ExamTopics Logo
Mail Usteam@examtopics.com
Menu
Amazon Discussions
exam questions

Exam AWS Certified Solutions Architect - Associate SAA-C03 All Questions

View all questions & answers for the AWS Certified Solutions Architect - Associate SAA-C03 exam
Go to Exam

Exam AWS Certified Solutions Architect - Associate SAA-C03 topic 1 question 491 discussion

Exam question from Amazon's AWS Certified Solutions Architect - Associate SAA-C03
Question #: 491
Topic #: 1
[All AWS Certified Solutions Architect - Associate SAA-C03 Questions]

A solutions architect is designing an asynchronous application to process credit card data validation requests for a bank. The application must be secure and be able to process each request at least once.

Which solution will meet these requirements MOST cost-effectively?

  • A. Use AWS Lambda event source mapping. Set Amazon Simple Queue Service (Amazon SQS) standard queues as the event source. Use AWS Key Management Service (SSE-KMS) for encryption. Add the kms:Decrypt permission for the Lambda execution role.
  • B. Use AWS Lambda event source mapping. Use Amazon Simple Queue Service (Amazon SQS) FIFO queues as the event source. Use SQS managed encryption keys (SSE-SQS) for encryption. Add the encryption key invocation permission for the Lambda function.
  • C. Use the AWS Lambda event source mapping. Set Amazon Simple Queue Service (Amazon SQS) FIFO queues as the event source. Use AWS KMS keys (SSE-KMS). Add the kms:Decrypt permission for the Lambda execution role.
  • D. Use the AWS Lambda event source mapping. Set Amazon Simple Queue Service (Amazon SQS) standard queues as the event source. Use AWS KMS keys (SSE-KMS) for encryption. Add the encryption key invocation permission for the Lambda function.
Show Suggested Answer Hide Answer
Suggested Answer: A 🗳️
Community vote distribution
A (77%)
B (21%)
2%
by nosense at May 17, 2023, 12:03 p.m.
Disclaimers:
  • - ExamTopics website is not related to, affiliated with, endorsed or authorized by Amazon.
  • - Trademarks, certification & product names are used for reference only and belong to Amazon.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Submit Cancel
elmogy
Highly Voted 1 year, 11 months ago
Selected Answer: A
SQS FIFO is slightly more expensive than standard queue https://calculator.aws/#/addService/SQS I would still go with the standard because of the keyword "at least once" because FIFO process "exactly once". That leaves us with A and D, I believe that lambda function only needs to decrypt so I would choose A
upvoted 12 times
...
pentium75
Highly Voted 1 year, 3 months ago
Selected Answer: A
"Process each request at least once" = Standard queue, rules out B and C which use more expensive FIFO queue Permissions are added to Lambda execution roles, not Lambda functions, thus D is out.
upvoted 11 times
...
emakid
Most Recent 10 months ago
Selected Answer: A
Use AWS Lambda event source mapping. Set Amazon Simple Queue Service (Amazon SQS) standard queues as the event source. Use AWS Key Management Service (SSE-KMS) for encryption. Add the kms permission for the Lambda execution role.
upvoted 2 times
...
JackyCCK
1 year, 1 month ago
D is not FIFO either
upvoted 1 times
...
EdenWang
1 year, 5 months ago
Selected Answer: B
With the SSE-SQS encryption type, you do not need to create, manage, or pay for SQS-managed encryption keys.
upvoted 1 times
pentium75
1 year, 3 months ago
And what the hell is "encryption key invocation permission for the Lambda function"?
upvoted 5 times
...
...
wsdasdasdqwdaw
1 year, 5 months ago
Initially though it is B, but it is said that the messages should be processed at lest once, not the same order, and Standard SQS is "almost" FIFO, which changed my opinion and I would go with A as correct.
upvoted 4 times
...
BrijMohan08
1 year, 7 months ago
Selected Answer: A
https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/standard-queues.html
upvoted 5 times
...
Guru4Cloud
1 year, 8 months ago
Selected Answer: B
Using SQS FIFO queues ensures each message is processed at least once in order. SSE-SQS provides encryption that is handled entirely by SQS without needing decrypt permissions. Standard SQS queues (Options A and D) do not guarantee order. Using KMS keys (Options C and D) requires providing the Lambda role with decrypt permissions, adding complexity. SQS FIFO queues with SSE-SQS encryption provide orderly, secure, server-side message processing that Lambda can consume without needing to manage decryption. This is the most efficient and cost-effective approach.
upvoted 8 times
Clouddon
1 year, 7 months ago
Amazon SQS offers standard as the default queue type. Standard queues support a nearly unlimited number of API calls per second, per API action (SendMessage, ReceiveMessage, or DeleteMessage). Standard queues support at-least-once message delivery. However, occasionally (because of the highly distributed architecture that allows nearly unlimited throughput), more than one copy of a message might be delivered out of order. Standard queues provide best-effort ordering which ensures that messages are generally delivered in the same order as they're sent.Whereas, FIFO (First-In-First-Out) queues have all the capabilities of the standard queues, but are designed to enhance messaging between applications when the order of operations and events is critical, or where duplicates can't be tolerated. ( is correct)
upvoted 5 times
...
pentium75
1 year, 3 months ago
But permissions are added to Lambda execution roles, not functions
upvoted 5 times
...
...
hsinchang
1 year, 9 months ago
Least Privilege Policy leads to A over D.
upvoted 2 times
...
TariqKipkemei
1 year, 9 months ago
Selected Answer: B
Considering this is credit card validation process, there needs to be a strict 'process exactly once' policy offered by the SQS FIFO, and also SQS already supports server-side encryption with customer-provided encryption keys using the AWS Key Management Service (SSE-KMS) or using SQS-owned encryption keys (SSE-SQS). Both encryption options greatly reduce the operational burden and complexity involved in protecting data. Additionally, with the SSE-SQS encryption type, you do not need to create, manage, or pay for SQS-managed encryption keys. Therefore option B stands out for me.
upvoted 1 times
TariqKipkemei
1 year, 5 months ago
I retract my answer and change it to A, there is a requirement to process each request 'at least once'. Only standard queues can deliver messages at least once. There is also a requirement for the most 'cost-effective' option. Standard queues are the cheaper option. https://aws.amazon.com/sqs/pricing/#:~:text=SQS%20requests%20priced%3F
upvoted 3 times
...
...
darren_song
1 year, 9 months ago
Selected Answer: A
https://docs.aws.amazon.com/zh_tw/AWSSimpleQueueService/latest/SQSDeveloperGuide/sqs-least-privilege-policy.html
upvoted 2 times
...
Abrar2022
1 year, 10 months ago
Selected Answer: A
at least once and cost effective suggests SQS standard
upvoted 2 times
...
Felix_br
1 year, 10 months ago
Selected Answer: B
Solution B is the most cost-effective solution to meet the requirements of the application. Amazon Simple Queue Service (SQS) FIFO queues are a good choice for this application because they guarantee that messages are processed in the order in which they are received. This is important for credit card data validation because it ensures that fraudulent transactions are not processed before legitimate transactions. SQS managed encryption keys (SSE-SQS) are a good choice for encrypting the messages in the SQS queue because they are free to use. AWS Key Management Service (KMS) keys (SSE-KMS) are also a good choice for encrypting the messages, but they do incur a cost.
upvoted 2 times
pentium75
1 year, 3 months ago
"They guarantee that messages are processed in the order in which they are received. This is important" but not asked for!
upvoted 3 times
...
...
omoakin
1 year, 10 months ago
AAAAAAAA
upvoted 1 times
...
Yadav_Sanjay
1 year, 11 months ago
Selected Answer: A
should be A. Key word - at least once and cost effective suggests SQS standard
upvoted 3 times
...
Efren
1 year, 11 months ago
It has to be default, no FIFO. It doesnt say just one, it says at least once, so that is default queue that is cheaper than FIFO. Between the default options, nto sure to be honest
upvoted 4 times
jayce5
1 year, 11 months ago
No, when it comes to "credit card data validation," it should be FIFO. If you use the standard approach, there is a chance that people who come after will get processed before those who come first.
upvoted 1 times
pentium75
1 year, 3 months ago
Question clearly says "process each request at least once" which is the description of a standard queue. Your opinion how these transactions should be processed does not matter if it contradicts the requirements given. Besides, it is about "credit card data validation", NOT payments. Nothing happens if they check twice is your credit card is valid.
upvoted 2 times
...
...
...
awwass
1 year, 11 months ago
Selected Answer: A
I guess A
upvoted 2 times
awwass
1 year, 11 months ago
This solution uses standard queues in Amazon SQS, which are less expensive than FIFO queues. It also uses AWS Key Management Service (SSE-KMS) for encryption, which is a cost-effective way to encrypt data at rest and in transit. The kms:Decrypt permission is added to the Lambda execution role to allow it to decrypt messages from the queue
upvoted 2 times
...
...
Load full discussion...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
350-701
Kuala Lumpur, 1 minute ago