AWS Certified Developer - Associate Exam (DVA-C02) - AWS Actual Exam Questions
Last updated on April 11, 2026
An 1AM role is attached to an Amazon EC2 instance that explicitly denies access to all Amazon S3 API actions. The EC2 instance credentials file specifies the 1AM access key and secret access key, which allow full administrative access. Given that multiple modes of 1AM access are present for this EC2 instance, which of the following is correct?
The EC2 instance will only be able to list the S3 buckets.
The EC2 instance will only be able to list the contents of one S3 bucket at a time.
The EC2 instance will be able to perform all actions on any S3 bucket.
The EC2 instance will not be able to perform any S3 action on any S3 bucket.
to join the discussion
No discussions yet. Be the first to ask!
Delete Comment
Are you sure? This action cannot be undone.
A developer must use multi-factor authentication (MFA) to access data in an Amazon S3 bucket that is in another AWS account. Which AWS Security Token Service (AWS STS) API operation should the developer use with the MFA information to meet this requirement?
AssumeRoleWithWebidentity
GetFederationToken
AssumeRoleWithSAML
AssumeRole
to join the discussion
No discussions yet. Be the first to ask!
Delete Comment
Are you sure? This action cannot be undone.
A developer needs to retrieve all data from an Amazon DynamoDB table that matches a particular partition key. Which solutions will meet this requirement in the MOST operationally efficient way? (Select TWO.)
Use the Scan API and a filter expression to match on the key.
Use the GetItem API with a request parameter for key that contains the partition key name and specific key value.
Use the ExecuteStatement API and a filter expression to match on the key.
Use the GetItem API and a PartiQL statement to match on the key.
Use the ExecuteStatement API and a PartiQL statement to match on the key.
to join the discussion
No discussions yet. Be the first to ask!
Delete Comment
Are you sure? This action cannot be undone.
A developer is building a highly secure healthcare application using serverless components. This application requires writing temporary data to /Imp storage on an AWS Lambda function. How should the developer encrypt this data?
Enable Amazon EBS volume encryption with an AWS KMS key in the Lambda function configuration so that all storage attached to the Lambda function is encrypted.
Set up the Lambda function with a role and key policy to access an AWS KMS key. Use the key to generate a data key used to encrypt all data prior to writing to Amp storage.
Use OpenSSL to generate a symmetric encryption key on Lambda startup. Use this key to encrypt the data prior to writing to /tmp.
Use an on-premises hardware security module (HSM) to generate keys, where the Lambda function requests a data key from the HSM and uses that to encrypt data on all requests to the function.
to join the discussion
No discussions yet. Be the first to ask!
Delete Comment
Are you sure? This action cannot be undone.
A development learn has an Amazon API Gateway REST API that is backed by an AWS Lambda function. Users have reported performance issues for the Lambda function. The development team identified the source of the issues as a cold start of the Lambda function. The development team needs to reduce the time needed for the Lambda function to initialize. Which solution will meet this requirement?
Change the Lambda concurrency lo reserved concurrency.
Increase the timeout of the Lambda function.
Increase the memory allocation of the Lambda function.
Configure provisioned concurrency for the Lambda function.
to join the discussion
No discussions yet. Be the first to ask!
Delete Comment
Are you sure? This action cannot be undone.
Finish Practice?
Are you sure you want to finish? This will end your practice session.