AWS Certified Developer - Associate Questions and Answers (Dumps and Practice Questions)
Question : Which of the following is incoorect ARNs for different types of IAM resources
1. arn:aws:iam::123456789012:root
2. arn:aws:iam::123456789012:user/Bob
3. Access Mostly Uused Products by 50000+ Subscribers
4. arn:aws:iam:123:456789012:group/Developers
5. arn:aws:iam::123456789012:group/division_abc/subdivision_xyz/product_A/Developers
Correct Answer : Get Lastest Questions and Answer :
Exp: Most resources have a friendly name (for example, a user named Bob or a group named Developers). However, the access policy language requires you to specify the resource or resources using the following Amazon Resource Name (ARN) format.
arn:aws:service:region:account:resource
Where:
service identifies the AWS product. For IAM resources, this is always iam.
region is the region the resource resides in. For IAM resources, this is always left blank.
account is the AWS account ID with no hyphens (for example, 123456789012)
resource is the portion that identifies the specific resource
You can use ARNs in IAM for users (IAM and federated), groups, roles, instance profiles, virtual MFA devices, and server certificates. The following table shows the ARN format for each and an example. The region portion of the ARN is blank because IAM resources are global.
Question :
The following example shows a policy you could assign to Bob to allow him to manage his own access keys
{
"Version": "2012-10-17",
"Statement": [{
"Effect": "Allow",
"Action": ["iam:*AccessKey*"],
"Resource": "arn:aws:iam::ACCOUNT-ID-WITHOUT-HYPHENS:user/division_abc/subdivision_xyz/Bob"
}]
}
What is the resource in this example
1. iam
2. ACCOUNT-ID-WITHOUT-HYPHENS
3. Access Mostly Uused Products by 50000+ Subscribers
4. Resource is not correctly defined
5. Bob
Correct Answer : Get Lastest Questions and Answer :
The above example shows a policy you could assign to Bob to allow him to manage his own access keys. and that the resource is Bob himself.
Question : A corporate web application is deployed within an Amazon VPC, and is connected to the corporate data center via IPSec VPN. The application must authenticate against the
onpremise LDAP server. Once authenticated, logged-in users can only access an S3 keyspace specific to the user. Which two approaches can satisfy the objectives? Choose 2 answers
A. The application authenticates against LDAP. The application then calls the IAM Security Service to login to IAM using the LDAP credentials. The application can use the IAM
temporary credentials to access the appropriate S3 bucket.
B. The application authenticates against LDAP, and retrieves the name of an IAM role associated with the user. The application then calls the IAM Security Token Service to
assume that IAM Role. The application can use the temporary credentials to access the appropriate S3 bucket.
C. The application authenticates against IAM Security Token Service using the LDAP credentials. The application uses those temporary AWS security credentials to access the
appropriate S3 bucket.
D. Develop an identity broker which authenticates against LDAP, and then calls IAM Security Token Service to get IAM federated user credentials. The application calls the
identity broker to get IAM federated user credentials with access to the appropriate S3 bucket.
E. Develop an identity broker which authenticates against IAM Security Token Service to assume an IAM Role to get temporary AWS security credentials. The application calls the
identity broker to get AWS temporary security credentials with access to the appropriate S3 bucket.
1. A,B
2. B,C
3. Access Mostly Uused Products by 50000+ Subscribers
4. B,D
5. A,E
Correct Answer : Get Lastest Questions and Answer :
Related Questions
Question : You are using Amazon RDS for the data storage of your application. Underline database is Oracle.
Now oracle has recently released a new feature which is
very helpful for your application. Now how would you apply this patch to RDS
1. You have to raise a request with Amazon to apply the patch for the DBInstance you are using.
2. Once you started using DBInstance, its your responsibility to upgrade the underline database engine
3. Access Mostly Uused Products by 50000+ Subscribers
4. Once the DBInstance is assigned and in use, it can not be upgraded and patches can not be applied.
Question : Which of the following are the features of the Amazon RDS
1. Amazon RDS makes it easy to use replication
2. scale beyond the capacity constraints of a single database instance for read-heavy database workloads
3. Access Mostly Uused Products by 50000+ Subscribers
4. 1 and 3
5. 1,2 and 3
Question : A meteorological system monitors temperature gauges, obtaining temperature
samples every minute and saving each sample to a DynamoDB table. Each sample
involves writing 1K of data and the writes are evenly distributed over time.
How much write throughput is required for the target table?
1. 1 write capacity unit
2. 10 write capacity units
3. Access Mostly Uused Products by 50000+ Subscribers
4. 600 write capacity units
5. 3600 write capacity units
Ans : 2
Exp : Provisioned Throughput in Amazon DynamoDB : When you create or update a table, you specify how much provisioned throughput capacity you want to reserve for reads and writes. DynamoDB will reserve the necessary machine resources to meet your throughput needs while ensuring consistent, low-latency performance. A unit of read capacity represents one strongly consistent read per second (or two eventually consistent reads per second) for items as large as 4 KB. A unit of write capacity represents one write per second for items as large as 1 KB. Items larger than 4 KB will require more than one read operation. The total number of read operations necessary is the item size, rounded up to the next multiple of 4 KB, divided by 4 KB. For example, to calculate the number of read operations for an item of 10 KB, you would round up to the next multiple of 4 KB (12 KB) and then divide by 4 KB, for 3 read operations.
The following table explains how to calculate the provisioned throughput capacity that you need.
Capacity Units Required For How to Calculate Reads Number of item reads per second * 4 KB item size
(If you use eventually consistent reads, you'll get twice as many reads per second.) Writes Number of item writes per second * 1 KB item size
If your application's read or write requests exceed the provisioned throughput for a table, then those requests might be throttled. You can use the AWS Management Console to monitor your provisioned and actual throughput and to change your provisioned capacity in anticipation of traffic changes.
Read Capacity Units If your items are smaller than 4 KB in size, each read capacity unit will give you one strongly consistent read per second, or two eventually consistent reads per second. You cannot group multiple items in a single read operation, even if the items together are 4 KB or smaller. For example, if your items are 3 KB and you want to read 80 items per second from your table, then you need to provision 80 (reads per second) * 1 (3 KB / 4 KB = 0.75, rounded up to the next whole number) = 80 read capacity units for strong consistency. For eventual consistency, you need to provision only 40 read capacity units.
If your items are larger than 4 KB, you will need to round up the item size to the next 4 KB boundary. For example, if your items are 6 KB and you want to do 100 strongly consistent reads per second, you need to provision 100 (reads per second) * 2 (6 KB / 4 KB = 1.5, rounded up to the next whole number) = 200 read capacity units. You can use the Query and Scan operations in DynamoDB to retrieve multiple consecutive items from a table or an index in a single request. With these operations, DynamoDB uses the cumulative size of the processed items to calculate provisioned throughput. For example, if a Query operation retrieves 100 items that are 1 KB each, the read capacity calculation is not (100 * 4 KB) = 100 read capacity units, as if those items were retrieved individually using GetItem or BatchGetItem. Instead, the total would be only 25 read capacity units ((100 * 1024 bytes) = 100 KB, which is then divided by 4 KB). For more information see Item Size Calculations.
Write Capacity Units : If your items are smaller than 1 KB in size, then each write capacity unit will give you 1 write per second. You cannot group multiple items in a single write operation, even if the items together are 1 KB or smaller. For example, if your items are 512 bytes and you want to write 100 items per second to your table, then you would need to provision 100 write capacity units.
If your items are larger than 1 KB in size, you will need to round the item size up to the next 1 KB boundary. For example, if your items are 1.5 KB and you want to do 10 writes per second, then you would need to provision 10 (writes per second) * 2 (1.5 KB rounded up to the next whole number) = 20 write capacity units.
Question :
Which of the functionality and tasks Amazon RDS manage on your behalf
1. provisioning the infrastructure capacity you request to installing the database software
2. performing backups and patching the database software that powers your DB Instance
3. Access Mostly Uused Products by 50000+ Subscribers
4. 1 and 3
5. 1,2 and 3
Question :
You will not be charged for the IOPS and storage you provision, regardless of whether you use them in a given month.
1. True
2. False
Question : Select the correct statement which applies to SQS?
1. Messages will be delivered exactly once and messages will be delivered in First in, First out order
2. Messages will be delivered exactly once and message delivery order is indeterminate
3. Access Mostly Uused Products by 50000+ Subscribers
4. Messages will be delivered one or more times and message delivery order is indeterminate
Question : You have reached your account limit for the number of CloudFormation stacks in a region. How do you increase your limit?
1. Make an API call
2. Contact AWS
3. Access Mostly Uused Products by 50000+ Subscribers
4. You cannot increase your limit