DVA-C02 Exam Dumps : AWS Certified Developer - Associate

Configuring the Lambda function to use ephemeral storage and processing data in the /tmp directory improves performance by leveraging local storage during execution.

Why Option C is Correct:

Ephemeral Storage: Lambda provides temporary storage (up to 10 GB) in the /tmp directory for each invocation, which is faster than pulling data directly from S3 multiple times.

Performance Boost: Data can be downloaded to /tmp, processed locally, and uploaded to the destination S3 bucket, minimizing S3 network calls.

Low Overhead: This approach requires only minimal changes to the function ' s configuration.

Why Not Other Options:

Option A: Using Amazon EFS adds complexity and is unnecessary for this use case.

Option B: Scheduling the function does not address the root cause of slow performance.

Option D: Lambda layers improve deployment efficiency, not runtime performance for this scenario.

Using Ephemeral Storage in AWS Lambda

Best Practices for S3 and Lambda Performance

The requirement has two parts: (1) authenticate users with a third-party SAML IdP , and (2) after authentication, allow those users to access AWS services like Amazon S3 and DynamoDB. The AWS pattern for this is to federate the external identity into AWS and then exchange that identity for temporary AWS credentials .

Amazon Cognito identity pools are designed to provide AWS credentials to authenticated users (via AWS STS) so the users can call AWS services directly or through an application backend. Identity pools support federation with external identity providers, including SAML 2.0 . When a user authenticates with the third-party SAML IdP, the identity pool can accept the SAML assertion, map the user to an IAM role, and return temporary, scoped credentials (AccessKeyId/SecretAccessKey/SessionToken) associated with that role. Those credentials can be restricted using IAM policies to only the required S3 buckets, DynamoDB tables, and actions, satisfying least privilege.

Option A is incorrect because a Cognito user pool is primarily a user directory and OIDC/OAuth provider for application authentication; while user pools can integrate with SAML IdPs for federation, user pools alone do not directly issue AWS service credentials. The key requirement here is access to S3/DynamoDB, which is the role of an identity pool . Option C is not appropriate because IAM is not intended to provide end-user sign-up/sign-in for external users; it is for AWS identities and permissions. Option D is unrelated: CloudFront signed URLs control access to CloudFront-distributed content and do not authenticate users with SAML or provide AWS credentials.

Therefore, B meets both requirements: federate SAML authentication through a Cognito identity pool and provide temporary AWS credentials for accessing S3 and DynamoDB.

The correct answer is D because the current DynamoDB table design is causing a hot partition problem. The table uses order_date as the partition key, which means that during peak ordering periods, a very large number of writes are likely targeting the same partition key value for the current date. In DynamoDB, write throttling often occurs when traffic is not evenly distributed across partition keys, even when the table uses on-demand mode . On-demand capacity can automatically scale, but it still depends on proper key distribution to avoid concentrated activity on a small number of partitions.

By changing the partition key to customer_id and using order_id as the sort key, writes will be spread across many customers instead of being concentrated on a small number of date values. This creates a more balanced write pattern and better aligns with DynamoDB best practices for high-scale workloads. DynamoDB documentation emphasizes choosing partition keys with high cardinality and even request distribution to avoid throttling and improve performance.

Option A is not a good design because a sequential partition key can still create uneven access patterns and usually does not support meaningful access requirements. Option B is not the best answer because simply increasing capacity does not fix a poor partition key design; hot partitions can still throttle. Option C is unnecessary because the issue is not that DynamoDB is the wrong service, but that the table schema needs redesign.

Therefore, the best solution is to refactor the key schema so that writes distribute more evenly across partitions, which is exactly what D achieves.