Solutions Architect Professional (Page 43)

A company uses AWS Organizations to manage multiple AWS accounts.The accounts share an Amazon Simple Queue Service (Amazon SQS) queue.The SQS queue is also shared with other AWS accounts outside the organization.All internal and external accounts have access to send and receive messages according to a permissions policy that is attached to the SQS queue.The company wants to identify any external principals that have access to the SQS queue.How should a solutions architect meet this requirement?Read More →

A company needs to deploy its document storage application across two AWS Regions.The company is storing PDF documents that have an average file size of 512 KiB and a minimum file size of 200 KiB.The company needs protection for accidental document overwrites in the primary Region.The secondary Region must have cost-optimized storage.The company needs a solution that provides an SLA of 99.99% that files will be replicated to the secondary Region within 15 minutes.Which solution will meet these requirements?Read More →

A company is deploying a new cluster for big data analytics on AWS.The cluster will run across many Linux Amazon EC2 instances that are spread across multiple Availability Zones.All of the nodes in the cluster must have read and write access to common underlying file storage.The file storage must be highly available, must be resilient, must be compatible with the Portable Operating System Interface (POSIX), and must accommodate high levels of throughput.Which storage solution will meet these requirements?Read More →

A company is running an application on Amazon EC2 instances in the AWS Cloud.The application is using a MongoDB database with a replica set as its data tier.The MongoDB database is installed on systems in the company’s on-premises data center and is accessible through an AWS Direct Connect connection to the data center environment.A solutions architect must migrate the on-premises MongoDB database to Amazon DocumentDB (with MongoDB compatibility).Which strategy should the solutions architect choose to perform this migration?Read More →

A company has an application that uses Amazon EC2 instances in an Auto Scaling group.The Quality Assurance (QA) department needs to launch a large number of short-lived environments to test the application.The application environments are currently launched by the Manager of the department using an AWSCloudFormation template.To launch the stack, the Manager uses a role with permission to use CloudFormation, EC2, and Auto Scaling APIs.The Manager wants to allow testers to launch their own environments, but does not want to grant broad permissions to each user.Which set up would achieve these goals?Read More →

A company has several teams, and each team has their own Amazon RDS database that totals 100 TB.The company is building a data query platform forBusiness Intelligence Analysts to generate a weekly business report.The new system must run ad-hoc SQL queries.What is the MOST cost-effective solution?Read More →

A company has a website that enables users to upload videos.Company policy states the uploaded videos must be analyzed for restricted content.An uploaded video is placed in Amazon S3, and a message is pushed to an Amazon SQS queue with the video’s location.A backend application pulls this location fromAmazon SQS and analyzes the video.The video analysis is compute-intensive and occurs sporadically during the day.The website scales with demand.The video analysis application runs on a fixed number of instances.Peak demand occurs during the holidays, so the company must add instances to the application during this time.All instances used are currently on-demand Amazon EC2 T2 instances.The company wants to reduce the cost of the current solution.Which of the following solutions is MOST cost-effective?Read More →

A company has an internal AWS Elastic Beanstalk worker environment inside a VPC that must access an external payment gateway API available on an HTTPS endpoint on the public internet.Because of security policies, the payment gateway’s Application team can grant access to only one public IP address.Which architecture will set up an Elastic Beanstalk environment to access the company’s application without making multiple changes on the company’s end?Read More →

A company is currently using AWS CodeCommit for its source control and AWS CodePipeline for continuous integration.The pipeline has a build stage for building the artifacts, which is then staged in an Amazon S3 bucket.The company has identified various improvement opportunities in the existing process, and a Solutions Architect has been given the following requirements:✑ Create a new pipeline to support feature development✑ Support feature development without impacting production applications✑ Incorporate continuous testing with unit tests✑ Isolate development and production artifacts✑ Support the capability to merge tested code into production code.How should the Solutions Architect achieve these requirements?Read More →

A company has deployed an application to multiple environments in AWS, including production and testing.The company has separate accounts for production and testing, and users are allowed to create additional application users for team members or services, as needed.The Security team has asked the Operations team for better isolation between production and testing with centralized controls on security credentials and improved management of permissions between environments.Which of the following options would MOST securely accomplish this goal?Read More →