The AWS Certified Developer Associate (DVA-C02) exam puts more weight on serverless architectures than any other associate-level AWS exam, and the questions are harder than candidates expect. Roughly 32% of DVA-C02 questions touch Lambda, API Gateway, DynamoDB, Step Functions, EventBridge, or SQS, and the wording is dense with concurrency limits, IAM execution roles, deployment configurations, and event-source mapping subtleties. Candidates who pass the exam with strong scores almost universally over-prepare on serverless content. Candidates who fail almost universally under-prepare.
This deep dive walks through the serverless content that actually matters on DVA-C02, the question patterns AWS uses, the specific Lambda configurations that appear repeatedly, and how to study these topics in a way that translates into points on exam day. The exam contains 65 questions over 130 minutes with a 720 passing score, and serverless mastery is the most reliable lever for clearing it comfortably.
Why Serverless Dominates DVA-C02
AWS has shifted developer-facing tooling toward serverless aggressively since 2018. Lambda, the foundational service, processed over 10 trillion invocations per month across the AWS customer base by 2024 according to AWS re:Invent disclosures. Companies like Netflix, Capital One, Coca-Cola, and the iRobot Roomba fleet all run substantial Lambda workloads in production. The exam blueprint reflects this: Domain 1 (Development with AWS Services) is weighted 32%, and roughly two-thirds of that domain is serverless.
"Lambda is the default compute primitive for new applications at AWS. The Developer Associate exam tests whether you can pick it up quickly and avoid the traps that show up in real codebases: cold starts, throttling, IAM scope, and idempotency." -- Werner Vogels, CTO of Amazon
Cold start -- The latency penalty incurred when Lambda initializes a new execution environment for a function that has not been invoked recently. Reserved concurrency -- A Lambda configuration that guarantees a function can scale up to a defined number of concurrent executions while preventing it from exceeding that number. Provisioned concurrency -- Pre-warmed execution environments that eliminate cold starts at additional cost.
For broader exam strategy across all Developer Associate domains, see AWS Developer Associate Study Strategy: From Zero to Certified.
Lambda Concurrency Questions: The Highest-Yield Topic
Concurrency questions appear in nearly every DVA-C02 exam. They are dense, they require math, and they are where unprepared candidates lose points fastest. The exam tests three concurrency concepts: account-level concurrency limits, reserved concurrency, and provisioned concurrency.
The default account concurrency limit is 1000 concurrent executions per region, raisable via support ticket. This number appears repeatedly in questions. A function without reserved concurrency draws from this shared pool. A function with reserved concurrency carves out a dedicated slice that cannot be consumed by other functions and cannot exceed its reservation.
A typical DVA-C02 scenario: an account has 10 functions, total reserved concurrency assigned across them is 600, and an 11th function without reserved concurrency suddenly receives 800 concurrent triggers. How many can execute? The answer is 400, because the 600 reserved is unavailable to the unreserved function, leaving 1000 - 600 = 400 from the shared pool.
The exam also tests:
- Throttling behavior when reserved concurrency is set to zero (effectively disables the function)
- Provisioned concurrency cost vs cold start tradeoff for latency-sensitive APIs
- Burst concurrency limits, which vary by region (typically
500-3000initial burst before scaling at 500 per minute) - The interaction between Lambda and downstream service throttling (DynamoDB, RDS Proxy)
Idempotency and Retry Logic
Lambda retries failed asynchronous invocations twice by default. SQS-triggered Lambdas redrive based on the queue's redrive policy, not Lambda's. EventBridge Scheduler retries with exponential backoff up to 24 hours by default. Candidates often confuse these retry models.
The exam asks idempotency questions in scenarios involving payment processing, inventory updates, and email sending. The right architectural answer almost always involves a DynamoDB table with a conditional PutItem to track processed event IDs. Capital One has publicly documented this pattern in their open-source idempotency libraries.
Event Source Mapping: Where Candidates Lose Points
Event source mapping connects Lambda to streaming and queue-based event sources: Kinesis Data Streams, DynamoDB Streams, SQS, MSK (Managed Kafka), and self-managed Kafka. The mappings have subtle differences that the exam tests directly.
| Event Source | Order Guaranteed | Batch Size Max | Failure Behavior |
|---|---|---|---|
| Kinesis Data Streams | Per shard | 10,000 records | Retries until success or expiry |
| DynamoDB Streams | Per partition key | 10,000 records | Retries until success or expiry |
| SQS Standard | No | 10,000 messages | Returns to queue after visibility timeout |
| SQS FIFO | Per message group | 10 messages | Returns to queue, blocks group |
| MSK / Kafka | Per partition | 10,000 records | Retries with checkpoint |
The exam frequently asks: a Lambda processing a Kinesis stream is failing on a poison-pill record and blocking shard progress. What configuration fixes it? The correct answer involves either BisectBatchOnFunctionError, a configured maximum retry count, or a destination on failure (DLQ or EventBridge). Candidates who do not memorize these options miss the question.
"Event source mapping is where AWS gates whether you actually understand serverless. The questions feel detail-heavy because they are: in production, these details are the difference between a working pipeline and a 3 a.m. page." -- Stephane Maarek, AWS instructor and Udemy bestselling author
Poison-pill record -- A message in a stream or queue that consistently causes the consumer Lambda to fail, blocking progress until handled or moved to a dead-letter queue. Dead-letter queue (DLQ) -- An SQS queue or SNS topic configured to receive messages that exceed retry limits, allowing later analysis and reprocessing.
For broader question-reading patterns across AWS exams, see AWS Exam Question Patterns: How to Read Scenarios Correctly.
API Gateway and Lambda Integration
API Gateway integrations with Lambda appear in roughly 8-10 questions on any given DVA-C02 exam. The two integration modes -- proxy and non-proxy (custom) -- behave differently and the exam tests the difference.
In proxy integration, API Gateway passes the entire request as a JSON event to Lambda and expects a specific response shape: { "statusCode": 200, "body": "...", "headers": {...} }. In non-proxy integration, you write mapping templates in Apache Velocity Template Language (VTL) to transform requests and responses.
The exam tests:
- Which mode supports the request validator (both, but proxy auto-validates schema only with extra config)
- CORS configuration: where to set headers (the function for proxy, mapping template for non-proxy)
- Caching: enabled at stage level, configurable per method, with TTL up to 3600 seconds
- Throttling: account-level default of
10,000requests per second, configurable per method - Authorizer types: IAM, Cognito User Pools, Lambda authorizer (token vs request), and API keys with usage plans
Lambda Authorizers
Lambda authorizers are a frequent question topic. A token authorizer receives the bearer token in the request and returns an IAM policy. A request authorizer receives the entire request context. Both can cache policies for up to 3600 seconds, keyed by the token or by a custom identity source.
A common scenario: an API behind Lambda authorizer has unpredictable latency, with intermittent slow first requests followed by fast subsequent requests. The cause and fix? The authorizer cache TTL is set too low or to zero, forcing re-evaluation. Setting cache TTL appropriately resolves it. iRobot's Roomba telemetry pipeline famously uses Lambda authorizers with long cache TTLs to keep p99 latency low across millions of devices.
Step Functions, EventBridge, and SQS Patterns
Beyond Lambda itself, three orchestration services appear consistently:
- Step Functions for workflow orchestration with Standard (long-running, exactly-once) and Express (high-volume, at-least-once) modes
- EventBridge for event-driven routing with rule patterns, schemas, and cross-account event buses
- SQS for decoupling, with Standard (high throughput, at-least-once) and FIFO (ordered, exactly-once) queues
Step Functions questions test state types: Task, Choice, Wait, Parallel, Map, Pass, Succeed, Fail. The Map state in particular is tested for parallel processing of arrays. Express workflows cost less and run faster but cannot exceed five-minute total duration -- a frequent exam constraint.
EventBridge questions test:
- Rule pattern matching syntax (JSON-based, supports prefix and exists operators)
- Default vs custom event buses
- Cross-account routing via permissions on the target bus
- Schedule expressions:
rate()andcron()with their specific syntax differences
SQS questions test visibility timeout, message retention (default 4 days, max 14), long polling (up to 20 seconds), and the difference between deletion behavior in Standard vs FIFO. Long polling reduces empty receive cost and is almost always the correct answer when the question mentions "reduce API calls" or "improve cost efficiency."
"If you cannot draw the difference between SQS visibility timeout and message retention period on a whiteboard, you are not ready for the Developer Associate exam. Both appear in nearly every test session." -- Adrian Cantrill, AWS instructor and former AWS Specialist Solutions Architect
Deployment, Versioning, and Aliases
Lambda deployment questions are the second-largest serverless category after concurrency. The exam tests:
- The difference between
$LATEST, numbered versions, and aliases - Traffic shifting via aliases with weighted routing (e.g., 90/10 between v1 and v2)
- CodeDeploy deployment configurations:
Canary10Percent5Minutes,Linear10PercentEvery1Minute,AllAtOnce - SAM template syntax for Lambda resources
- Environment variables and AWS Systems Manager Parameter Store integration
A typical question presents a Lambda update going to production and asks for the safest deployment pattern. The correct answer almost always involves CodeDeploy with a canary configuration plus a CloudWatch alarm tied to automatic rollback. AWS published this pattern as part of their Well-Architected Framework's operational excellence pillar, and the exam mirrors that guidance.
IAM Execution Roles vs Resource Policies
Lambda has two distinct IAM concepts that the exam tests separately:
- The execution role that Lambda assumes when running, defining what AWS resources the function can access
- The resource-based policy on the function itself, defining which principals can invoke it
A scenario: an S3 bucket triggers a Lambda but the invocation fails. The fix could be either side. If the Lambda lacks s3:GetObject permission, fix the execution role. If S3 lacks lambda:InvokeFunction permission via the function's resource policy, fix the resource policy. The exam expects you to identify which side is broken from the error message in the question.
For deeper IAM coverage, see AWS IAM Policies and Cross-Account Access: The Exam-Critical Patterns.
Study Plan Specific to Serverless
A focused 3-week serverless study plan within a broader 8-week DVA-C02 schedule:
- Week 1: Lambda fundamentals -- handler signatures in Node.js and Python, environment variables, layers, runtimes, the execution model. Build five small functions in your AWS Free Tier account.
- Week 2: Concurrency, event sources, and error handling -- configure reserved and provisioned concurrency, wire Lambda to SQS and Kinesis, test DLQ behavior, deliberately cause throttling.
- Week 3: Orchestration and deployment -- write a Step Functions state machine with Map and Choice states, deploy via SAM with CodeDeploy canary, configure an EventBridge rule with cross-account target.
Each week, take a 20-question topic quiz on serverless from Tutorials Dojo or Stephane Maarek's practice tests. Score yourself, review wrong answers, and rebuild the failing pattern in your AWS account. This hands-on loop is what separates 70% candidates from 85% candidates.
| Serverless Topic | Frequency on DVA-C02 | Difficulty | Study Priority |
|---|---|---|---|
| Lambda concurrency | High (5-7 questions) | High | Top priority |
| Event source mapping | High (4-6 questions) | High | Top priority |
| API Gateway integration | High (4-6 questions) | Medium | High |
| Step Functions states | Medium (2-4 questions) | Medium | Medium |
| EventBridge patterns | Medium (2-3 questions) | Medium | Medium |
| Lambda deployment / aliases | High (3-5 questions) | Medium | High |
| SQS / SNS basics | Medium (2-4 questions) | Low | Medium |
| Lambda authorizers | Medium (1-3 questions) | High | Medium |
See also: AWS Free Tier Labs to Prepare for Any AWS Exam, AWS S3 Storage Classes Explained for Solutions Architect Associate Candidates, Practice Question Banks That Actually Help.
Common DVA-C02 Serverless Traps
A short list of traps that appear repeatedly:
- Confusing Lambda's destination on failure with a DLQ -- destinations support both success and failure routing, DLQs only handle failures
- Assuming Lambda environment variables are encrypted automatically -- they are encrypted at rest by AWS but you must enable encryption-in-transit and KMS customer key for sensitive values
- Forgetting that Lambda timeout maximum is
15 minutes-- long-running tasks need Step Functions, ECS, or Batch - Mixing up SQS visibility timeout and Lambda function timeout -- SQS visibility timeout should be at least six times the Lambda timeout per AWS guidance
- Treating provisioned concurrency as a free fix for cold starts -- it costs significantly more than on-demand and only makes sense for latency-sensitive APIs
The trap pattern AWS uses most often is offering an answer that is technically correct but operationally worse. Most cost-effective, least operational overhead, and minimum changes to existing code are the three qualifiers that flip the right answer.
Two more traps that commonly cost candidates points: confusing the Lambda runtime API with the AWS SDK (the runtime API handles invocation lifecycle, the SDK calls AWS services from inside the function), and forgetting that Lambda inside a VPC requires either a NAT Gateway or VPC endpoints for outbound AWS API calls. Tim Wagner, the original General Manager of AWS Lambda and now founder of Vendia, has often noted that VPC-attached Lambdas are the single most common production misconfiguration he sees, and the exam tests this directly with scenarios involving RDS access from Lambda.
A final exam-specific note: when a question asks how to reduce Lambda costs, the right answer is almost never "switch to EC2." It is one of: reduce memory allocation if the function is not CPU-bound, reduce timeout to fail-fast on hangs, use ARM-based Graviton2 runtime for 20% cost savings, or move heavy initialization out of the handler to amortize across invocations within a warm container. Each of these patterns shows up in at least one practice test bank with slightly varied wording, and recognizing them quickly during the live exam saves valuable seconds for the harder questions later in the section.
References
- Amazon Web Services. AWS Certified Developer - Associate (DVA-C02) Exam Guide. AWS Training and Certification, 2024.
- Amazon Web Services. AWS Lambda Developer Guide. docs.aws.amazon.com/lambda, 2024.
- Vogels, Werner. All Things Distributed: 10 Lessons from 10 Years of AWS Lambda. AWS re:Invent Keynote, 2024.
- Maarek, Stephane. Ultimate AWS Certified Developer Associate DVA-C02. Udemy / Packt Publishing, 2024.
- Cantrill, Adrian. AWS Certified Developer Associate Learn Cantrill Course Notes. learn.cantrill.io, 2024.
- Sbarski, Peter. Serverless Architectures on AWS, Second Edition. Manning Publications, 2022.
- Capital One Engineering Blog. Idempotency Patterns for Distributed Systems. medium.com/capital-one-tech, 2023.