A company runs a payment application on Amazon EC2 instances behind an Application Load Balance The EC2 instances run in an Auto Scaling group across multiple Availability Zones The application needs to retrieve application secrets during the application startup and export the secrets as environment variables These secrets must be encrypted at rest and need to be rotated every month.
Which solution will meet these requirements with the LEAST development effort?
AWS Secrets Manager:Built for managing secrets, providing encryption, automatic rotation, and access control.
Customer Master Key (CMK):Provides an extra layer of control over encryption through AWS KMS.
Automatic Rotation:Enhances security by regularly changing the secret.
User Data Script:Allows secrets retrieval at instance startup and sets them as environment variables for seamless use within the application.
AWS Secrets Manager Documentation:https://docs.aws.amazon.com/secretsmanager/
AWS KMS Documentation:https://docs.aws.amazon.com/kms/
User Data for EC2 Instances:https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/user-data.html
An Amazon Simple Queue Service (Amazon SQS) queue serves as an event source for an AWS Lambda function In the SQS queue, each item corresponds to a video file that the Lambda function must convert to a smaller resolution The Lambda function is timing out on longer video files, but the Lambda function's timeout is already configured to its maximum value
What should a developer do to avoid the timeouts without additional code changes'?
Visibility Timeout: When an SQS message is processed by a consumer (here, the Lambda function), it's temporarily hidden from other consumers. Visibility timeout controls this duration.
How It Helps:
Increase the visibility timeout beyond the maximum processing time your Lambda might typically take for long videos.
This prevents the message from reappearing in the queue while Lambda is still working, avoiding premature timeouts.
A developer is creating an Amazon DynamoDB table by using the AWS CLI The DynamoDB table must use server-side encryption with an AWS owned encryption key
How should the developer create the DynamoDB table to meet these requirements?
Default SSE in DynamoDB:DynamoDB tables are encrypted at rest by default using an AWS owned key (SSE-S3).
No Additional Action Needed:Creating a table without explicitly specifying a KMS key will use this default encryption.
A developer is creating an AWS Lambda function. The Lambda function needs an external library to connect to a third-party solution The external library is a collection of files with a total size of 100 MB The developer needs to make the external library available to the Lambda execution environment and reduce the Lambda package space
Which solution will meet these requirements with the LEAST operational overhead?
Lambda Layers:These are designed to package dependencies that you can share across functions.
How to Use:
Create a layer, upload your 100MB library as a zip.
Attach the layer to your function.
In your function code, import the library from the standard layer path.
Lambda Layers:https://docs.aws.amazon.com/lambda/latest/dg/configuration-layers.html
A company built an online event platform For each event the company organizes quizzes and generates leaderboards that are based on the quiz scores. The company stores the leaderboard data in Amazon DynamoDB and retains the data for 30 days after an event is complete The company then uses a scheduled job to delete the old leaderboard data
The DynamoDB table is configured with a fixed write capacity. During the months when many events occur, the DynamoDB write API requests are throttled when the scheduled delete job runs.
A developer must create a long-term solution that deletes the old leaderboard data and optimizes write throughput
Which solution meets these requirements?
DynamoDB TTL (Time-to-Live):A native feature that automatically deletes items after a specified expiration time.
Efficiency:Eliminates the need for scheduled deletion jobs, optimizing write throughput by avoiding potential throttling conflicts.
Seamless Integration:TTL works directly within DynamoDB, requiring minimal development overhead.
DynamoDB TTL Documentation:https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/TTL.html
Dyan
8 days agoEve
16 days agoSolange
22 days agoErick
1 months agoTeddy
1 months agoColeen
2 months agoIlona
3 months agoAn
4 months agoLavera
4 months agoEdwin
4 months agoKaitlyn
4 months agoCordelia
5 months agoTroy
5 months agoClorinda
5 months ago