DVA-C02 Exam Dumps : AWS Certified Developer - Associate

The correct policy condition ensures that:

The LeadingKeys condition restricts operations to the authenticated user ' s user_id.

The Attributes condition limits the updatable attributes to user_name.

Explanation of Choices:

Option A: Correctly enforces both the key restriction (dynamodb:LeadingKeys) and ensures only the user_name attribute can be updated.

Option B, C, D: Use incorrect conditions, such as referencing user_name in the LeadingKeys or including other attributes like user_id in updatable fields.

The safest way to prevent cross-tenant data leakage during processing is to enforce tenant isolation at the authorization layer , not only in application logic. AWS supports this with ABAC (attribute-based access control) using IAM principal/session tags and policy condition keys. The goal is to ensure that, for each invocation, the function can access only the S3 prefix and DynamoDB items that match the tenant being processed.

First, the Lambda execution role should be permitted to assume a dedicated data access role (B). This creates a clear separation: the execution role has minimal base permissions and can obtain tenant-scoped permissions only by assuming the data role.

Second, the Lambda function should assume that data access role with the tenant name as a session tag and then use the temporary credentials for all S3/DynamoDB calls (F). Session tagging ties the caller’s identity attributes (tenant) to the credentials used for data access.

Third, attach policies to the data access role that restrict access using conditions that compare the session tag to the requested resource attributes (C). For S3, policies can restrict access to object ARNs like arn:aws:s3:::bucket/${aws:PrincipalTag/tenant}/*. For DynamoDB, policies can restrict access by partition key using dynamodb:LeadingKeys so the role can read/write only items whose partition key equals the tenant tag. This ensures that even if the function code has a bug or receives unexpected input, AWS authorization prevents it from reading or writing another tenant’s data.

Option A is not required as stated; you typically need permission to pass session tags (and the trust/policy must allow tagging), but the key actions here are: enable assume role (B), enforce tag-based data policies (C), and actually assume the role with tenant tag (F). Option D is not generally the primary control for DynamoDB; the standard enforcement is via IAM identity policies (and dynamodb:LeadingKeys). Option E (RCP) is an AWS Organizations guardrail and is not necessary for this single-application isolation pattern.

The correct answer is B because Amazon EventBridge is designed for building loosely coupled event-driven architectures . In this scenario, when an order is placed, the order processing system can publish a single event to an EventBridge event bus. Then, multiple independent consumers can react to that event through separate rules and targets . This matches the requirement to update inventory, send email, notify shipping, and update order history without tightly coupling those actions together.

EventBridge is especially well suited when the company wants to add new processing steps later . A new consumer can be added simply by creating another rule and target for the existing order event, without changing the original order submission code or the existing consumers. This supports extensibility and separation of concerns, which are key goals of event-driven design.

Option A is less appropriate because a single Lambda function that directly calls every downstream system becomes tightly coupled and harder to extend. Option C supports fan-out, but EventBridge provides richer routing, filtering, and event bus semantics for enterprise event-driven workflows. Option D is useful for workflow orchestration, but it creates a more centrally orchestrated pattern rather than the looser publish-and-subscribe model requested in the question.

AWS guidance for modern event-driven architectures emphasizes publishing events and allowing interested services to subscribe independently. EventBridge provides native routing and integration with many AWS services, making it easy to evolve the architecture over time. Therefore, B is the best answer for achieving loose coupling and future extensibility.