ExamTopics Logo
Mail Us[email protected]
Menu
Amazon Discussions
exam questions

Exam AWS-SysOps All Questions

View all questions & answers for the AWS-SysOps exam
Go to Exam

Exam AWS-SysOps topic 1 question 840 discussion

Exam question from Amazon's AWS-SysOps
Question #: 840
Topic #: 1
[All AWS-SysOps Questions]

A sysops administrator created an AWS Lambda function within a VPC with no access to the Internet. The Lambda function pulls messages from an Amazon SQS queue and stores them in an Amazon RDS instance in the same VPC. After executing the Lambda function, the data is not showing up on the RDS instance.
Which of the following are possible causes for this? (Choose two.)

  • A. A VPC endpoint has not been created for Amazon RDS
  • B. A VPC endpoint has not been created for Amazon SQS
  • C. The RDS security group is not allowing connections from the Lambda function
  • D. The subnet associated with the Lambda function does not have an internet gateway attached
  • E. The subnet associated with the Lambda function has a NAT gateway
Show Suggested Answer Hide Answer
Suggested Answer: BE 🗳️
by orebaron at Aug. 31, 2020, 11:05 p.m.
Disclaimers:
  • - ExamTopics website is not related to, affiliated with, endorsed or authorized by Amazon.
  • - Trademarks, certification & product names are used for reference only and belong to Amazon.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
ImranR
Highly Voted 2 years, 8 months ago
B & C...A is not correct because lambda and RDS is in the same VPC....
upvoted 11 times
...
kiev
Highly Voted 2 years, 8 months ago
I will go for BC. My reasoning is simple. No need for Internet connection and so that discount DE and there is nothing like VPC Endpoints for RDS. So BC for me.
upvoted 5 times
...
albert_kuo
Most Recent 11 months, 2 weeks ago
Selected Answer: BC
B. A VPC endpoint has not been created for Amazon SQS: If the Lambda function is attempting to pull messages from an Amazon SQS queue, it needs to have access to the SQS service. To achieve this within a VPC with no internet access, a VPC endpoint for SQS must be created. C. The RDS security group is not allowing connections from the Lambda function: By default, RDS instances have a security group that allows no inbound access from other resources within the VPC. If the Lambda function's security group is not explicitly allowed in the RDS security group's inbound rules, the Lambda function won't be able to connect to the RDS instance.
upvoted 1 times
...
gulu73
1 year, 5 months ago
Selected Answer: BC
I vote for B and C
upvoted 1 times
...
softarts
1 year, 11 months ago
BC for sure
upvoted 1 times
...
rb39
2 years, 8 months ago
A & C - "After executing the Lambda function, the data is not showing up on the RDS instance.", so the SNS -> Lambda stage actually worked That means SNS -> Lambda integration worked
upvoted 1 times
...
abhishek_m_86
2 years, 8 months ago
B. A VPC endpoint has not been created for Amazon SQS C. The RDS security group is not allowing connections from the Lambda function Seem correct
upvoted 4 times
...
kkdd
2 years, 8 months ago
B & C for me.
upvoted 3 times
...
anonymous1334232
2 years, 8 months ago
BC I'll go with
upvoted 2 times
...
jackdryan
2 years, 8 months ago
I'll go with B,C
upvoted 2 times
...
apwangzh
2 years, 8 months ago
to interact with sqs , you need to make api calls to sqs, such as https://sqs.eu-west-2.amazonaws.com/ , means an internet connection or a direct connect to the resource by vpc endpoint. So B,C
upvoted 3 times
...
weril
2 years, 8 months ago
BC for me. A - the RDS is an EC2 instance. B - https://stackoverflow.com/questions/35432272/aws-lambda-unable-to-access-sqs-queue-from-a-lambda-function-with-vpc-access/54338067#54338067 C - you have to provide sg at creation time to create RDS and it cannot be VPC default(which can be in this case - but let take a look that it's not default VPC, you need still sg)
upvoted 4 times
...
HeliosABC
2 years, 8 months ago
B, c is correct
upvoted 2 times
...
Newguru2020
2 years, 8 months ago
Ambiguous Question. Ans: A, B and C actually
upvoted 1 times
...
Polu
2 years, 8 months ago
A and B
upvoted 1 times
...
vob
2 years, 8 months ago
I don't think D or E as Lambda is not associated with a subnet, not even with an AZ. RDS and SQS both support interface endpoints: https://docs.aws.amazon.com/vpc/latest/userguide/integrated-services-vpce-list.html so could be A and B. But I think also C.
upvoted 2 times
PartlyCloudy
2 years, 8 months ago
There is nothing called VPC endpoint for RDS. VPC Endpoints are for services such as S3, Dynamo DB and other serverless things. So, B and C
upvoted 2 times
BKhan
2 years, 8 months ago
VPC Endpoint for RDS is available "com.amazonaws.us-east-1.rds" . As per my knowledge, the correct answers are A and C.
upvoted 1 times
Nish123_
2 years, 8 months ago
VPC Endpoint is available for RDS, however, in this condition, RDS is in the same VPC as Lambda. So, endpoint connection is not required.
upvoted 2 times
...
...
...
MegatonN
2 years, 8 months ago
you are right for A and B C: lambda connection is done directly to the endpoint point A. Must be ok if service endpoint exist
upvoted 1 times
...
...
zch
2 years, 8 months ago
Ans is B, C
upvoted 2 times
...
Load full discussion...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel