ExamTopics Logo
Mail Us[email protected]
Menu
Amazon Discussions
exam questions

Exam AWS Certified Developer Associate All Questions

View all questions & answers for the AWS Certified Developer Associate exam
Go to Exam

Exam AWS Certified Developer Associate topic 1 question 361 discussion

Exam question from Amazon's AWS Certified Developer Associate
Question #: 361
Topic #: 1
[All AWS Certified Developer Associate Questions]

A social media application uses the AWS SDK for JavaScript on the frontend to get user credentials from AWS Security Token Service (AWS STS). The application stores its assets in an Amazon S3 bucket. The application serves its content by using an Amazon CloudFront distribution with the origin sot to the S3 bucket.

The credentials for the role that the application assumes to make the SDK calls are stored in plaintext in a JSON file within the application code. The developer needs to implement a solution that will allow the application to get user credentials without having any credentials hardcoded in the application code.

Which solution will meet these requirements?

  • A. Add a Lambda@Edge function to the distribution. Invoke the function on viewer request. Add permissions to the function's execution role to allow the function to access AWS STS. Move all SDK calls from the frontend into the function.
  • B. Add a CloudFront function to the distribution. Invoke the function on viewer request. Add permissions to the function's execution role to allow the function to access AWS STS. Move all SDK calls from the frontend into the function.
  • C. Add a Lambda@Edge function to the distribution. Invoke the function on viewer request. Move the credentials from the JSON file into the function. Move all SDK calls from the frontend into the function.
  • D. Add a CloudFront function to the distribution. Invoke the function on viewer request. Move the credentials from the JSON file into the function. Move all SDK calls from the frontend into the function.
Show Suggested Answer Hide Answer
Suggested Answer: A 🗳️
by ubuntu1234 at Dec. 3, 2022, 11:22 a.m.
Disclaimers:
  • - ExamTopics website is not related to, affiliated with, endorsed or authorized by Amazon.
  • - Trademarks, certification & product names are used for reference only and belong to Amazon.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
SBoksh
Highly Voted 2 years, 4 months ago
Selected Answer: A
Lambda@Edge is a good fit for the following scenarios: Functions that take several milliseconds or more to complete. Functions that require adjustable CPU or memory. Functions that depend on third-party libraries (including the AWS SDK, for integration with other AWS services).
upvoted 8 times
...
maurice2005
Most Recent 1 year, 1 month ago
Selected Answer: B
I think this is a lightweight function to do so B is better https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/edge-functions-choosing.html
upvoted 1 times
a15ce96
1 year, 1 month ago
Hi. Lambda@Edge is a good fit for the following scenarios: .... - Functions that depend on third-party libraries (including the AWS SDK, for integration with other AWS services). Also , cloudfront functions cannot access internet. I think that's why Lambda@Edge is preferable. From what I see from the documentation you sent (thanks for that), Cloudfont functions are very lightweight, fast, but very limited functions.
upvoted 1 times
...
...
tieyua
2 years, 2 months ago
Selected Answer: A
cloudfront function is javascript running locally, cannot access internet, so probably can't call STS.
upvoted 1 times
...
miensol
2 years, 3 months ago
Selected Answer: A
CloudFront Functions cannot access the network: > To do that, we had to enforce some restrictions, such as avoiding network and file system access. Also, functions run for less than one millisecond. https://aws.amazon.com/blogs/aws/introducing-cloudfront-functions-run-your-code-at-the-edge-with-low-latency-at-any-scale/ Thus it must be Lambda @ Edge
upvoted 1 times
...
KT_Yu
2 years, 3 months ago
Selected Answer: B
Ans B Lambda @ Edge does not support Javascript applications, only Python and Node.js
upvoted 1 times
captainpike
2 years, 1 month ago
Node.js is basically javascript running on server. I checked the documentation and to run nodejs you can use AWS SDAK for javascript
upvoted 1 times
...
tony554556
2 years, 2 months ago
Move all SDK calls from the frontend into the function. So no more JS
upvoted 3 times
...
...
fabriciollf
2 years, 4 months ago
Selected Answer: B
Access authorization: Implement access control and authorization for the content delivered through CloudFront by creating and validating user-generated tokens, such as HMAC tokens or JSON web tokens (JWT), to allow/deny requests. https://aws.amazon.com/blogs/aws/introducing-cloudfront-functions-run-your-code-at-the-edge-with-low-latency-at-any-scale/
upvoted 1 times
...
k1kavi1
2 years, 4 months ago
Selected Answer: B
B or D https://aws.amazon.com/blogs/aws/introducing-cloudfront-functions-run-your-code-at-the-edge-with-low-latency-at-any-scale/
upvoted 1 times
...
ubuntu1234
2 years, 4 months ago
B With CloudFront Functions in Amazon CloudFront, you can write lightweight functions in JavaScript for high-scale, latency-sensitive CDN customizations. Your functions can manipulate the requests and responses that flow through CloudFront, perform basic authentication and authorization, generate HTTP responses at the edge, and more.... https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/cloudfront-functions.html https://jayendrapatil.com/aws-cloudfront-edge-functions/
upvoted 2 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago