4.4.4. Tricky Distinctions & Common Pitfalls (Developer Focus)

First Principle: Nuanced understanding of seemingly similar services, and anticipating common misconfigurations from a developer's perspective, are critical for avoiding errors and building robust applications.

The AWS DVA-C02 exam tests nuanced understanding, often through distinguishing between similar services or common developer pitfalls.

Common Areas of Confusion (Developer Focus):

Lambda vs. Fargate: Both are serverless compute. Lambda for event-driven functions (max 15 min duration), Fargate for containers (longer-running, more control over runtime/libraries).
SQS vs. SNS: SQS for message queues (decoupling, one-to-one or one-to-many consumers polling). SNS for notifications (pub/sub, fan-out to multiple diverse subscribers).
DynamoDB Provisioned Capacity vs. On-Demand Capacity: Provisioned for predictable workloads (cost-effective if steady). On-Demand for unpredictable/spiky (simpler, higher unit cost).
DynamoDB Eventually Consistent Reads vs. Strongly Consistent Reads: Eventually consistent is faster/cheaper (may return stale data). Strongly consistent guarantees latest data (higher latency/cost).
CloudWatch Logs Insights vs. AWS X-Ray: Logs Insights for querying application logs (what happened?). X-Ray for tracing requests across distributed services (why it happened, bottlenecks?).
AWS Secrets Manager vs. AWS Systems Manager Parameter Store: Secrets Manager for rotating credentials, automatic rotation. Parameter Store for general configuration data, non-rotating secrets.
Common Pitfalls: Hardcoding credentials, overly permissive IAM policies, not handling Lambda cold starts for latency-sensitive applications, ignoring DynamoDB hot spots.

Scenario: You are presented with an exam question asking how to securely manage non-rotating application configuration values, and another asking to decouple application components for asynchronous processing. You're considering Secrets Manager vs. Parameter Store and SQS vs. SNS.

Key Service Comparisons

SQS Standard vs. SQS FIFO

Feature	SQS Standard	SQS FIFO
Ordering	Best-effort	Strict FIFO
Delivery	At-least-once (duplicates possible)	Exactly-once processing
Throughput	Nearly unlimited	300 msg/s (3,000 with batching)
Deduplication	None built-in	5-minute deduplication window
Use case	High throughput, order doesn't matter	Financial transactions, ordered processing

Cognito User Pools vs. Identity Pools

Feature	User Pools	Identity Pools
Purpose	Authentication (who are you?)	Authorization (what can you access?)
Output	JWT tokens (ID, Access, Refresh)	Temporary AWS credentials
Sign-in	Username/password, social, SAML	Federated from User Pool, social, SAML
Use case	Sign up/sign in for your app	Access S3, DynamoDB directly from client

DynamoDB GSI vs. LSI

Feature	Global Secondary Index	Local Secondary Index
Partition key	Different from base table	Same as base table
Sort key	Optional, any attribute	Required, different from base
When to create	Anytime	Table creation only
Consistency	Eventually consistent only	Eventually or strongly consistent
Capacity	Separate RCU/WCU	Shares base table capacity
Use case	Alternate access patterns	Alternate sort orders within same partition

CodeDeploy: In-Place vs. Blue/Green

Feature	In-Place	Blue/Green
How it works	Updates existing instances	Creates new instances, switches traffic
Downtime	Brief per instance	Zero (old env stays running)
Rollback	Redeploy previous version	Switch traffic back to old env
Cost	No extra instances	Double capacity during deploy
Supported by	EC2/On-premises only	EC2, ECS, Lambda

API Gateway: REST API vs. HTTP API

Feature	REST API	HTTP API
Cost	Higher	Up to 71% cheaper
Features	Full (caching, WAF, request validation, API keys)	Core (auth, CORS, integrations)
Auth	IAM, Cognito, Lambda authorizer	IAM, Cognito, JWT (native), Lambda
Use case	Full API management needed	Simple proxy to Lambda/HTTP backends

Written byAlvin Varughese•Founder•15 professional certifications