AWS Developer Associate – Free Practice Exam Questions

FREE PRACTICE QUESTIONS

AWS Certified Developer Associate

Are you ready to sit your AWS Developer Associate exam? Test your knowledge with these free practice questions. To give you a taste of our popular AWS Certified Developer practice exams, we have compiled these free AWS quiz questions. No sign-up required. Simply click on the AWS sample questions below to reveal the right answers along with explanations and reference links. If you’re looking for more free AWS practice questions, sign-up for our free AWS practice test for the AWS Certified Developer Associate.

Click on the AWS Developer sample questions below to reveal the correct answers and explanations with reference links. 

The correct answer is D. “Use an Amazon Cognito identity pool, federate with the SAML provider, and use a trust policy with an IAM condition key to limit employee access”.

Explanation:

Amazon Cognito leverages IAM roles to generate temporary credentials for your application’s users. Access to permissions is controlled by a role’s trust relationships.

In this example the Developer must limit access to specific identities in the SAML directory. The Developer can create a trust policy with an IAM condition key that limits access to a specific set of app users by checking the value of cognito-identity.amazonaws.com:sub:

Free AWS Developer Questions

A. “Create the application within an Amazon VPC and use a VPC endpoint with a trust policy to grant access to the employees” is incorrect. You cannot provide access to an on-premises SAML directory using a VPC endpoint.

B. “Use Amazon Cognito user pools, federate with the SAML provider, and use user pool groups with an IAM policy” is incorrect. A user pool can be used to authenticate but the identity pool is used to provide authorized access to AWS services.

C: “Create a unique IAM role for each employee and have each employee assume the role to access the application so they can access their personal data only” is incorrect. This is not an integration into the SAML directory and would be very difficult to manage.

References:

https://docs.aws.amazon.com/cognito/latest/Developerguide/role-trust-and-permissions.html

https://docs.aws.amazon.com/cognito/latest/Developerguide/iam-roles.html

https://digitalcloud.training/certification-training/aws-Developer-associate/aws-security-identity-and-compliance/aws-cognito/

The correct answer is D. “A VPC endpoint should be provisioned for S3”.

Explanation:

Please note that the question specifically asks how to enable connectivity so this is not about permissions. When using a private subnet with no Internet connectivity there are only two options available for connecting to Amazon S3 (which remember, is a service with a public endpoint, it’s not in your VPC).

The first option is to enable Internet connectivity through either a NAT Gateway or a NAT Instance. However, there is no answer offering either of these as a solution. The other option is to enable a VPC endpoint for S3.

The specific type of VPC endpoint to S3 is a Gateway Endpoint. EC2 instances running in private subnets of a VPC can use the endpoint to enable controlled access to S3 buckets, objects, and API functions that are in the same region as the VPC. You can then use an S3 bucket policy to indicate which VPCs and which VPC Endpoints have access to your S3 buckets.

In the following diagram, instances in subnet 2 can access Amazon S3 through the gateway endpoint.

Free AWS Exam Questions

Therefore, the only answer that presents a solution to this challenge is to provision an VPC endpoint for S3.

A. “An IAM role must be added to the instance that has permissions to write to the S3 bucket” is incorrect. You do need to do this, but the question is asking about connectivity, not permissions.

B. “A bucket policy needs to be added specifying the principles that are allowed to write data to the bucket” is incorrect. You may choose to use a bucket policy to enable permissions but the question is asking about connectivity, not permissions.

C. “A VPN should be established to enable private connectivity to S3” is incorrect. You can create a VPN to establish an encrypted tunnel into a VPC from a location outside of AWS. However, you cannot create a VPN connection from a subnet within a VPC to Amazon S3.

References:

https://docs.aws.amazon.com/vpc/latest/userguide/vpc-endpoints-s3.html

https://digitalcloud.training/certification-training/aws-developer-associate/aws-storage/amazon-s3/

The correct answer is D. “Rolling with additional batch”.

Explanation:

AWS Elastic Beanstalk provides several options for how deployments are processed, including deployment policies (All at onceRollingRolling with additional batch, and Immutable) and options that let you configure batch size and health check behavior during deployments.

For this scenario, we need to ensure we do not reduce the capacity of the application but we also need to minimize cost. In the table below you can see the different deployment policies available and how they impact capacity and cost:

Free AWS Quiz

The Rolling with additional batch deployment policy does require extra cost but the extra cost is the size of a batch of instances, therefore you can reduce cost by reducing the batch size. The Immutable deployment policy requires a total deployment of new instances – i.e. if you have 4 instances this will double to 8 instances.

Therefore, the best deployment policy to use for this scenario is the Rolling with additional batch.

A. “Immutable” is incorrect as this would require a higher cost as you need a total deployment of new instances.

B. “Rolling” is incorrect as this will result in a reduction in capacity which will affect performance.

C. “All at once” is incorrect as this results in a total reduction in capacity, i.e. your entire application is taken down at once while the application update is installed.

References:

https://docs.aws.amazon.com/elasticbeanstalk/latest/dg/using-features.rolling-version-deploy.html

https://digitalcloud.training/certification-training/aws-developer-associate/aws-compute/elastic-beanstalk/

Take this Free AWS Practice Exam

Sign up here to access more practice questions for the AWS Certified Developer Associate that include detailed answers and explanations

20
questions

Test your knowledge with 20 AWS practice questions that reflect the difficulty of the real AWS exam

Pass mark
72%

You need to get 14 out of the 20 Practice Questions right to pass this free AWS practice exam. Good luck!

Exam
Coverage

This FREE AWS practice test includes a mix of questions on core AWS services covering multiple knowledge areas

This free AWS practice exam for the AWS Developer Associate consists of 20 questions with a mix of questions on core AWS services, including AWS Lambda, Amazon DynamoDB and Amazon API Gateway. Please note that unlike our online exam simulator, this free AWS practice test is not timed – so you can take as much time as required to answer each question. After completing your AWS Developer practice exam, you get to review your answers. Detailed explanations will demonstrate why each answer is correct or incorrect – along with reference links for each question. This will definitely help you identify your strength and weaknesses.

AWS Certified Developer Associate Practice Exams

Practice makes perfect. To maximize your chances of success, enroll in the practice exam course for the AWS Certified Developer Associate.

AWS Developer Associate Practice Exams are delivered in 4 different modes:

(1) Exam Mode (timed)

There are 6 full-length practice exams (with 65 questions each) that are timed and scored – reflecting the difficulty of the real exam questions. You have 130 minutes to answer 65 questions. 

(2) Training Mode (not timed)

When taking the practice exam in training mode, after clicking “check”, the answers and explanations for every question will be revealed instantly. 

(3) Knowledge Reviews (Deep Dive)

With our knowledge reviews, you are presented with a series of questions that focus on one specific topic.

(4) Final Exam Simulator (timed and scored)

Assess your exam readiness with the final exam simulator that randomly selects 65 questions from our pool of questions – simulating the real AWS exam environment. 

Enroll today to ensure you pass your exam the first time with confidence. 

AWS Certified Developer Exam

Below you’ll find the most important facts about the official AWS Developer Associate Exam.

Exam Name:AWS Certified Developer Associate
Exam Duration:130 Minutes
Exam Level:Associate
Passing Score:72%
Eligibility/Pre-requisite:None
Validity:3 years
Exam Code:DVA-C01
Exam Format:Multiple choice or multiple response
Number of Questions:65 Questions
Exam Fee:$150
Exam Language:English, Japanese, Korean, Simplified Chinese
Exam Delivery Format:Pearson VUE and PSI (testing center or online proctored exam)
Official Exam GuideDownload the Offical Exam Guide