AWS · DVA-C02
Validates ability to develop, test, deploy, and debug AWS Cloud-based applications using AWS services.
Questions
536
Duration
130 minutes
Passing Score
720/1000
Difficulty
AssociateLast Updated
Jan 2026
Use this DVA-C02 practice exam to prepare for AWS Certified Developer - Associate (DVA-C02) with realistic questions, detailed explanations, and focused study modes. The practice bank includes 536 questions for AWS DVA-C02, so you can review the exam steadily instead of relying on one long cram session.
As you practice, pay extra attention to recurring topics such as Development with AWS Services, Security, Deployment, and Troubleshooting and Optimization. Start with short sessions to identify weak areas, then move into timed quizzes once your accuracy is consistent.
The explanations are especially useful when you want to connect exam wording to the responsibilities and scenarios described in the official certification guidance. Use the free preview first, then unlock the full question bank when you are ready to build a complete study routine.
The AWS Certified Developer – Associate (DVA-C02) is an intermediate-level certification from Amazon Web Services that validates a candidate's proficiency in developing, testing, deploying, and debugging cloud-based applications on the AWS platform. It demonstrates hands-on competency with core AWS developer services including AWS Lambda, Amazon API Gateway, Amazon DynamoDB, Amazon S3, Amazon SQS, Amazon SNS, AWS CodePipeline, AWS CodeBuild, AWS CodeDeploy, and the AWS SDKs and CLI. The exam was updated in December 2024 (Version 2.1) to include 18 new skills, incorporating topics such as Amazon Q Developer, event-driven architecture patterns with Amazon EventBridge, and resilience patterns like retry logic and circuit breakers.
The certification covers four weighted domains: developing applications with AWS services (32%), implementing security controls (26%), automating deployment workflows (24%), and troubleshooting and optimizing applications (18%). It is recognized globally as a benchmark for cloud developers and is valid for three years, after which holders can recertify by retaking the current exam version or by earning the AWS Certified DevOps Engineer – Professional credential.
This certification is designed for software developers and cloud engineers who spend at least a portion of their role building and maintaining applications on AWS. Relevant job titles include Cloud Developer, Backend Developer, Full-Stack Developer, DevOps Engineer, and Solutions Developer. Candidates typically have one or more years of hands-on experience writing application code using AWS services, familiarity with at least one high-level programming language (such as Python, Java, JavaScript, or Go), and practical knowledge of cloud-native development patterns.
Developers who are new to cloud but hold strong general programming backgrounds will also find this exam accessible, though AWS recommends that individuals with no prior IT experience first earn the AWS Certified Cloud Practitioner to build foundational knowledge before attempting this associate-level exam.
There are no formal prerequisites required to register for the DVA-C02 exam. However, AWS recommends that candidates have one or more years of practical experience developing and maintaining applications using AWS services before sitting the exam. Candidates should be comfortable with at least one high-level programming language and have working knowledge of AWS core services such as IAM, S3, DynamoDB, Lambda, API Gateway, SQS, and SNS.
Familiarity with CI/CD concepts and hands-on experience with AWS developer tools (CodeCommit, CodeBuild, CodeDeploy, CodePipeline) is also strongly advised. Candidates should understand RESTful API design, serverless architectures, and basic cloud security principles including authentication via Amazon Cognito and secrets management via AWS Secrets Manager and AWS Systems Manager Parameter Store.
The DVA-C02 exam consists of 65 total questions: 50 scored questions and 15 unscored pretest questions that do not affect the final score (unscored questions are not identified during the exam). Question types are either multiple choice (one correct answer from four options) or multiple response (two or more correct answers from five or more options). The time limit is 130 minutes, and the exam is proctored via Pearson VUE either at an authorized testing center or through an online proctored session. The exam is available in English, Japanese, Korean, Portuguese (Brazil), Simplified Chinese, and Spanish (Latin America).
Scores are reported on a scaled score of 100–1,000, with a minimum passing score of 720. Unanswered questions are scored as incorrect; there is no penalty for guessing. The exam fee is $150 USD, and AWS provides certified holders with a 50% discount voucher for their next certification exam.
The AWS Certified Developer – Associate is one of the highest-compensating associate-level cloud certifications available. AWS-certified developers in the United States report average salaries of approximately $130,000–$133,000 per year, with senior roles exceeding $150,000. According to industry salary surveys, AWS-certified IT professionals earn on average 27.5% more than non-certified counterparts, and 19% of certification holders report a direct salary increase following certification. The credential is recognized globally and is frequently listed as a required or preferred qualification in cloud developer job postings across financial services, healthcare, technology, and e-commerce sectors.
Beyond compensation, 63% of certified AWS professionals report receiving or expecting a promotion after certification, and 41% report increased workplace engagement. The DVA-C02 serves as a natural step toward higher-level credentials including the AWS Certified DevOps Engineer – Professional and AWS Certified Solutions Architect – Professional. Compared to vendor-neutral developer certifications, the AWS Developer Associate carries stronger market specificity, particularly for organizations running workloads on AWS — which represents the majority of enterprise cloud deployments.
5 sample questions with answers and explanations. Start a practice session to test yourself across all 536 questions.
Preview — answers shown1. An asynchronous Lambda invocation fails after all of its automatic retries. The developer has configured an SQS queue as the function's On-Failure Destination. What will the SQS message contain?
Explanation
Lambda Destinations provide rich context about the invocation result. Why it's correct: When an event is sent to an On-Failure Destination, the payload is a JSON object containing details about the failed invocation. This includes the original event payload that caused the failure, information from the function's execution context, and details about the response from the function (including the error message and type). This gives you all the necessary information to debug or re-process the failed event. Why others are incorrect: The payload contains more than just the error message or a stack trace. It does not contain a direct link, but it does contain the request ID which can be used to find the logs.
2. An API is experiencing intermittent 504 Gateway Timeout errors. To get detailed information about the request's lifecycle, including the time taken by the backend, what should the operations team enable for the API stage?
Explanation
To effectively debug API issues, you need detailed logs and metrics. API Gateway provides enhanced observability features that you can enable on a per-stage basis. CloudWatch Access Logging and Detailed Metrics is the correct choice. Enabling detailed CloudWatch metrics provides granular data points like IntegrationLatency. Enabling Access Logging creates a log entry for every request, which can be customized to include details like the time taken, helping to pinpoint where the delay is occurring. Other options are incorrect because: A Canary Release is a deployment strategy. A Custom Domain Name is for branding. API Caching is a performance feature, not a primary debugging tool for timeouts.
3. The 'DataSafe' company needs to invalidate a specific user's profile from their ElastiCache for Redis cluster whenever the user updates their information in the primary RDS database. What is the most common and direct cache invalidation strategy?
Explanation
Cache invalidation is the process of removing or updating an item in the cache because its value has become stale. It is often described as one of the hard problems in computer science. Why it's correct: Explicitly deleting the cache key (the 'delete pattern') is a direct and reliable way to handle invalidation. When the application logic successfully updates the user's profile in the database, it should immediately send a command to delete that user's specific key from the cache. The next time the user's profile is requested, it will result in a 'cache miss', and the fresh data will be loaded from the database into the cache. Why others are incorrect: A short TTL for all keys is inefficient and would cause many unnecessary database reads. Restarting the cluster is a drastic, disruptive action. Waiting for eviction is not a reliable invalidation strategy.
4. A developer has packaged a new version of their application and needs to deploy it to an existing AWS Elastic Beanstalk environment. Which of the following represents a valid method for performing this deployment?
Explanation
Elastic Beanstalk provides several ways to update an environment with a new application version. Why it's correct: The AWS Management Console provides a straightforward, interactive way to manage deployments. The 'Upload and Deploy' button on an environment's dashboard allows you to directly upload your new application bundle (e.g., a .zip or .war file) and initiates the deployment process according to the environment's configured deployment policy. Why others are incorrect: The eb create command is used to create a new environment, not update an existing one. Terminating the environment is a destructive action and would cause significant downtime. Modifying .ebextensions is for configuring the resources within the environment, not for deploying the application code itself.
5. A central monitoring application runs in a 'Security' AWS account. This application needs to scan and describe resources in several 'Application' accounts. What is the MOST secure and manageable way to grant the monitoring application cross-account permissions?
Explanation
The standard, best-practice pattern for programmatic cross-account access is to use IAM roles and the AWS Security Token Service (STS). Why it's correct: This method avoids the use of long-lived credentials. You create a role in each target account that grants the necessary permissions and establishes a trust relationship with the central Security account. The application in the Security account can then call sts:AssumeRole to obtain temporary, limited-privilege credentials for the target account. This is secure, auditable, and easily managed. Why others are incorrect: Using S3 is an overly complex and indirect communication method. Deploying the application everywhere is not centralized and is hard to manage. Using long-lived access keys is a major security risk compared to temporary credentials from a role.
AWS Certified CloudOps Engineer - Associate (SOA-C03)
SOA-C03 · 2141 questions
AWS Certified SysOps Administrator - Associate (SOA-C02)
SOA-C02 · 2141 questions
AWS Certified Security - Specialty (SCS-C03)
SCS-C03 · 2069 questions
AWS Certified Generative AI Developer - Professional (AIP-C01)
AIP-C01 · 1978 questions
AWS Certified Advanced Networking - Specialty (ANS-C01)
ANS-C01 · 1453 questions
AWS Certified Data Engineer - Associate (DEA-C01)
DEA-C01 · 1120 questions
$17.99
One-time access to this exam