Solutions Architect Associate (Page 67)

A company has an application that calls AWS Lambda functions.A code review shows that database credentials are stored in a Lambda function’s source code, which violates the company’s security policy.The credentials must be securely stored and must be automatically rotated on an ongoing basis to meet security policy requirements.What should a solutions architect recommend to meet these requirements in the MOST secure manner?Read More →

A weather forecasting company collects temperature readings from various sensors on a continuous basis.An existing data ingestion process collects the readings and aggregates the readings into larger Apache Parquet files.Then the process encrypts the files by using client-side encryption with KMS managed keys (CSE-KMS).Finally, the process writes the files to an Amazon S3 bucket with separate prefixes for each calendar day.The company wants to run occasional SQL queries on the data to take sample moving averages for a specific calendar day.Which solution will meet these requirements MOST cost-effectively?Read More →

A company is managing health records on-premises.The company must keep these records indefinitely, disable any modifications to the records once they are stored, and granularly audit access at all levels.The chief technology officer (CTO) is concerned because there are already millions of records not being used by any application, and the current infrastructure is running out of space.The CTO has requested a solutions architect design a solution to move existing data and support future records.Which services can the solutions architect recommend to meet these requirements?Read More →

A company wants to isolate its workloads by creating an AWS account for each workload.The company needs a solution that centrally manages networking components for the workloads.The solution also must create accounts with automatic security controls (guardrails).Which solution will meet these requirements with the LEAST operational overhead?Read More →

A company wants to use Amazon S3 for the secondary copy of its on-premises dataset.The company would rarely need to access this copy.The storage solution’s cost should be minimal.Which storage solution meets these requirements?Read More →

A company wants to create an Amazon EMR cluster that multiple teams will use.The company wants to ensure that each team’s big data workloads can access only the AWS services that each team needs to interact with.The company does not want the workloads to have access to Instance Metadata Service Version 2 (IMDSv2) on the cluster’s underlying EC2 instances.Which solution will meet these requirements?Read More →

A company’s operations team has an existing Amazon S3 bucket configured to notify an Amazon SQS queue when new objects are created within the bucket.The development team also wants to receive events when new objects are created.The existing operations team workflow must remain intact.Which solution would satisfy these requirements?Read More →

A company uses Amazon S3 to host its static website.The company wants to add a contact form to the webpage.The contact form will have dynamic server-side components for users to input their name, email address, phone number, and user message.The company expects fewer than 100 site visits each month.The contact form must notify the company by email when a customer fills out the form.Which solution will meet these requirements MOST cost-effectively?Read More →

An application runs on Amazon EC2 instances in private subnets.The application needs to access an Amazon DynamoDB table.What is the MOST secure way to access the table while ensuring that the traffic does not leave the AWS network?Read More →

A company runs an application on Amazon EC2 instances in a private subnet.The application needs to store and retrieve data in Amazon S3 buckets.According to regulatory requirements, the data must not travel across the public internet.What should a solutions architect do to meet these requirements MOST cost-effectively?Read More →