A company has built an AWS Lambda function to convert large image files into output files that can be used in a third-party viewer application The company recently added a new module to the function to improve the output of the generated files However, the new module has increased the bundle size and has increased the time that is needed to deploy changes to the function code.
How can a developer increase the speed of the Lambda function deployment?

1. A. Use AWS CodeDeploy to deploy the function code
2. B. Use Lambda layers to package and load dependencies.
3. C. Increase the memory size of the function.
4. D. Use Amazon S3 to host the function dependencies

Correct Answer: B
Using Lambda layers is a way to reduce the size of the deployment package and speed up the deployment process. Lambda layers are reusable components that can contain libraries, custom runtimes, or other dependencies. By using layers, the developer can separate the core function logic from the dependencies, and avoid uploading them every time the function code changes. Layers can also be shared across multiple functions or accounts, which can improve consistency and maintainability. References
✑ Working with AWS Lambda layers
✑ AWS Lambda Layers Best Practices
✑ Best practices for working with AWS Lambda functions

A developer is configuring an applications deployment environment in AWS CodePipeine. The application code is stored in a GitHub repository. The developer wants to ensure that the repository package's unit tests run in the new deployment environment. The deployment has already set the pipeline's source provider to GitHub and has specified the repository and branch to use in the deployment.
When combination of steps should the developer take next to meet these requirements with the least the LEAST overhead' (Select TWO).

1. A. Create an AWS CodeCommt projec
2. B. Add the repository package's build and test commands to the protects buildspec
3. C. Create an AWS CodeBuid projec
4. D. Add the repository package's build and testcommands to the projects buildspec
5. E. Create an AWS CodeDeploy protec
6. F. Add the repository package's build and test commands to the project's buildspec
7. G. Add an action to the source stag
8. H. Specify the newly created project as the action provide
9. I. Specify the build attract as the actions input artifact.
10. J. Add a new stage to the pipeline alter the source stag
11. K. Add an action to the new stag
12. L. Speedy the newly created protect as the action provide
13. M. Specify the source artifact as the action's input artifact.

Correct Answer: BE
This solution will ensure that the repository package’s unit tests run in the new deployment environment with the least overhead because it uses AWS CodeBuild to build and test the code in a fully managed service, and AWS CodePipeline to orchestrate the deployment stages and actions. Option A is not optimal because it will use AWS CodeCommit instead of AWS CodeBuild, which is a source control service, not a build and test service. Option C is not optimal because it will use AWS CodeDeploy instead of AWS CodeBuild, which is a deployment service, not a build and test service. Option D is not optimal because it will add an action to the source stage instead of creating a new stage, which will not follow the best practice of separating different deployment phases. References: AWS CodeBuild, AWS CodePipeline

A developer is testing a new file storage application that uses an Amazon CloudFront distribution to serve content from an Amazon S3 bucket. The distribution accesses the S3 bucket by using an origin access identity (OAI). The S3 bucket's permissions explicitly deny access to all other users.
The application prompts users to authenticate on a login page and then uses signed cookies to allow users to access their personal storage directories. The developer has configured the distribution to use its default cache behavior with restricted viewer access and has set the origin to point to the S3 bucket. However, when the developer tries to navigate to the login page, the developer receives a 403 Forbidden error.
The developer needs to implement a solution to allow unauthenticated access to the login page. The solution also must keep all private content secure.
Which solution will meet these requirements?

1. A. Add a second cache behavior to the distribution with the same origin as the default cache behavio
2. B. Set the path pattern for the second cache behavior to the path of the login page, and make viewer access unrestricte
3. C. Keep the default cache behavior's settings unchanged.
4. D. Add a second cache behavior to the distribution with the same origin as the default cache behavio
5. E. Set the path pattern for the second cache behavior to *, and make viewer access restricte
6. F. Change the default cache behavior's path pattern to the path of the login page, and make viewer access unrestricted.
7. G. Add a second origin as a failover origin to the default cache behavio
8. H. Point the failover origin to the S3 bucke
9. I. Set the path pattern for the primary origin to *, and make viewer access restricte
10. J. Set the path pattern for the failover origin to the path of the login page, and make viewer access unrestricted.
11. K. Add a bucket policy to the S3 bucket to allow read acces
12. L. Set the resource on the policy to the Amazon Resource Name (ARN) of the login page object in the S3 bucke
13. M. Add a CloudFront function to the default cache behavior to redirect unauthorized requests to the login page's S3 URL.

Correct Answer: A
The solution that will meet the requirements is to add a second cache behavior to the distribution with the same origin as the default cache behavior. Set the path pattern for the second cache behavior to the path of the login page, and make viewer access unrestricted. Keep the default cache behavior’s settings unchanged. This way, the login page can be accessed without authentication, while all other content remains secure and requires signed cookies. The other options either do not allow unauthenticated access to the login page, or expose private content to unauthorized users.
Reference: Restricting Access to Amazon S3 Content by Using an Origin Access Identity

A developer is creating a template that uses AWS CloudFormation to deploy an application. The application is serverless and uses Amazon API Gateway, Amazon DynamoDB, and AWS Lambda.
Which AWS service or tool should the developer use to define serverless resources in YAML?

1. A. CloudFormation serverless intrinsic functions
2. B. AWS Elastic Beanstalk
3. C. AWS Serverless Application Model (AWS SAM)
4. D. AWS Cloud Development Kit (AWS CDK)

Correct Answer: C
AWS Serverless Application Model (AWS SAM) is an open-source framework that enables developers to build and deploy serverless applications on AWS. AWS SAM uses a template specification that extends AWS CloudFormation to simplify the
definition of serverless resources such as API Gateway, DynamoDB, and Lambda. The developer can use AWS SAM to define serverless resources in YAML and deploy them using the AWS SAM CLI.
References:
✑ [What Is the AWS Serverless Application Model (AWS SAM)? - AWS Serverless Application Model]
✑ [AWS SAM Template Specification - AWS Serverless Application Model]

A developer is building a new application on AWS. The application uses an AWS Lambda function that retrieves information from an Amazon DynamoDB table. The developer hard coded the DynamoDB table name into the Lambda function code. The table name might change over time. The developer does not want to modify the Lambda code if the table name changes.
Which solution will meet these requirements MOST efficiently?

1. A. Create a Lambda environment variable to store the table nam
2. B. Use the standard method for the programming language to retrieve the variable.
3. C. Store the table name in a fil
4. D. Store the file in the /tmp folde
5. E. Use the SDK for the programming language to retrieve the table name.
6. F. Create a file to store the table nam
7. G. Zip the file and upload the file to the Lambda laye
8. H. Use the SDK for the programming language to retrieve the table name.
9. I. Create a global variable that is outside the handler in the Lambda function to store the table name.

Correct Answer: A
The solution that will meet the requirements most efficiently is to create a Lambda environment variable to store the table name. Use the standard method for the programming language to retrieve the variable. This way, the developer can avoid hard- coding the table name in the Lambda function code and easily change the table name by updating the environment variable. The other options either involve storing the table name in a file, which is less efficient and secure than using an environment variable, or creating a global variable, which is not recommended as it can cause concurrency issues.
Reference: Using AWS Lambda environment variables