FREE PRACTICE QUESTIONS
AWS Certified Developer Associate
Are you ready to sit your AWS Developer Associate exam? Test your knowledge with these free practice questions. To give you a taste of our popular AWS Certified Developer practice exams, we have compiled these free AWS quiz questions. No sign-up required. Simply click on the AWS sample questions below to reveal the right answers along with explanations and reference links. If you’re looking for more free AWS practice questions, sign-up for our free AWS practice test for the AWS Certified Developer Associate.
Click on the AWS Developer sample questions below to reveal the correct answers and explanations with reference links.
A. Create the application within an Amazon VPC and use a VPC endpoint with a trust policy to grant access to the employees.
B. Use Amazon Cognito user pools, federate with the SAML provider, and use user pool groups with
C. Create a unique IAM role for each employee and have each employee assume the role to access the application so they can access their personal data only.
D. Use an Amazon Cognito identity pool, federate with the SAML provider, and use a trust policy with an IAM condition key to limit employee access.
The correct answer is D. “Use an Amazon Cognito identity pool, federate with the SAML provider, and use a trust policy with an IAM condition key to limit employee access”.
Amazon Cognito leverages IAM roles to generate temporary credentials for your application’s users. Access to permissions is controlled by a role’s trust relationships.
In this example the Developer must limit access to specific identities in the SAML directory. The Developer can create a trust policy with an IAM condition key that limits access to a specific set of app users by checking the value of cognito-identity.amazonaws.com:sub:
A. “Create the application within an Amazon VPC and use a VPC endpoint with a trust policy to grant access to the employees” is incorrect. You cannot provide access to an on-premises SAML directory using a VPC endpoint.
B. “Use Amazon Cognito user pools, federate with the SAML provider, and use user pool groups with an IAM policy” is incorrect. A user pool can be used to authenticate but the identity pool is used to provide authorized access to AWS services.
C: “Create a unique IAM role for each employee and have each employee assume the role to access the application so they can access their personal data only” is incorrect. This is not an integration into the SAML directory and would be very difficult to manage.
A. An IAM role must be added to the instance that has permissions to write to the S3 bucket
B. A bucket policy needs to be added specifying the principles that are allowed to write data to the bucket
C. A VPN should be established to enable private connectivity to S3
D. A VPC endpoint should be provisioned for S3
The correct answer is D. “A VPC endpoint should be provisioned for S3”.
Please note that the question specifically asks how to enable connectivity so this is not about permissions. When using a private subnet with no Internet connectivity there are only two options available for connecting to Amazon S3 (which remember, is a service with a public endpoint, it’s not in your VPC).
The first option is to enable Internet connectivity through either a NAT Gateway or a NAT Instance. However, there is no answer offering either of these as a solution. The other option is to enable a VPC endpoint for S3.
The specific type of VPC endpoint to S3 is a Gateway Endpoint. EC2 instances running in private subnets of a VPC can use the endpoint to enable controlled access to S3 buckets, objects, and API functions that are in the same region as the VPC. You can then use an S3 bucket policy to indicate which VPCs and which VPC Endpoints have access to your S3 buckets.
In the following diagram, instances in subnet 2 can access Amazon S3 through the gateway endpoint.
Therefore, the only answer that presents a solution to this challenge is to provision an VPC endpoint for S3.
A. “An IAM role must be added to the instance that has permissions to write to the S3 bucket” is incorrect. You do need to do this, but the question is asking about connectivity, not permissions.
B. “A bucket policy needs to be added specifying the principles that are allowed to write data to the bucket” is incorrect. You may choose to use a bucket policy to enable permissions but the question is asking about connectivity, not permissions.
C. “A VPN should be established to enable private connectivity to S3” is incorrect. You can create a VPN to establish an encrypted tunnel into a VPC from a location outside of AWS. However, you cannot create a VPN connection from a subnet within a VPC to Amazon S3.
C. All at once
D. Rolling with additional batch
The correct answer is D. “Rolling with additional batch”.
AWS Elastic Beanstalk provides several options for how deployments are processed, including deployment policies (All at once, Rolling, Rolling with additional batch, and Immutable) and options that let you configure batch size and health check behavior during deployments.
For this scenario, we need to ensure we do not reduce the capacity of the application but we also need to minimize cost. In the table below you can see the different deployment policies available and how they impact capacity and cost:
The Rolling with additional batch deployment policy does require extra cost but the extra cost is the size of a batch of instances, therefore you can reduce cost by reducing the batch size. The Immutable deployment policy requires a total deployment of new instances – i.e. if you have 4 instances this will double to 8 instances.
Therefore, the best deployment policy to use for this scenario is the Rolling with additional batch.
A. “Immutable” is incorrect as this would require a higher cost as you need a total deployment of new instances.
B. “Rolling” is incorrect as this will result in a reduction in capacity which will affect performance.
C. “All at once” is incorrect as this results in a total reduction in capacity, i.e. your entire application is taken down at once while the application update is installed.
Take this Free AWS Practice Exam
This free AWS practice exam for the AWS Developer Associate consists of 20 questions with a mix of questions on core AWS services, including AWS Lambda, Amazon DynamoDB and Amazon API Gateway. Please note that unlike our online exam simulator, this free AWS practice test is not timed – so you can take as much time as required to answer each question. After completing your AWS Developer practice exam, you get to review your answers. Detailed explanations will demonstrate why each answer is correct or incorrect – along with reference links for each question. This will definitely help you identify your strength and weaknesses.
How to best prepare for your AWS Developer Associate Exam
Practice makes perfect! To maximize your chances of success, enroll in our ultimate training package for the AWS Developer that includes a video course, practice exams / online exam simulator and training notes (PDF).
The AWS Developer practice exam course consists of 6 full-length practice tests with 65 questions each.
Our Practice Exams are delivered in 4 different modes:
(1) Exam Mode (timed)
There are 6 full-length practice exams (with 65 questions each) that are timed and scored – reflecting the difficulty of the real exam questions. You have 130 minutes to answer 65 questions.
(2) Training Mode (not timed)
When taking the practice exam in training mode, after clicking “check”, the answers and explanations for every question will be revealed instantly.
(3) Knowledge Reviews (Deep Dive)
With our knowledge reviews, you are presented with a series of questions that focus on one specific topic.
(4) Final Exam Simulator (timed and scored)
Assess your exam readiness with the final exam simulator that randomly selects 65 questions from our pool of questions – simulating the real AWS exam environment.
Enroll in our popular AWS Developer Associate training – simply the best way to ensure you pass your exam the first time with a great score.
AWS Certified Developer Exam
Below you’ll find the most important facts about the official AWS Developer Associate Exam.
|Exam Name:||AWS Certified Developer Associate|
|Exam Duration:||130 Minutes|
|Exam Format:||Multiple choice or multiple response|
|Number of Questions:||65 Questions|
|Exam Language:||English, Japanese, Korean, Simplified Chinese|
|Exam Delivery Format:||Pearson VUE and PSI (testing center or online proctored exam)|
|Official Exam Guide||Download the Offical Exam Guide|