ExamTopics Logo
Mail Us[email protected]
Menu
Amazon Discussions
exam questions

Exam AWS Certified Solutions Architect - Professional SAP-C02 All Questions

View all questions & answers for the AWS Certified Solutions Architect - Professional SAP-C02 exam
Go to Exam

Exam AWS Certified Solutions Architect - Professional SAP-C02 topic 1 question 446 discussion

Exam question from Amazon's AWS Certified Solutions Architect - Professional SAP-C02
Question #: 446
Topic #: 1
[All AWS Certified Solutions Architect - Professional SAP-C02 Questions]

A company uses AWS Organizations to manage its development environment. Each development team at the company has its own AWS account. Each account has a single VPC and CIDR blocks that do not overlap.

The company has an Amazon Aurora DB cluster in a shared services account. All the development teams need to work with live data from the DB cluster.

Which solution will provide the required connectivity to the DB cluster with the LEAST operational overhead?

  • A. Create an AWS Resource Access Manager (AWS RAM) resource share for the DB cluster. Share the DB cluster with all the development accounts.
  • B. Create a transit gateway in the shared services account. Create an AWS Resource Access Manager (AWS RAM) resource share for the transit gateway. Share the transit gateway with all the development accounts. Instruct the developers to accept the resource share. Configure networking.
  • C. Create an Application Load Balancer (ALB) that points to the IP address of the DB cluster. Create an AWS PrivateLink endpoint service that uses the ALB. Add permissions to allow each development account to connect to the endpoint service.
  • D. Create an AWS Site-to-Site VPN connection in the shared services account. Configure networking. Use AWS Marketplace VPN software in each development account to connect to the Site-to-Site VPN connection.
Show Suggested Answer Hide Answer
Suggested Answer: B 🗳️
by CMMC at March 19, 2024, 5:19 a.m.
Disclaimers:
  • - ExamTopics website is not related to, affiliated with, endorsed or authorized by Amazon.
  • - Trademarks, certification & product names are used for reference only and belong to Amazon.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
matheusrdo
Highly Voted 1 year, 2 months ago
Selected Answer: B
The question asks about working with live data and providing CONNECTIVITY to the DB cluster. B is the correct as it provides both
upvoted 10 times
...
pangchn
Highly Voted 1 year, 2 months ago
Selected Answer: B
B I originally chose A since I thoughtAurora DB cluster is sharable https://docs.aws.amazon.com/ram/latest/userguide/shareable.html#shareable-aur But as Verri mentioned, with that share, it only allow you to CLONE the db rather than use it as live https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/Aurora.Managing.Clone.html#Aurora.Managing.Clone.Cross-Account
upvoted 9 times
...
AzureDP900
Most Recent 7 months, 1 week ago
Creating a transit gateway (Option B) can be an effective way to provide connectivity to your Amazon Aurora DB cluster while minimizing operational overhead.
upvoted 1 times
...
vip2
11 months, 2 weeks ago
Selected Answer: B
for live data, it should be B
upvoted 1 times
...
red_panda
1 year, 1 month ago
Selected Answer: A
For me it's A. We need to use the RAM only for the Aurora DB. We don't need to peer the VPCs with TransitGateway. Also less ops effort is option A. So Option B is unuseful complicated.
upvoted 1 times
...
titi_r
1 year, 1 month ago
Selected Answer: B
Correct ans "B".
upvoted 3 times
...
spencer_sharp
1 year, 2 months ago
Selected Answer: A
Seemed A since B requires a lot setup work
upvoted 1 times
...
mav3r1ck
1 year, 2 months ago
Selected Answer: A
LEAST operational overhead is "A". You can share DB Cluster. https://docs.aws.amazon.com/ram/latest/userguide/shareable.html#shareable-aur
upvoted 1 times
c22ddd8
11 months, 2 weeks ago
Live data is catch here, A is for clone
upvoted 1 times
...
...
VerRi
1 year, 2 months ago
Selected Answer: B
A: Sharing DB cluster with RAM allows you to CLONE a shared, centrally managed DB cluster C: PrivateLink needs NLB not ALB D: WTF
upvoted 7 times
...
pangchn
1 year, 2 months ago
Selected Answer: A
I will go for A as the ref link provided by JOKERO if not, the transit gateway would be ideal too.
upvoted 1 times
c22ddd8
11 months, 2 weeks ago
Live data is catch here, A is for clone
upvoted 1 times
...
...
gustori99
1 year, 3 months ago
Selected Answer: B
C is wrong because for Private Link you need to use NLB not ALB. Correct answer is B.
upvoted 5 times
...
JOKERO
1 year, 3 months ago
Selected Answer: A
https://docs.aws.amazon.com/ram/latest/userguide/shareable.html#shareable-aur
upvoted 4 times
...
txxxxxf
1 year, 3 months ago
Selected Answer: B
AWS PrivateLink requires an NLB (Network Load Balancer). Since the question mentions that IP addresses should not overlap, sharing via Transit Gateway might be a good approach.
upvoted 6 times
...
CMMC
1 year, 3 months ago
Selected Answer: C
Utilizing AWS PrivateLink to enable private connectivity between VPCs without the need for public IP addresses or internet gateways. Creating an ALB pointing to the DB cluster's IP address and then creating a PrivateLink endpoint service that uses the ALB allows each development account to securely connect to the DB cluster. This approach minimizes operational overhead and simplifies network connectivity.
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel