Amazon Web Services DVA-C02 Exam With Confidence Using Practice Dumps

Amazon S3 Lifecycle rules are specifically designed to manage object versions over time. When versioning is enabled, lifecycle rules can be configured to expire noncurrent versions , retaining only a defined number of recent versions.

AWS documentation states that lifecycle rules can be used to “retain a specific number of newer noncurrent versions.” By configuring a lifecycle rule to keep one noncurrent version , Amazon S3 automatically deletes older versions while retaining the current and immediately previous versions.

Bucket policies (Option A) control access, not retention. S3 Object Lock (Option C) is designed for regulatory compliance and write-once-read-many (WORM) use cases and is not suitable for routine version cleanup. Suspending versioning (Option D) does not remove existing versions and increases application complexity.

Therefore, an S3 Lifecycle rule is the correct and AWS-recommended solution.

To rotate database credentials without downtime, Secrets Manager recommends the alternating users (dual user) rotation strategy. With a single-user strategy, Secrets Manager changes the password for the same database user that the application is actively using. If the application continues using cached/old credentials during rotation, authentication failures and downtime can occur.

With the alternating users strategy, two database users exist (often named something like appuser and appuser_clone). Secrets Manager alternates which user is “active” in the secret. During rotation, Secrets Manager updates the inactive user’s password, verifies it, updates the secret to point to the newly updated user, and then (optionally) retires the old credentials. This approach minimizes disruption because there is always one known-good credential set while the other is being updated.

The question specifically requires regular rotation using Secrets Manager. That is achieved by enabling automatic rotation on the secret with a schedule (for example, every 30/60/90 days). Automatic rotation invokes the rotation Lambda (AWS-provided or configured) and performs the workflow without manual intervention.

Option D combines both requirements: automatic rotation plus the alternating users strategy for high availability and no downtime.

Option B mentions alternating users but “managed rotation” is not the standard term used in these choices as the primary differentiator—automatic rotation is the necessary capability to rotate regularly without manual effort.

Options A and C (single user) are more likely to cause downtime during rotation.

Therefore, configure automatic rotation with the alternating users rotation strategy.

The correct answers are B and E .

The existing platform already runs on Kubernetes , so the fastest and most compatible migration path is to use Amazon EKS , which is AWS’s managed Kubernetes service. This preserves the application’s orchestration model and minimizes refactoring. Because the clusters must be highly available , EKS is a strong fit since it is designed to run Kubernetes workloads across multiple Availability Zones.

For shared storage, the on-premises application currently depends on a common NFS share that all containers can access. On AWS, the service that most closely matches this requirement is Amazon EFS , which provides a managed, elastic, shared file system that supports NFS access and can be mounted concurrently from multiple compute nodes. By contrast, Amazon EBS is block storage that is generally attached to a single instance and is not the right replacement for a shared multi-node NFS workload.

Therefore, B is correct because it moves the shared NFS data to Amazon EFS and stores the container images in Amazon ECR , which is the proper AWS managed registry for container images. E is correct because it runs the applications on Amazon EKS and uses Amazon EFS as the shared mounted file system across the Kubernetes worker nodes.

Option C is wrong because it uses ECS , not Kubernetes. Option D is wrong because EBS does not meet the requirement for a shared NFS-like file system across highly available Kubernetes nodes. Option A is wrong for the same storage reason.

So, the best migration combination is Amazon EFS + Amazon EKS , which makes B and E correct.