store is a service that provides secure, hierarchical storage for configuration data management and secrets management. The developer can update the application to retrieve the variables from Parameter Store by using the AWS SDK or the AWS CLI. The developer can use unique paths in Parameter Store for each variable in each environment, such as /dev/api-url, /test/api-url, and /prod/api-url. The developer can also store the credentials in AWS Secrets Manager, which is integrated with Parameter Store and provides additional features such as automatic rotation and encryption.

The correct policy condition ensures that:

The LeadingKeys condition restricts operations to the authenticated user's user_id.

The Attributes condition limits the updatable attributes to user_name.

Explanation of Choices:

Option A:Correctly enforces both the key restriction (dynamodb:LeadingKeys) and ensures only the user_name attribute can be updated.

Option B, C, D:Use incorrect conditions, such as referencing user_name in the LeadingKeys or including other attributes like user_id in updatable fields.