A Lambda function must execute a query against an Amazon RDS database in a private subnet
Which steps are required to allow the Lambda function to access the Amazon RDS database? (Select two.)
A. Create a VPC Endpoint for Amazon RDS.
B. Create the Lambda function within the Amazon RDS VPC.
C. Change the ingress rules of Lambda security group, allowing the Amazon RDS security group.
D. Change the ingress rules of the Amazon RDS security group, allowing the Lambda security group.
E. Add an Internet Gateway (IGW) to the VPC, route the private subnet to the IGW.
A legacy application running in premises requires a Solutions Architect to be able to open a firewall to allow access to several Amazon S3 buckets. The Architect has a VPN connection to AWS in place.
How should the Architect meet this requirement?
A. Create an 1AM role that allows access from the corporate network to Amazon S3.
B. Configure a proxy on Amazon EC2 and use an Amazon S3 VPC endpoint
C. Use Amazon API Gateway to do IP whitelisting.
D. Configure IP whitelisting on the customer’s gateway.
A Solutions Architect is designing a highly-available website that is served by multiple web servers hosted outside of AWS. If an instance becomes unresponsive, the Architect needs to remove it from the rotation.
What is the MOST efficient way to fulfill this requirement?
A. Use Amazon CloudWatch to monitor utilization.
B. Use Amazon API Gateway to monitor availability.
C. Use an Amazon Elastic Load Balancer.
D. Use Amazon Route 53 health checks.
A Security team reviewed their company’s VPC Flow Logs and found that traffic is being directed to the internet The application in the VPC uses Amazon EC2 instances for compute and Amazon S3 for storage. The company’s goal is to eliminate internet access and allow the application to continue to function.
What change should be made in the VPC before updating the route table?
A. Create a NAT gateway for Amazon S3 access
B. Create a VPC endpoint for Amazon S3 access
C. Create a VPC endpoint for Amazon EC2 access
D. Create a NAT gateway for Amazon EC2 access
A company is writing a new service running on Amazon EC2 that must create thumbnail images of thousands of images in a large archive. The system will write scratch data to storage during the process.
Which storage service is best suited for this scenario?
A. EC2 instance store
B. Amazon EFS
C. Amazon CloudSearch
D. Amazon EBS Throughput Optimized HDD (st1)
A company’s Amazon RDS MySQL DB instance may be rebooted for maintenance and to apply patches. This database is critical and potential user disruption must be minimized.
What should the Solution Architect do in this scenario?
A. Set up an RDS MySQL cluster
B. Create an RDS MySQL Read Replica.
C. Set RDS MySQL to Multi-AZ.
D. Create an Amazon EC2 instance MySQL cluster.
A Solutions Architect is reviewing an-application that writes data to an Amazon DynamoDB table on a daily basis Random table roads occur many times per second. The company needs to allow thousands of low latency roods and avoid any negative impact to the rest of the application.
What should the Solutions Architect do to meets the company’s goals?
A. A Use DynamoDB Accelerator to cache reads
B. DynamoDB write capacity units
C. Add Amazon SQS to decouple requests
D. Implement Amazon Kinesis to decouple requests
Q261. B呀，VPC endpoint是用来访问S3用的，算是创建了一条私有网络
Q280. 这题不太确定，但是我会选择D，因为是large archive这么多图片文件，HDD便宜；而Instance Store存文件很容易丢失，文中也没有对速度有要求。
Q294. A，文中写了需要上千个低延迟的读（文中的roods应该是reads吧？），用DAX（DynamoDB Accelerator）比较合适
Q280 选A吧。 临时文件，
280.我觉得是A，临时文件不需要存储到HDD，而且缩略图存到ec2 instance store读取会更快，更符合实际应用场景。
哎呀，回复话题必需登录。 Login here