Jeff’s Note #
Unlike generic exam dumps, ADH analyzes this scenario through the lens of a Real-World Lead Developer.
For DVA-C02 candidates, the confusion often lies in how to reliably capture failed asynchronous Lambda events for investigation. In production, it’s about understanding the nuances of dead-letter queues, event routing, and required permissions to ensure no events are lost silently. Let’s drill down.
The Certification Drill (Simulated Question) #
Scenario #
A growing startup, CloudInnovate, is developing a serverless analytics platform that asynchronously invokes multiple AWS Lambda functions to process diverse user events. Occasionally, they notice that some events fail to be handled by their Lambda functions without any visible error trace. The engineering team needs a robust approach to capture and investigate those failed Lambda events asynchronously.
The Requirement #
You must implement a solution to isolate and store the failed asynchronous Lambda invocation events so the team can analyze why processing failed and reprocess the events if needed.
The Options #
-
A) Add an Amazon EventBridge rule for the Lambda function. Configure the EventBridge rule to react to failed events and store the events in an Amazon DynamoDB table.
-
B) Configure the Lambda function with a dead-letter queue based on Amazon Kinesis. Update the Lambda function’s execution role with the required permissions.
-
C) Configure the Lambda function with an Amazon Simple Queue Service (Amazon SQS) dead-letter queue. Update the Lambda function’s execution role with the required permissions.
-
D) Configure the Lambda function with an Amazon Simple Queue Service (Amazon SQS) FIFO dead-letter queue. Update the Lambda function’s execution role with the required permissions.
Google adsense #
leave a comment:
Correct Answer #
C
Quick Insight: The Developer Imperative #
The best practice for capturing failed asynchronous Lambda events is to configure an SQS dead-letter queue (DLQ). This allows failed events to be captured reliably with minimal operational overhead and integrates seamlessly with Lambda’s asynchronous invocation model.
Kinesis is not supported as a DLQ target. EventBridge can respond to events, but it is not a DLQ solution by itself. FIFO queues are used when ordering matters, but normal SQS standard queues suffice if ordering is not critical.
Content Locked: The Expert Analysis #
You’ve identified the answer. But do you know the implementation details that separate a Junior from a Senior?
The Expert’s Analysis #
Correct Answer #
Option C
The Winning Logic #
AWS Lambda supports dead-letter queues to capture events that fail to process during asynchronous invocation. The DLQ can be an SQS queue or SNS topic. Using an SQS standard queue as a dead-letter queue is the most common and recommended practice because:
- It allows durable storage of failed events for later analysis or replay.
- It decouples failure handling from the Lambda logic.
- Lambda execution role permissions can be scoped to allow sending messages only to the configured SQS queue.
- It integrates natively with Lambda error handling.
The Trap (Distractor Analysis): #
-
Option A (EventBridge rule): EventBridge can route various AWS events, but Lambda itself does not emit invocation failure events to EventBridge by default. Using EventBridge here would require custom instrumentation and does not serve as a DLQ.
-
Option B (Kinesis DLQ): Kinesis is not a supported dead-letter queue destination for Lambda. Using Kinesis would require building a custom failure handling solution.
-
Option D (SQS FIFO DLQ): A FIFO queue enforces strict ordering and deduplication, which may not be needed here and adds unnecessary complexity. Also, Lambda asynchronous DLQ support typically expects standard queues unless ordering is explicitly required.
The Technical Blueprint #
B) For Developer (Code/CLI Snippet): #
Setup SQS DLQ for Lambda function and update IAM role accordingly:
# Create the SQS DLQ
aws sqs create-queue --queue-name lambda-dlq
# Get DLQ ARN
DLQ_ARN=$(aws sqs get-queue-attributes --queue-url https://sqs.<region>.amazonaws.com/<account-id>/lambda-dlq --attribute-names QueueArn --query 'Attributes.QueueArn' --output text)
# Update Lambda function configuration to use DLQ
aws lambda update-function-configuration \
--function-name myLambdaFunction \
--dead-letter-config TargetArn=$DLQ_ARN
# Update Lambda execution role policy JSON with permission to send messages to DLQ
cat <<EoF > lambda-execution-role-policy.json
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": "sqs:SendMessage",
"Resource": "$DLQ_ARN"
}
]
}
EoF
# Attach the policy to the Lambda execution role
aws iam put-role-policy --role-name lambda-execution-role --policy-name LambdaDLQAccess --policy-document file://lambda-execution-role-policy.json
The Comparative Analysis #
| Option | API Complexity | Performance | Use Case |
|---|---|---|---|
| A | High (EventBridge custom rules) | Indirect (No native DLQ) | Not designed for DLQ, requires event logging |
| B | Unsupported DLQ target | N/A | Kinesis not a DLQ for Lambda async invocation |
| C | Simple API (Lambda DLQ config + SQS) | Efficient | Standard best practice for async Lambda failure handling |
| D | Similar to C but with FIFO overhead | Potentially lower throughput | Use if ordering of failed events is critical |
Real-World Application (Practitioner Insight) #
Exam Rule #
For asynchronous Lambda failure handling, always use an SQS queue as the dead-letter queue unless you have a specific ordering/deduplication requirement.
Real World #
Sometimes teams build custom error handling pipelines into EventBridge or Kinesis for advanced analytics or real-time retry orchestration, but this adds complexity. Start simple with an SQS DLQ and evolve from there.
(CTA) Stop Guessing, Start Mastering #
Disclaimer
This is a study note based on simulated scenarios for the DVA-C02 exam.