AWS Lambda: Customer Responsibilities | Exam SAA-C03

Customer Responsibilities for AWS Lambda

Prev Question Next Question

Question

Which of the following is the customer's responsibility concerning the AWS Lambda service? (Select TWO)

Answers

Explanations

Click on the arrows to vote for the correct answer

A. B. C. D. E.

Answer: A, E.

Option A is correct.

Options B, C is incorrect.

Option D is incorrect.

You cannot log in to underlying compute instances of lambda execution.

So, we cannot install any required libraries.

However, you can package all the required dependent libraries along with your code.

Refer to the below documentation for more information on creating a deployment package for Lambda functions.

https://docs.aws.amazon.com/lambda/latest/dg/with-s3-example-deployment-pkg.html

Option E is correct.

AWS Lambda assumes the role assigned during setup to access any AWS resources it performs any action on.

Policy on the role must grant access to any such resources for Lambda to perform operations, for example, S3 gets object, Dynamodb GetItem etc.

https://docs.aws.amazon.com/lambda/latest/dg/intro-permission-model.html#lambda-intro-
When Should I Use AWS Lambda?

AWS Lambda is an ideal compute platform for many application scenarios, provided that you can write your application code in languages
supported by AWS Lambda (that is, Node.js, Java, Go and C# and Python), and run within the AWS Lambda standard runtime environment
and resources provided by Lambda.

When using AWS Lambda, you are responsible only for your code. AWS Lambda manages the compute fleet that offers a balance of memory,
CPU, network, and other resources. This is in exchange for flexibility, which means you cannot log in to compute instances, or customize the
operating system or language runtime. These constraints enable AWS Lambda to perform operational and administrative activities on your

behalf, including provisioning capacity, monitoring fleet health, applying security patches, deploying your code, and monitoring and logging
your Lambda functions.

If you need to manage your own compute resources, Amazon Web Services also offers other compute services to meet your needs.

* Amazon Elastic Compute Cloud (Amazon EC2) service offers flexibility and a wide range of EC2 instance types to choose from. It gives
you the option to customize operating systems, network and security settings, and the entire software stack, but you are responsible for
provisioning capacity, monitoring fleet health and performance, and using Availability Zones for fault tolerance.

* Elastic Beanstalk offers an easy-to-use service for deploying and scaling applications onto Amazon EC2 in which you retain ownership
and full control over the underlying EC2 instances.

As an AWS customer, there are several responsibilities that you need to take care of when using the AWS Lambda service. Two of the most important responsibilities are:

A. Lambda function code: As an AWS customer, you are responsible for developing, testing, and deploying the code that will be executed by the Lambda service. This means that you need to create the code that defines the behavior of your Lambda functions, and upload it to AWS Lambda. AWS Lambda supports several programming languages, including Node.js, Python, Java, C#, and Go, among others. You can write your code directly in the AWS Lambda console, or you can use an integrated development environment (IDE) such as Visual Studio or Eclipse to develop your code.

B. Monitoring and logging lambda functions: You are also responsible for monitoring and logging the behavior of your Lambda functions. AWS Lambda provides several built-in monitoring tools, such as CloudWatch Logs and CloudWatch Metrics, which you can use to track the execution of your Lambda functions, identify errors and performance issues, and troubleshoot problems. You can also use third-party monitoring tools such as Datadog or New Relic to monitor the behavior of your Lambda functions.

C, D, and E are incorrect options:

C. Security patches: AWS is responsible for securing the underlying infrastructure that runs the Lambda service, including the operating system, the network, and the physical facilities. AWS also provides security features such as identity and access management (IAM), encryption, and compliance certifications that you can use to secure your Lambda functions and the data they process. However, you are not responsible for applying security patches to the underlying infrastructure; AWS takes care of that.

D. Installing required libraries in underlying compute instances for Lambda execution: AWS Lambda is a fully managed service, which means that AWS takes care of provisioning and managing the compute resources that are required to execute your Lambda functions. You don't need to worry about installing or managing any libraries or dependencies in the underlying compute instances; AWS takes care of that.

E. Providing AWS Lambda with the required role and permissions to access the AWS resources: When you create a Lambda function, you need to specify the AWS resources that it will interact with, such as Amazon S3 buckets, Amazon DynamoDB tables, or Amazon SQS queues. You also need to provide the Lambda function with the required role and permissions to access these resources. However, this is not a customer responsibility as it is done through the IAM role and policy, and AWS takes care of it.

Therefore, the correct answers are A and B.