ExamTopics Logo
Mail Us[email protected]
Menu
Amazon Discussions
exam questions

Exam AWS Certified Developer - Associate DVA-C02 All Questions

View all questions & answers for the AWS Certified Developer - Associate DVA-C02 exam
Go to Exam

Exam AWS Certified Developer - Associate DVA-C02 topic 1 question 433 discussion

Exam question from Amazon's AWS Certified Developer - Associate DVA-C02
Question #: 433
Topic #: 1
[All AWS Certified Developer - Associate DVA-C02 Questions]

A developer uses Amazon S3 Event Notifications to invoke AWS Lambda functions. The Lambda functions process images after the images are uploaded to S3 buckets. The developer has set up a development S3 bucket, a production S3 bucket, a development Lambda function, and a production Lambda function in the same AWS account.

The developer notices that uploads to the development S3 bucket wrongly invoke the production Lambda function. The developer must prevent development data from affecting the production Lambda function.

What should the developer do to meet these requirements?

  • A. Update the execution role for the production Lambda function. Add a policy that allows the execution role to read from only the production S3 bucket.
  • B. Update the S3 bucket policy for the production S3 bucket to invoke the production Lambda function. Update the S3 bucket policy for the development S3 bucket to invoke the development Lambda function.
  • C. Separate the development environment and the production environment into their own AWS accounts. Update the execution role for each Lambda function. Add a policy that allows the execution role to read from only the S3 bucket that is in the same account.
  • D. Separate the development environment and the production environment into their own AWS accounts. Add a resource policy to the Lambda functions to allow only S3 bucket events in the same account to invoke the functions.
Show Suggested Answer Hide Answer
Suggested Answer: D 🗳️
by albert_kuo at Oct. 10, 2024, 7:43 a.m.
Disclaimers:
  • - ExamTopics website is not related to, affiliated with, endorsed or authorized by Amazon.
  • - Trademarks, certification & product names are used for reference only and belong to Amazon.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
examuserss
3 months, 3 weeks ago
Selected Answer: B
The best solution is B. The issue stems from incorrectly configured S3 bucket policies. Each bucket's policy should explicitly specify which Lambda function to invoke when an event occurs in that bucket. By updating the policies to correctly map each bucket to its corresponding Lambda function, you ensure that events from the development bucket only trigger the development function, preventing accidental invocation of the production function.
upvoted 1 times
...
devmo
5 months, 1 week ago
Selected Answer: D
D is the answer. @Moderator, please correct the answer from B to D.
upvoted 2 times
...
Saudis
5 months, 2 weeks ago
Selected Answer: D
DDDDDDDDDDDDDDDDD
upvoted 2 times
...
Saudis
5 months, 2 weeks ago
Selected Answer: D
D is the correct answer
upvoted 1 times
...
ogogundare
5 months, 3 weeks ago
D is the correct answer
upvoted 1 times
...
albert_kuo
6 months, 2 weeks ago
Selected Answer: D
Account Separation: By separating development and production environments into different AWS accounts, you create a strong boundary between the two. This is a best practice for security and resource management. Resource Policy: Adding a resource policy to the Lambda functions that allows only S3 bucket events from the same account to invoke them ensures that cross-account invocations cannot occur accidentally.
upvoted 3 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago