Cisco
CompTIA
ISC
EC-Council
EXIN
Fortinet
ITIL
Juniper
Microsoft
VMware
Avaya
SAP
Google
NVIDIA
Salesforce
Amazon
Palo Alto Networks
ISC2
Splunk
ServiceNow
All Vendors
  2. Home
  3. Exams
  4. Amazon
  5. DVA-C01

Amazon DVA-C01 Exam
AWS Certified Developer - Associate DVA-C02 (Page 8 )

Updated On: 26-Jan-2026
Page 8 of 113
PDF with 500 Questions

A company has an internal website that contains sensitive data. The company wants to make the website public. The company must ensure that only employees who authenticate through the company's OpenID Connect (OIDC) identity provider (IdP) can access the website. A developer needs to implement authentication without editing the website.
Which combination of steps will meet these requirements? (Choose two.)

  1. Create a public Network Load Balancer.
  2. Create a public Application Load Balancer.
  3. Configure a listener for the load balancer that listens on HTTPS port 443. Add a default authenticate action providing the OIDC IdP configuration.
  4. Configure a listener for the load balancer that listens on HTTP port 80. Add a default authenticate action providing the OIDC IdP configuration.
  5. Configure a listener for the load balancer that listens on HTTPS port 443. Add a default AWS Lambda action providing an Amazon Resource Name (ARN) to a Lambda authentication function.

Answer(s): B,C



A developer is creating an AWS Lambda function that is invoked by messages to an Amazon Simple Notification Service (Amazon SNS) topic. The messages represent customer data updates from a customer relationship management (CRM) system
The developer wants the Lambda function to process only the messages that pertain to email address changes. Additional subscribers to the SNS topic will process any other messages.
Which solution will meet these requirements in the LEAST development effort?

  1. Use Lambda event filtering to allow only messages that are related to email address changes to invoke the Lambda function.
  2. Use an SNS filter policy on the Lambda function subscription to allow only messages that are related to email address changes to invoke the Lambda function.
  3. Subscribe an Amazon Simple Queue Service (Amazon SQS) queue to the SNS topic. Configure the SQS queue with a filter policy to allow only messages that are related to email address changes.Connect the SQS queue to the Lambda function.
  4. Configure the Lambda code to check the received message. If the message is not related to an email address change, configure the Lambda function to publish the message back to the SNS topic for the other subscribers to process.

Answer(s): B



A developer wants the ability to roll back to a previous version of an AWS Lambda function in the event of errors caused by a new deployment.
How can the developer achieve this with MINIMAL impact on users?

  1. Change the application to use an alias that points to the current version. Deploy the new version of the code. Update the alias to use the newly deployed version. If too many errors are encountered, point the alias back to the previous version.
  2. Change the application to use an alias that points to the current version. Deploy the new version of the code. Update the alias to direct 10% of users to the newly deployed version. If too many errors are encountered, send 100% of traffic to the previous version.
  3. Do not make any changes to the application. Deploy the new version of the code. If too many errors are encountered, point the application back to the previous version using the version number in the Amazon Resource Name (ARN).
  4. Create three aliases: new, existing, and router. Point the existing alias to the current version. Have the router alias direct 100% of users to the existing alias. Update the application to use the router alias. Deploy the new version of the code. Point the new alias to this version. Update the router alias to direct 10% of users to the new alias. If too many errors are encountered, send 100% of traffic to the existing alias.

Answer(s): B



A company maintains a REST service using Amazon API Gateway and the API Gateway native API key validation. The company recently launched a new registration page, which allows users to sign up for the service. The registration page creates a new API key using CreateApiKey and sends the new key to the user. When the user attempts to call the API using this key, the user receives a 403 Forbidden error. Existing users are unaffected and can still call the API.
What code updates will grant these new users access to the API?

  1. The createDeployment method must be called so the API can be redeployed to include the newly created API key.
  2. The updateAuthorizer method must be called to update the API's authorizer to include the newly created API key.
  3. The importApiKeys method must be called to import all newly created API keys into the current stage of the API.
  4. The createUsagePlanKey method must be called to associate the newly created API key with the correct usage plan.

Answer(s): D



A company uses an AWS CloudFormation template to deploy and manage its AWS infrastructure. The CloudFormation template creates Amazon VPC security groups and Amazon EC2 security groups.
A manager finds out that some engineers modified the security groups of a few EC2 instances for testing purposes. A developer needs to determine what modifications occurred.
Which solution will meet this requirement?

  1. Add a Conditions section statement in the source YAML file of the template. Run the CloudFormation stack.
  2. Perform a drift detection operation on the CloudFormation stack.
  3. Execute a change set for the CloudFormation stack.
  4. Use Amazon Detective to detect the modifications.

Answer(s): B



Viewing page 8 of 113
Viewing questions 36 - 40 out of 500 questions



Post your Comments and Discuss Amazon DVA-C01 exam prep with other Community members:

Join the DVA-C01 Discussion