106. Lambda

Question 1:
Currently, as a Solutions Architect, you are designing the architecture of your application using AWS services. This application is virtually stateless and you want to build a cost-optimal application. You also want to add the ability to expand based on processing power needs.
Which AWS service should you choose to meet this requirement?
Options:
A. Lambda
B. DynamoDB
C. Kinesis
D. EC2
Answer: A
Explanation
A stateless application is an application that does not require information of the client’s state to be communicated constantly in the system and does not retain session information each time. Therefore, the application will provide the same response to all end users when the same input is given. It will respond as if it were the clients first session each time. Lambda functions can achieve stateless application processing cost-optimally. Therefore, option 1 is the correct answer.
Option 2 is incorrect. DynamoDB is a NoSQL type DB and is used for high-speed and simple database processing. It can be used for serverless data processing linked with Lambda functions, but it is not correct because it is not a service for stateless application development. Rather, DynamoDB is used to store session data.
Option 3 is incorrect. Kinesis is a service used for processing and analysis of streaming data. It is not correct because it is not a service for stateless application development.
Option 4 is incorrect. It is possible to build stateless applications using EC2 instances. However, it is not a cost-optimal application compared to a serverless application that uses Lambda functions.

Question 2:
A solutions architect is designing a new service that will use an Amazon API Gateway API on the frontend. The service will need to persist data in a backend database using key-value requests. Initially, the data requirements will be around 1 GB and future growth is unknown. Requests can range from 0 to over 800 requests per second.
Which combination of AWS services would meet these requirements? (Select TWO.)
Options:
A. Fargate
B. Lambda
C. RDS
D. EC2 Auto Scaling
E. Dynamo DB
Answer: B & E
Explanation
In this case AWS Lambda can perform the computation and store the data in an Amazon DynamoDB table. Lambda can scale concurrent executions to meet demand easily and DynamoDB is built for key-value data storage requirements and is also serverless and easily scalable. This is therefore a cost effective solution for unpredictable workloads.
CORRECT: “AWS Lambda” is a correct answer.
CORRECT: “Amazon DynamoDB” is also a correct answer.
INCORRECT: “AWS Fargate” is incorrect as containers run constantly and therefore incur costs even when no requests are being made.
INCORRECT: “Amazon EC2 Auto Scaling” is incorrect as this uses EC2 instances which will incur costs even when no requests are being made.
INCORRECT: “Amazon RDS” is incorrect as this is a relational database not a No-SQL database. It is therefore not suitable for key-value data storage requirements.

Question 3:
An IT Company wants to move all the compute components of its AWS Cloud infrastructure into serverless architecture. Their development stack comprises a mix of backend programming languages and the company would like to explore the support offered by the AWS Lambda runtime for their programming languages stack.
Can you identify the programming languages supported by the Lambda runtime? (Select two)
Options:
A. C
B. C#/ .NET
C. PHP
D. Go
E. R
Answer: B & D
Explanation
Correct options:
C#/.NET
Go
A runtime is a version of a programming language or framework that you can use to write Lambda functions. AWS Lambda supports runtimes for the following languages:
C#/.NET
Go
Java
Node.js
Python
Ruby
Incorrect options:
C
PHP
R
Given the list of supported runtimes above, these three options are incorrect.

Question 4:
A weather forecast agency collects key weather metrics across multiple cities in the US and sends this data in the form of key-value pairs to AWS Cloud at a one-minute frequency.
As a solutions architect, which of the following AWS services would you use to build a solution for processing and then reliably storing this data with high availability? (Select two)
Options:
A• Lambda
B• ElastiCache
C• Redshift
D• RDS
E• DynamoDB
Answer: A & E
Explanation
Correct options:
Lambda – With AWS Lambda, you can run code without provisioning or managing servers. You pay only for the compute time that you consume—there’s no charge when your code isn’t running. You can run code for virtually any type of application or backend service—all with zero administration.
DynamoDB – Amazon DynamoDB is a key-value and document database that delivers single-digit millisecond performance at any scale. It’s a fully managed, multi-region, multi-master, durable database with built-in security, backup and restore, and in-memory caching for internet-scale applications. DynamoDB is a NoSQL database and it’s best suited to store data in key-value pairs.
AWS Lambda can be combined with DynamoDB to process and capture the key-value data from the IoT sources described in the use-case. So both these options are correct.
Incorrect options:
Redshift – Amazon Redshift is a fully-managed petabyte-scale cloud-based data warehouse product designed for large scale data set storage and analysis. You cannot use Redshift to capture data in key-value pairs from the IoT sources, so this option is not correct.
ElastiCache – Amazon ElastiCache allows you to seamlessly set up, run, and scale popular open-Source compatible in-memory data stores in the cloud. Build data-intensive apps or boost the performance of your existing databases by retrieving data from high throughput and low latency in-memory data stores. Amazon ElastiCache is a popular choice for real-time use cases like Caching, Session Stores, Gaming, Geospatial Services, Real-Time Analytics, and Queuing. Elasticache is used as a caching layer in front of relational databases. It is not a good fit to store data in key-value pairs from the IoT sources, so this option is not correct.
RDS – Amazon Relational Database Service (Amazon RDS) makes it easy to set up, operate, and scale a relational database in the cloud. It provides cost-efficient and resizable capacity while automating time-consuming administration tasks such as hardware provisioning, database setup, patching, and backups. Relational databases are not a good fit to store data in key-value pairs, so this option is not correct.

Question 5:
A developer needs to implement a Lambda function in AWS account A that accesses an Amazon S3 bucket in AWS account B.
As a Solutions Architect, which of the following will you recommend to meet this requirement?
Options:
A• Create an IAM role for the Lambda function that grants access to the S3 bucket. Set the IAM role as the Lambda function’s execution role. Make sure that the bucket policy also grants access to the Lambda function’s execution role
B• AWS Lambda cannot access resources across AWS accounts. Use Identity federation to work around this limitation of Lambda
C• The S3 bucket owner should make the bucket public so that it can be accessed by the Lambda function in the other AWS account
D• Create an IAM role for the Lambda function that grants access to the S3 bucket. Set the IAM role as the Lambda function’s execution role and that would give the Lambda function cross-account access to the S3 bucket
Answer: A
Explanation
Correct option:
Create an IAM role for the Lambda function that grants access to the S3 bucket. Set the IAM role as the Lambda function’s execution role. Make sure that the bucket policy also grants access to the Lambda function’s execution role
If the IAM role that you create for the Lambda function is in the same AWS account as the bucket, then you don’t need to grant Amazon S3 permissions on both the IAM role and the bucket policy. Instead, you can grant the permissions on the IAM role and then verify that the bucket policy doesn’t explicitly deny access to the Lambda function role. If the IAM role and the bucket are in different accounts, then you need to grant Amazon S3 permissions on both the IAM role and the bucket policy. Therefore, this is the right way of giving access to AWS Lambda for the given use-case.
Incorrect options:
AWS Lambda cannot access resources across AWS accounts. Use Identity federation to work around this limitation of Lambda – This is an incorrect statement, used only as a distractor.
Create an IAM role for the Lambda function that grants access to the S3 bucket. Set the IAM role as the Lambda function’s execution role and that would give the Lambda function cross-account access to the S3 bucket – When the execution role of Lambda and S3 bucket to be accessed are from different accounts, then you need to grant S3 bucket access permissions to the IAM role and also ensure that the bucket policy grants access to the Lambda function’s execution role.
The S3 bucket owner should make the bucket public so that it can be accessed by the Lambda function in the other AWS account – Making the S3 bucket public for the given use-case will be considered as a security bad practice. It’s usually done for very few use-cases such as hosting a website on S3. Therefore this option is incorrect.