A developer needs to use the AWS CLI on an on-premises development server temporarily to access AWS services while performing maintenance. The developer needs to authenticate to AWS with their identity for several hours.
What is the MOST secure way to call AWS CLI commands with the developer's IAM identity?

A. Specify the developer's IAM access key ID and secret access key as parameters for each CLI command
B. Run the aws configure CLI command. Provide the developer's IAM access key ID and secret access key.
C. Specify the developer's IAM profile as a parameter for each CLI command.
D. Run the get-session-token CLI command with the developer's IAM user. Use the returned credentials to call the CLI

A company has an application that writes files to an Amazon S3 bucket. Whenever there is a new file, an S3 notification event invokes an AWS Lambda function to process the file. The Lambda function code works as expected. However, when a developer checks the Lambda function logs, the developer finds that multiple invocations occur for every file.
What is causing the duplicate entries?

A. The S3 bucket name is incorrectly specified in the application and is targeting another S3 bucket.
B. The Lambda function did not run correctly, and Lambda retried the invocation with a delay.
C. Amazon S3 is delivering the same event multiple times.
D. The application stopped intermittently and then resumed, splitting the logs into multiple smaller files.

A developer is designing a full-stack serverless application. Files for the website are stored in an Amazon S3 bucket. AWS Lambda functions that use Amazon API Gateway endpoints return results from an Amazon DynamoDB table.
The developer must create a solution that securely provides registration and authentication for the application while minimizing the amount of configuration.
Which solution meets these requirements?

A. Create an Amazon Cognito user pool and an app client. Configure the app client to use the user pool and provide the hosted web UI provided for sign-up and sign-in.
B. Configure an Amazon Cognito identity pool. Map the users with IAM roles that are configured to access the S3 bucket that stores the website.
C. Configure and launch an Amazon EC2 instance to set up an identity provider with an Amazon Cognito user pool. Configure the user pool to provide the hosted web UI for sign-up and sign-in.
D. Create an IAM policy that allows access to the website that is stored in the S3 bucket. Attach the policy to an IAM group. Add IAM users to the group.

A developer must use AWS X-Ray to monitor an application that is running on an Amazon EC2 instance. The developer has prepared the application by using the X-Ray SDK.
What should the developer do to perform the monitoring?

A. Configure the X-Ray SDK sampling rule and target. Activate the X-Ray daemon from the EC2 console or the AWS CLI with the modify-instance-attribute command to set the XRayEnabled flag.
B. Install the X-Ray daemon. Assign an IAM role to the EC2 instance with a policy that allows writes to X-Ray.
C. Install the X-Ray daemon. Configure it to forward data to Amazon EventBridge (Amazon CloudWatch Events). Grant the EC2 instance permission to write to Event Bridge (CloudWatch Events).
D. Deploy the X-Ray SDK with the application, and instrument the application code. Use the SDK logger to capture and send the events.

A serverless application is using AWS Step Functions to process data and save it to a database. The application needs to validate some data with an external service before saving the data. The application will call the external service from an AWS Lambda function, and the external service will take a few hours to validate the data. The external service will respond to a webhook when the validation is complete.
A developer needs to pause the Step Functions workflow and wait for the response from the external service.
What should the developer do to meet this requirement?

A. Use the .wait ForTaskToken option in the Lambda function task state. Pass the token in the body.
B. Use the .waitForTaskToken option in the Lambda function task state. Pass the invocation request.
C. Call the Lambda function in synchronous mode. Wait for the external service to complete the processing.
D. Call the Lambda function in asynchronous mode. Use the Wait state until the external service completes the processing.

A developer is deploying an application that will store files in an Amazon S3 bucket. The files must be encrypted at rest. The developer wants to automatically replicate the files to an S3 bucket in a different AWS Region for disaster recovery.
How can the developer accomplish this task with the LEAST amount of configuration?

A. Encrypt the files by using server-side encryption with S3 managed encryption keys (SSE-S3). Enable S3 bucket replication.
B. Encrypt the files by using server-side encryption (SSE) with an AWS Key Management Service (AWS KMS) customer master key (CMK). Enable S3 bucket replication.
C. Use the s3 sync command to sync the files to the S3 bucket in the other Region.
D. Configure an S3 Lifecycle configuration to automatically transfer files to the S3 bucket in the other Region.

A company has a multi-tier application that uses Amazon API Gateway, AWS Lambda, and Amazon RDS. The company wants to investigate a slow response time to calls that come from the API Gateway API.
What is the MOST operationally efficient way for the company to determine which internal call is causing the slow response times?

A. Use Amazon CloudWatch.
B. Use AWS X-Ray.
C. Use AWS CloudTrail.
D. Use VPC Flow Logs.

A developer is using Amazon S3 as the event source that invokes a Lambda function when new objects are created in the bucket. The event source mapping information is stored in the bucket notification configuration.
The developer is working with different versions of the Lambda function, and has a constant need to update notification configuration so that Amazon S3 invokes the correct version.
What is the MOST efficient and effective way to achieve mapping between the S3 event and Lambda?

A. Use a different Lambda trigger.
B. Use Lambda environment variables.
C. Use a Lambda alias.
D. Use Lambda tags.

For a deployment using AWS CodeDeploy, what is the run order of the hooks for in-place deployments?

A. Before Install -> Application Stop -> Application Start -> After Install
B. Application Stop -> Before Install -> After Install -> Application Start
C. Before Install -> Application Stop -> Validate Service -> Application Start
D. Application Stop -> Before Install -> Validate Service -> Application Start

A developer is debugging an AWS Lambda function behind an Amazon API Gateway. Whenever the API Gateway endpoint is called, HTTP status code 200 is returned even though AWS Lambda is recording a 4xx error.
What change needs to be made to return a proper error code through the API Gateway?

A. Enable CORS in the API Gateway method settings
B. Use a Lambda proxy integration to return HTTP codes and headers
C. Enable API Gateway error pass-through.
D. Return the value in the header x-Amzn-ErrorType.