A company runs an application on AWS The application uses an AWS Lambda function that is configured with an Amazon Simple Queue Service (Amazon SQS) queue called high priority queue as the event source A developer is updating the Lambda function with another SQS queue called low priority queue as the event source The Lambda function must always read up to 10 simultaneous messages from the high priority queue before processing messages from low priority queue. The Lambda function must be limited to 100 simultaneous invocations.
Which solution will meet these requirements'?

1. A. Set the event source mapping batch size to 10 for the high priority queue and to 90 for the low priority queue
2. B. Set the delivery delay to 0 seconds for the high priority queue and to 10 seconds for the low priority queue
3. C. Set the event source mapping maximum concurrency to 10 for the high priority queue and to 90 for the low priority queue
4. D. Set the event source mapping batch window to 10 for the high priority queue and to 90 for the low priority queue

Correct Answer: C
Setting the event source mapping maximum concurrency is the best way to control how many messages from each queue are processed by the Lambda function at a time. The maximum concurrency setting limits the number of batches that can beprocessed concurrently from the same event source. By setting it to 10 for the high priority queue and to 90 for the low priority queue, the developer can ensure that the Lambda function always reads up to 10 simultaneous messages from the high priority queue before processing messages from the low priority queue, and that the total number of concurrent invocations does not exceed 100. The other solutions are either not effective or not relevant. The batch size setting controls how many messages are sent to the Lambda function in a single invocation, not how many invocations are allowed at a time. The delivery delay setting controls how long a message is invisible in the queue after it is sent, not how often it is processed by the Lambda function. The batch window setting controls how long the event source mapping can buffer messages before sending a batch, not how many batches are processed concurrently. References
✑ Using AWS Lambda with Amazon SQS
✑ AWS Lambda Event Source Mapping - Examples and best practices | Shisho Dojo
✑ Lambda event source mappings - AWS Lambda
✑ aws_lambda_event_source_mapping - Terraform Registry

A developer is creating a mobile application that will not require users to log in. What is the MOST efficient method to grant users access to AWS resources'?

1. A. Use an identity provider to securely authenticate with the application.
2. B. Create an AWS Lambda function to create an 1AM user when a user accesses the application.
3. C. Create credentials using AWS KMS and apply these credentials to users when using the application.
4. D. Use Amazon Cognito to associate unauthenticated users with an IAM role that has limited access to resources.

Correct Answer: D
This solution is the most efficient method to grant users access to AWS resources without requiring them to log in. Amazon Cognito is a service that provides user sign-up, sign-in, and access control for web and mobile applications. Amazon Cognito identity pools support both authenticated and unauthenticated users. Unauthenticated users receive access to your AWS resources even if they aren’t logged in with any of your identity providers (IdPs). You can use Amazon Cognito to associate unauthenticated users with an IAM role that has limited access to resources, such as Amazon S3 buckets or DynamoDB tables. This degree of access is useful to display content to users before they log in or to allow them to perform certain actions without signing up. Using an identity provider to securely authenticate with the application will require users to log in, which does not meet the requirement. Creating an AWS Lambda function to create an IAM user when a user accesses the application will incur unnecessary costs and complexity, and may pose security risks if not implemented properly. Creating credentials using AWS KMS and applying them to users when using the application will also incur unnecessary costs and complexity, and may not provide fine-grained access control for resources.
Reference: Switching unauthenticated users to authenticated users (identity pools), Allow
user access to your API without authentication (Anonymous user access)

A developer is creating an application that will store personal health information (PHI). The PHI needs to be encrypted at all times. An encrypted Amazon RDS for MySQL DB instance is storing the data. The developer wants to increase the performance of the application by caching frequently accessed data while adding the ability to sort or rank the cached datasets.
Which solution will meet these requirements?

1. A. Create an Amazon ElastiCache for Redis instanc
2. B. Enable encryption of data in transit and at res
3. C. Store frequently accessed data in the cache.
4. D. Create an Amazon ElastiCache for Memcached instanc
5. E. Enable encryption of data in transit and at res
6. F. Store frequently accessed data in the cache.
7. G. Create an Amazon RDS for MySQL read replic
8. H. Connect to the read replica by using SS
9. I. Configure the read replica to store frequently accessed data.
10. J. Create an Amazon DynamoDB table and a DynamoDB Accelerator (DAX) cluster for the tabl
11. K. Store frequently accessed data in the DynamoDB table.

Correct Answer: A
Amazon ElastiCache is a service that offers fully managed in-memory data stores that are compatible with Redis or Memcached. The developer can create an ElastiCache for Redis instance and enable encryption of data in transit and at rest. This will ensure that the PHI is encrypted at all times. The developer can store frequently accessed data in the cache and use Redis features such as sorting and ranking to enhance the performance of the application.
References:
✑ [What Is Amazon ElastiCache? - Amazon ElastiCache]
✑ [Encryption in Transit - Amazon ElastiCache for Redis]
✑ [Encryption at Rest - Amazon ElastiCache for Redis]

A company has an application that runs across multiple AWS Regions. The application is experiencing performance issues at irregular intervals. A developer must use AWS X-Rayto implement distributed tracing for the application to troubleshoot the root cause of the performance issues.
What should the developer do to meet this requirement?

1. A. Use the X-Ray console to add annotations for AWS services and user-defined services
2. B. Use Region annotation that X-Ray adds automatically for AWS services Add Region annotation for user-defined services
3. C. Use the X-Ray daemon to add annotations for AWS services and user-defined services
4. D. Use Region annotation that X-Ray adds automatically for user-defined services Configure X-Ray to add Region annotation for AWS services

Correct Answer: B
AWS X-Ray automatically adds Region annotation for AWS services that are integrated with X-Ray. This annotation indicates the AWS Region where the service is running. The developer can use this annotation to filter and group traces by Region and identify any performance issues related to cross-Region calls. The developer can also add Region annotation for user-defined services by using the X-Ray SDK. This option enables the developer to implement distributed tracing for the application that runs across multiple AWS Regions. References
✑ AWS X-Ray Annotations
✑ AWS X-Ray Concepts

A developer is investigating an issue in part of a company's application. In the application messages are sent to an Amazon Simple Queue Service (Amazon SQS) queue The AWS Lambda function polls messages from the SQS queue and sends email messages by using Amazon Simple Email Service (Amazon SES) Users have been receiving duplicate email messages during periods of high traffic.
Which reasons could explain the duplicate email messages? (Select TWO.)

1. A. Standard SQS queues support at-least-once message delivery
2. B. Standard SQS queues support exactly-once processing, so the duplicate email messages are because of user error.
3. C. Amazon SES has the DomainKeys Identified Mail (DKIM) authentication incorrectly configured
4. D. The SQS queue's visibility timeout is lower than or the same as the Lambda function's timeout.
5. E. The Amazon SES bounce rate metric is too high.

Correct Answer: AD
Standard SQS queues support at-least-once message delivery, which means that a message can be delivered more than once to the same or different consumers. This can happen if the message is not deleted from the queue before the visibility timeout expires, or if there is a network issue or a system failure. The SQS queue’s visibility timeout is the period of time that a message is invisible to other consumers after it is received by one consumer. If the visibility timeout is lower than or the same as the Lambda function’s timeout, the Lambda function might not be able to process and delete the message before it becomes visible again, leading to duplicate processing and email messages. To avoid this, the visibility timeout should be set to at least 6 times the length of the Lambda function’s timeout. The other options are not related to the issue of duplicate email messages. References
✑ Using the Amazon SQS message deduplication ID
✑ Exactly-once processing - Amazon Simple Queue Service
✑ Amazon SQS duplicated messages in queue - Stack Overflow
✑ amazon web services - How long can duplicate SQS messages persist …
✑ Standard SQS - Duplicate message | AWS re:Post - Amazon Web Services, Inc.