DVA-C02 Troubleshooting and Optimization • Complete Question Bank
Complete DVA-C02 Troubleshooting and Optimization question bank — all 0 questions with answers and detailed explanations.
Drag steps to the numbered slots on the right, or tap a step then tap a slot.
Drag steps to the numbered slots on the right, or tap a step then tap a slot.
Drag a concept onto its matching description — or click a concept then click the description.
Frequent access, low latency
Automatic cost optimization
Long-term archival
Infrequent access, single AZ
Lowest cost retrieval
Drag a concept onto its matching description — or click a concept then click the description.
Switch between two environments
Gradual traffic shifting
Update instances incrementally
Immediate full deployment
Equal percentage increments
Refer to the exhibit.
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": "s3:GetObject",
"Resource": "arn:aws:s3:::my-bucket/*",
"Principal": "*"
},
{
"Effect": "Deny",
"Action": "s3:GetObject",
"Resource": "arn:aws:s3:::my-bucket/secret/*",
"Principal": "*"
}
]
}Refer to the exhibit.
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"ec2:Describe*",
"ec2:StartInstances",
"ec2:StopInstances"
],
"Resource": "*"
},
{
"Effect": "Deny",
"Action": "ec2:TerminateInstances",
"Resource": "arn:aws:ec2:us-east-1:123456789012:instance/*"
}
]
}Refer to the exhibit.
```json
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": "s3:GetObject",
"Resource": "arn:aws:s3:::my-bucket/*"
},
{
"Effect": "Deny",
"Action": "s3:*",
"Resource": "arn:aws:s3:::my-bucket/secret/*"
}
]
}
```Refer to the exhibit.
```json
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": "s3:GetObject",
"Resource": "arn:aws:s3:::my-bucket/*"
},
{
"Effect": "Allow",
"Action": "s3:ListBucket",
"Resource": "arn:aws:s3:::my-bucket"
}
]
}
```Refer to the exhibit.
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": "s3:GetObject",
"Resource": "arn:aws:s3:::my-bucket/*",
"Condition": {
"IpAddress": {
"aws:SourceIp": "10.0.0.0/24"
}
}
}
]
}Refer to the exhibit.
Resources:
MyBucket:
Type: AWS::S3::Bucket
Properties:
BucketName: !Sub "${AWS::StackName}-bucket"
VersioningConfiguration:
Status: Enabled
MyQueue:
Type: AWS::SQS::Queue
Properties:
QueueName: !Sub "${AWS::StackName}-queue"
SqsManagedSseEnabled: trueRefer to the exhibit.
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": "lambda:InvokeFunction",
"Resource": "arn:aws:lambda:us-east-1:123456789012:function:my-function"
}
]
}Refer to the exhibit. The following is a CloudFormation template snippet that creates an S3 bucket and a Lambda function. The Lambda function is triggered by S3 events. The stack creation succeeds, but no logs appear in CloudWatch Logs when objects are uploaded to the bucket.
```yaml
Resources:
Bucket:
Type: AWS::S3::Bucket
Properties:
BucketName: my-bucket-12345
LambdaFunction:
Type: AWS::Lambda::Function
Properties:
Handler: index.handler
Role: !GetAtt LambdaExecutionRole.Arn
Code:
ZipFile: |
def handler(event, context):
print(event)
Runtime: python3.8
PermissionForS3ToInvokeLambda:
Type: AWS::Lambda::Permission
Properties:
FunctionName: !Ref LambdaFunction
Action: lambda:InvokeFunction
Principal: s3.amazonaws.com
SourceArn: !GetAtt Bucket.Arn
```Refer to the exhibit.
IAM policy JSON:
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "S3Access",
"Effect": "Allow",
"Action": [
"s3:GetObject",
"s3:PutObject"
],
"Resource": "arn:aws:s3:::my-bucket/*"
},
{
"Sid": "KMSDecrypt",
"Effect": "Allow",
"Action": "kms:Decrypt",
"Resource": "arn:aws:kms:us-east-1:123456789012:key/abc123"
}
]
}Refer to the exhibit.
CloudFormation template snippet:
"MyBucket": {
"Type": "AWS::S3::Bucket",
"Properties": {
"BucketName": "my-app-data",
"VersioningConfiguration": {
"Status": "Enabled"
}
}
}A company has a production application running on Amazon ECS with Fargate. The application consists of a front-end service and a backend service that processes orders. The backend service consumes messages from an Amazon SQS queue and writes order records to an Amazon DynamoDB table. Recently, during a marketing campaign, traffic increased significantly, causing the backend service to fall behind processing messages. The SQS queue depth grew to over 100,000 messages, and some orders were not processed in time, leading to customer complaints. The operations team noticed that the ECS service's CPU utilization never exceeded 60%, and memory utilization was around 50%. The service is configured with a desired count of 2 tasks and a target tracking scaling policy based on average CPU utilization. The DynamoDB table has on-demand capacity mode. After analyzing the logs, the development team found that each message processing takes about 2 seconds, but the backend service has a bottleneck: it makes an HTTP call to a third-party API that sometimes takes up to 10 seconds to respond. The team wants to optimize the architecture to handle traffic spikes better without over-provisioning resources.
Which solution is MOST effective?
A developer is troubleshooting an AWS Lambda function that writes to an S3 bucket. The function is failing with an 'AccessDenied' error. The Lambda execution role has the following policy. What is the likely issue?
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": ["s3:PutObject", "s3:GetObject"
],
"Resource": "arn:aws:s3:::my-bucket/*"
}
]
}A developer is debugging an AWS Lambda function that is invoked by an Amazon S3 event notification. The function sometimes fails with a 'ResourceNotFoundException' when trying to access a DynamoDB table. The function's execution role has the following policy:
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": "dynamodb:*",
"Resource": "arn:aws:dynamodb:us-east-1:123456789012:table/MyTable"
}
]
}What are TWO possible causes for this intermittent failure?
Refer to the exhibit.
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"kms:Decrypt",
"kms:GenerateDataKey*"
],
"Resource": "arn:aws:kms:us-east-1:123456789012:key/abc123"
},
{
"Effect": "Allow",
"Action": [
"s3:PutObject",
"s3:GetObject"
],
"Resource": "arn:aws:s3:::my-bucket/*"
}
]
}Refer to the exhibit.
Resources:
MyQueue:
Type: AWS::SQS::Queue
Properties:
VisibilityTimeout: 30
RedrivePolicy:
deadLetterTargetArn: !GetAtt DeadLetterQueue.Arn
maxReceiveCount: 3
DeadLetterQueue:
Type: AWS::SQS::Queue
Properties:
MessageRetentionPeriod: 1209600
MyFunction:
Type: AWS::Serverless::Function
Properties:
Events:
SQSEvent:
Type: SQS
Properties:
Queue: !GetAtt MyQueue.Arn
BatchSize: 10
Policies:
- SQSPollerPolicy:
QueueName: !GetAtt MyQueue.QueueName
- SQSSendMessagePolicy:
QueueName: !GetAtt DeadLetterQueue.QueueName
Timeout: 30Refer to the exhibit.
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": "s3:GetObject",
"Resource": "arn:aws:s3:::example-bucket/*",
"Condition": {
"IpAddress": {
"aws:SourceIp": "10.0.0.0/16"
}
}
}
]
}Refer to the exhibit.
{
"AWSTemplateFormatVersion": "2010-09-09",
"Resources": {
"MyBucket": {
"Type": "AWS::S3::Bucket",
"Properties": {
"BucketName": "my-unique-bucket-name",
"VersioningConfiguration": {
"Status": "Enabled"
}
}
}
},
"Outputs": {
"BucketName": {
"Value": !Ref MyBucket,
"Description": "Name of the bucket"
}
}
}Refer to the exhibit.
```json
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": "s3:GetObject",
"Resource": "arn:aws:s3:::my-bucket/*"
}
]
}
```Refer to the exhibit.
```
{
"containerDefinitions": [
{
"name": "app",
"image": "nginx:latest",
"portMappings": [
{
"containerPort": 80,
"protocol": "tcp"
}
],
"memory": 256,
"cpu": 256
}
],
"memory": "512",
"cpu": "256"
}
```Refer to the exhibit.
```json
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"s3:GetObject",
"s3:PutObject",
"s3:DeleteObject"
],
"Resource": "arn:aws:s3:::my-bucket/*"
},
{
"Effect": "Allow",
"Action": [
"s3:ListBucket"
],
"Resource": "arn:aws:s3:::my-bucket"
}
]
}
```Refer to the exhibit.
```json
{
"AWSTemplateFormatVersion": "2010-09-09",
"Resources": {
"MyBucket": {
"Type": "AWS::S3::Bucket",
"Properties": {
"BucketName": "my-unique-bucket-name"
}
}
}
}
```A developer is trying to decrypt an S3 object using an AWS KMS key. The decryption fails with an 'AccessDenied' error. The IAM policy attached to the developer's user includes the statement in the exhibit. The KMS key policy includes the following statement:
{
"Sid": "Enable IAM User Permissions",
"Effect": "Allow",
"Principal": {
"AWS": "arn:aws:iam::123456789012:root"
},
"Action": "kms:*",
"Resource": "*"
}What is the most likely reason for the failure?
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": "kms:Decrypt",
"Resource": "arn:aws:kms:us-east-1:123456789012:key/abcd1234-a123-456a-a12b-a123b4cd56ef"
}
]
}A developer is deploying a serverless application using AWS SAM. The application includes an API Gateway REST API and several Lambda functions. The developer runs 'sam deploy' and the deployment succeeds. However, when the developer tests the API endpoint using curl, the request times out. The CloudWatch logs for the Lambda function show that the function is not being invoked. The API Gateway logs are not enabled. The developer checks the API Gateway console and sees that the integration type is 'AWS Service' instead of 'Lambda Function'. The developer used the following SAM template snippet:
Resources: MyApi: Type: AWS::Serverless::Api Properties: StageName: Prod DefinitionBody: swagger: 2.0 info: title: My API paths: /items: get: x-amazon-apigateway-integration: type: aws_proxy uri: !Sub arn:aws:apigateway:${AWS::Region}:lambda:path/2015-03-31/functions/${MyFunction.Arn}/invocations responses: {} MyFunction: Type: AWS::Serverless::Function Properties: CodeUri: ./src Handler: index.handler Runtime: nodejs14.x Events: ApiEvent: Type: Api Properties: RestApiId: !Ref MyApi Path: /items Method: GET
What is the most likely cause of the timeout?
Refer to the exhibit.
```
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": "s3:PutObject",
"Resource": "arn:aws:s3:::example-bucket/*",
"Condition": {
"StringEquals": {
"s3:x-amz-server-side-encryption": "AES256"
}
}
}
]
}
```