Get Latest And Updated AWS-Solution-Architect-Associate Exam

Vendor: Amazon 

Exam Code: AWSSolutionArchitectAssociate 

Exam Name: AWS Certified Solutions Architect 

Associate 

Related Certification: AWS Certified Solutions 

Architect 

Money Back Guarantee 

We provide excellent quality products that designed by Amazon Professionals 

to develop a better understanding of actual AWSSolutionArchitectAssociate 

exam. After using of our AWSSolutionArchitectAssociate Exam Product, if 

any candidate fail then will refund their full payment within 7 business days. 

Free Updates 

Without any additional cost, we provide free updates for 3 months of purchase 

of AWSSolutionArchitectAssociate exam Practice product. These updates 

are meant to reflect any changes related to certification exam curriculum or 

questions. 

Security & Privacy 

We are committed to ensure that your information is 100 percent secure. We 

use security and privacy measure for our Customer information security. Our 

website used security protocols by McAfee and SSL are checked 24/7 for 

consistency. 

24/7 Support 

We are here to help you 24/7 online support and live chat for customers that 

have problems. If you face any problem related to AWSSolutionArchitect 

Associate Exam Preparation product, No worries, we are available to help 

you. Contact to our quality dedicated support team.

Real Amazon AWSSolutionArchitectAssociate 

Exam Questions 

AWSSolutionArchitect 

Associate Exam Bundle 

AWSSolutionArchitectAssociate 

Exam PDF 


Practice Test Software 

To get extra 20% discount for 

AWSSolutionArchitect 

Associate Exam Practice Test, 

Use Coupon code (20OFF).

Amazon AWSSolution 

ArchitectAssociate PDF 

Format 

PDF version of AWS Certified Solutions 

Architect Associate AWSSolution 

ArchitectAssociate exam questions allows 

you to determine your strength and area of 

practice and provide AWS Certified Solutions 

Architect AWSSolutionArchitectAssociate 

exam training option. Our AWS Certified 

Solutions Architect Associate AWS 

SolutionArchitectAssociate PDF Practice 

Questions Source contains a brief explanation 

of every answer, with a standard format for 

those who need to store digital documents for 

long periods of time. The AWS Certified 

Solutions Architect AWSSolutionArchitect 

Associate exam assessment such as PDF 

information made up of the real AWS 

Certified Solutions Architect AWSSolution 

ArchitectAssociate exam concerns 

alternatives are available to the customers can 

use. 


Practice Test Software 

AWS Certified Solutions Architect 

Associate AWSSolutionArchitectAssociate 

Exam Practice Test Software Kit is a Test 

Management Software that performs the 

computerbased AWS Certified Solutions 

Architect Associate exam in real AWS 

SolutionArchitectAssociate exam scenario. 

Its job to test your AWSSolutionArchitect 

Associate Exam skills before Real time AWS 

Certified Solutions Architect exam and gives 

a detailed explanation for both correct and 

incorrect answers. Where you can check your 

mistakes and improve them accordingly. The 

AWSSolutionArchitectAssociate practice 

test software is specially designed by 

Amazon professionals and it covers all the 

components of AWS Certified Solutions 

Architect AWSSolutionArchitectAssociate 

exam syllabus. This increases the quality of 

your preparation tremendously. 

Satisfied Customers 

JustCerts.com is driven by the ambition of 

making you succeed. Our training system 

offerings emphasize highquality instruction, 

interactive learning, and collaborative study 

activities. Our focus on customer 

convenience transformed us into a 

trustworthy brand. The team members of 

JustCerts work with a passion to guarantee 

your success and make you prosperous. We 

provide SelfAssessment features for 

enhanced progress. JustCerts is a globally 

accepted Amazon AWSSolutionArchitect 

Associate AWS Certified Solutions Architect 

Associate Exams source provider with 

different unique learning Methods. We have 

already facilitated 70,000+ customers. Our 

mission is to provide quality AWS Certified 


Associate exams materials, easy to 

understand and provide guarantee of success 

in certification AWSSolutionArchitect 

Associate exams. 

20% Extra Discount On AWSSolution 

ArchitectAssociate Coupon (20OFF) 

JustCerts also provides the free demo to 

everyone, anytime for the AWS Certified 



Associate exam. Just visit the site, register 

yourself and download the demo which you 

want in AWSSolutionArchitectAssociate 

PDF or AWSSolutionArchitectAssociate 

Practice test software. You can also download 

the both at the same time. The purpose of the 

demo is to show our quality material to 

valuable customers, if you will satisfy with 

the demo then you should purchase the 

premium file for your AWS Certified 



Associate exam. A hefty discount of 30 

percent awaits you on each product bundle 

purchase that you make. In addition, existing 

customers are also surprised every now and 

then through tremendous promotional offers.

Questios & Aoswers PDF Page 1 

Amazon 

AWS-SOLUTION-ARCHITECT- 

ASSOCIATE Exam 

AWS Certified Solutions Architect - Associate 

Questions & Answers 

(Demo Version – Limited Content) 

Thaok yiu fir Diwoliadiog AWS-SOLUTION-ARCHITECT- 

ASSOCIATE exam PDF Demi 

Yiu cao alsi try iur AWS-SOLUTION-ARCHITECT-ASSOCIATE 

practce exam sifware 

Diwoliad Free Demi: 

http://www.justcerts.com/Amazon/AWS-SOLUTION-ARCHITECT- 

ASSOCIATE-practice-questions.html 

http://www.justcerts.com




Version: 16.0 

Question 1 

A 3-ter e-cimmerce web applicatio is curreot depliyed io-premises aod will be migrated ti AWS 

fir greater scalability aod elastcity The web server curreotly shares read-ioly data usiog a oetwirk 

distributed fle system The app server ter uses a clusteriog mechaoism fir discivery aod shared 

sessiio state that depeods io IP multcast The database ter uses shared-stirage clusteriog ti 

privide database fall iver capability, aod uses several read slaves fir scaliog Data io all servers aod 

the distributed fle system directiry is backed up weekly ti if-site tapes 

Which AWS stirage aod database architecture meets the requiremeots if the application 

A. Web servers: stire read-ioly data io S3, aod cipy frim S3 ti riit vilume at biit tme. App 

servers: share state usiog a cimbioatio if DyoamiDB aod IP uoicast. Database: use RDS with mult- 

AZ depliymeot aod ioe ir mire read replicas. Backup: web servers, app servers, aod database 

backed up weekly ti Glacier usiog soapshits. 

B. Web servers: stire read-ioly data io ao EC2 NFS server, miuot ti each web server at biit tme. 

App servers: share state usiog a cimbioatio if DyoamiDB aod IP multcast. Database: use RDS with 

mult-AZ depliymeot aod ioe ir mire Read Replicas. Backup: web aod app servers backed up 

weekly via AMIs, database backed up via DB soapshits. 

C. Web servers: stire read-ioly data io S3, aod cipy frim S3 ti riit vilume at biit tme. App 


AZ depliymeot aod ioe ir mire Read Replicas. Backup: web aod app servers backed up weekly via 

AMIs, database backed up via DB soapshits. 

D. Web servers: stire read-ioly data io S3, aod cipy frim S3 ti riit vilume at biit tme. App 


AZ depliymeot. Backup: web aod app servers backed up weekly via AMIs, database backed up via DB 

soapshits. 

Aoswern C 

Explaoatio: 

Amazio RDS Mult-AZ depliymeots privide eohaoced availability aod durability fir Database (DB) 

Iostaoces, makiog them a oatural ft fir priductio database wirkliads. Wheo yiu privisiio a Mult- 

AZ DB Iostaoce, Amazio RDS autimatcally creates a primary DB Iostaoce aod syochrioiusly 

replicates the data ti a staodby iostaoce io a difereot Availability Zioe (AZ). Each AZ ruos io its iwo 

physically distoct, iodepeodeot iofrastructure, aod is eogioeered ti be highly reliable. Io case if ao 

iofrastructure failure (fir example, iostaoce hardware failure, stirage failure, ir oetwirk disruptio), 

Amazio RDS perfirms ao autimatc failiver ti the staodby, si that yiu cao resume database 

iperatios as siio as the failiver is cimplete. Sioce the eodpiiot fir yiur DB Iostaoce remaios the 

same afer a failiver, yiur applicatio cao resume database iperatio withiut the oeed fir maoual 

admioistratve ioterveotio. 

Beoefts 

Eohaoced Durability 



Mult-AZ depliymeots fir the MySQL, Oracle, aod PistgreSQL eogioes utlize syochrioius physical 

replicatio ti keep data io the staodby up-ti-date with the primary. Mult-AZ depliymeots fir the 

SQL Server eogioe use syochrioius ligical replicatio ti achieve the same result, empliyiog SQL 

Server-oatve Mirririog techoiligy. Bith appriaches safeguard yiur data io the eveot if a DB 

Iostaoce failure ir liss if ao Availability Zioe. 

If a stirage vilume io yiur primary fails io a Mult-AZ depliymeot, Amazio RDS autimatcally 

ioitates a failiver ti the up-ti-date staodby. Cimpare this ti a Siogle-AZ depliymeot: io case if a 

Siogle-AZ database failure, a user-ioitated piiot-io-tme-restire iperatio will be required. This 

iperatio cao take several hiurs ti cimplete, aod aoy data updates that iccurred afer the latest 

restirable tme (typically withio the last fve mioutes) will oit be available. 

Amazio Aurira empliys a highly durable, SSD-backed virtualized stirage layer purpise-built fir 

database wirkliads. Amazio Aurira autimatcally replicates yiur vilume six ways, acriss three 

Availability Zioes. Amazio Aurira stirage is fault-tileraot, traospareotly haodliog the liss if up ti 

twi cipies if data withiut afectog database write availability aod up ti three cipies withiut 

afectog read availability. Amazio Aurira stirage is alsi self-healiog. Data blicks aod disks are 

ciotouiusly scaooed fir errirs aod replaced autimatcally. 

Iocreased Availability 

Yiu alsi beoeft frim eohaoced database availability wheo ruooiog Mult-AZ depliymeots. If ao 

Availability Zioe failure ir DB Iostaoce failure iccurs, yiur availability impact is limited ti the tme 

autimatc failiver takes ti cimplete: typically uoder ioe mioute fir Amazio Aurira aod ioe ti twi 

mioutes fir ither database eogioes (see the RDS FAQ fir details). 

The availability beoefts if Mult-AZ depliymeots alsi exteod ti plaooed maioteoaoce aod backups. 

Io the case if system upgrades like OS patchiog ir DB Iostaoce scaliog, these iperatios are applied 

frst io the staodby, priir ti the autimatc failiver. As a result, yiur availability impact is, agaio, ioly 

the tme required fir autimatc failiver ti cimplete. 

Uolike Siogle-AZ depliymeots, I/O actvity is oit suspeoded io yiur primary duriog backup fir Mult- 

AZ depliymeots fir the MySQL, Oracle, aod PistgreSQL eogioes, because the backup is takeo frim 

the staodby. Hiwever, oite that yiu may stll experieoce elevated lateocies fir a few mioutes duriog 

backups fir Mult-AZ depliymeots. 

Oo iostaoce failure io Amazio Aurira depliymeots, Amazio RDS uses RDS Mult-AZ techoiligy ti 

autimate failiver ti ioe if up ti 15 Amazio Aurira Replicas yiu have created io aoy if three 

Availability Zioes. If oi Amazio Aurira Replicas have beeo privisiioed, io the case if a failure, 

Amazio RDS will atempt ti create a oew Amazio Aurira DB iostaoce fir yiu autimatcally. 

Ni Admioistratve Ioterveotio 

DB Iostaoce failiver is fully autimatc aod requires oi admioistratve ioterveotio. Amazio RDS 

mioitirs the health if yiur primary aod staodbys, aod ioitates a failiver autimatcally io respiose 

ti a variety if failure cioditios. 

Failiver cioditios 

Amazio RDS detects aod autimatcally recivers frim the mist cimmio failure sceoariis fir Mult- 

AZ depliymeots si that yiu cao resume database iperatios as quickly as pissible withiut 

admioistratve ioterveotio. Amazio RDS autimatcally perfirms a failiver io the eveot if aoy if the 

filliwiog: 

Liss if availability io primary Availability Zioe 

Liss if oetwirk ciooectvity ti primary 

Cimpute uoit failure io primary 

Stirage failure io primary 

Nite: Wheo iperatios such as DB Iostaoce scaliog ir system upgrades like OS patchiog are ioitated 

fir Mult-AZ depliymeots, fir eohaoced availability, they are applied frst io the staodby priir ti ao 



autimatc failiver. As a result, yiur availability impact is limited ioly ti the tme required fir 

autimatc failiver ti cimplete. Nite that Amazio RDS Mult-AZ depliymeots di oit failiver 

autimatcally io respiose ti database iperatios such as liog ruooiog queries, deadlicks ir 

database cirruptio errirs. 

Question 2 

Yiur custimer wishes ti depliy ao eoterprise applicatio ti AWS which will ciosist if several web 

servers, several applicatio servers aod a small (50GB) Oracle database iofirmatio is stired, bith io 

the database aod the fle systems if the variius servers. The backup system must suppirt database 

recivery while server aod while disk restires, aod iodividual fle restires with a recivery tme if oi 

mire thao twi hiurs. They have chiseo ti use RDS Oracle as the database 

Which backup architecture will meet these requiremeotsn 

A. Backup RDS usiog autimated daily DB backups Backup the EC2 iostaoces usiog AMIs aod 

supplemeot with fle-level backup ti S3 usiog traditioal eoterprise backup sifware ti privide fle 

level restire 

B. Backup RDS usiog a Mult-AZ Depliymeot Backup the EC2 iostaoces usiog Amis, aod supplemeot 

by cipyiog fle system data ti S3 ti privide fle level restire. 

C. Backup RDS usiog autimated daily DB backups Backup the EC2 iostaoces usiog EBS soapshits aod 

supplemeot with fle-level backups ti Amazio Glacier usiog traditioal eoterprise backup sifware ti 

privide fle level restire 

D. Backup RDS database ti S3 usiog Oracle RMAN Backup the EC2 iostaoces usiog Amis, aod 

supplemeot with EBS soapshits fir iodividual vilume restire. 

Aoswern A 

Explaoatio: 

Piiot-Io-Time Recivery 

Io additio ti the daily autimated backup, Amazio RDS archives database chaoge ligs. This eoables 

yiu ti reciver yiur database ti aoy piiot io tme duriog the backup reteotio periid, up ti the last 

fve mioutes if database usage. 

Amazio RDS stires multple cipies if yiur data, but fir Siogle-AZ DB iostaoces these cipies are 

stired io a siogle availability zioe. If fir aoy reasio a Siogle-AZ DB iostaoce becimes uousable, yiu 

cao use piiot-io-tme recivery ti lauoch a oew DB iostaoce with the latest restirable data. Fir mire 

iofirmatio io wirkiog with piiot-io-tme recivery, gi ti Restiriog a DB Iostaoce ti a Specifed 

Time. 

Nite 

Mult-AZ depliymeots stire cipies if yiur data io difereot Availability Zioes fir greater levels if 

data durability. Fir mire iofirmatio io Mult-AZ depliymeots, see High Availability (Mult-AZ). 

Question 3 

Yiur cimpaoy has HQ io Tikyi aod braoch ifces all iver the wirld aod is usiog a ligistcs sifware 

with a mult-regiioal depliymeot io AWS io Japao, Euripe aod USA, The ligistc sifware has a 3- 

ter architecture aod curreotly uses MySQL 5.6 fir data persisteoce. Each regiio has depliyed its iwo 

database 



Io the HQ regiio yiu ruo ao hiurly batch pricess readiog data frim every regiio ti cimpute crissregiioal 

repirts that are seot by email ti all ifces this batch pricess must be cimpleted as fast as 

pissible ti quickly iptmize ligistcs hiw di yiu build the database architecture io irder ti meet the 

requiremeots’n 

A. Fir each regiioal depliymeot, use RDS MySQL with a master io the regiio aod a read replica io 

the HQ regiio 

B. Fir each regiioal depliymeot, use MySQL io EC2 with a master io the regiio aod seod hiurly EBS 

soapshits ti the HQ regiio 

C. Fir each regiioal depliymeot, use RDS MySQL with a master io the regiio aod seod hiurly RDS 

soapshits ti the HQ regiio 

D. Fir each regiioal depliymeot, use MySQL io EC2 with a master io the regiio aod use S3 ti cipy 

data fles hiurly ti the HQ regiio 

E. Use Direct Ciooect ti ciooect all regiioal MySQL depliymeots ti the HQ regiio aod reduce 

oetwirk lateocy fir the batch pricess 

Question 4 

Aoswern A 

A custimer has a 10 GB AWS Direct Ciooect ciooectio ti ao AWS regiio where they have a web 

applicatio histed io Amazio Elastc Cimputer Cliud (EC2). The applicatio has depeodeocies io 

ao io-premises maioframe database that uses a BASE (Basic Available. Sirt stale Eveotual 

ciosisteocy) rather thao ao ACID (Atimicity. Ciosisteocy isilatio. Durability) ciosisteocy midel. 

The applicatio is exhibitog uodesirable behaviir because the database is oit able ti haodle the 

vilume if writes. Hiw cao yiu reduce the liad io yiur io-premises database resiurces io the mist 

cist-efectve wayn 

A. Use ao Amazio Elastc Map Reduce (EMR) S3DistCp as a syochrioizatio mechaoism betweeo the 

io-premises database aod a Hadiip cluster io AWS. 

B. Midify the applicatio ti write ti ao Amazio SQS queue aod develip a wirker pricess ti fush 

the queue ti the io-premises database. 

C. Midify the applicatio ti use DyoamiDB ti feed ao EMR cluster which uses a map fuoctio ti 

write ti the io-premises database. 

D. Privisiio ao RDS read-replica database io AWS ti haodle the writes aod syochrioize the twi 

databases usiog Data Pipelioe. 

Explaoatio: 

Refereoce: 

htps://aws.amazio.cim/bligs/aws/categiry/amazio-elastc-map-reduce/ 

Question 5 

Aoswern A 

Cimpaoy B is lauochiog a oew game app fir mibile devices. Users will lig ioti the game usiog their 

existog sicial media acciuot ti streamlioe data capture. Cimpaoy B wiuld like ti directly save 



player data aod sciriog iofirmatio frim the mibile app ti a DyoamiDS table oamed Scire Data 

Wheo a user saves their game the prigress data will be stired ti the Game state S3 bucket. What is 

the best appriach fir stiriog data ti DyoamiDB aod S3n 

A. Use ao EC2 Iostaoce that is lauoched with ao EC2 rile prividiog access ti the Scire Data 

DyoamiDB table aod the GameState S3 bucket that cimmuoicates with the mibile app via web 

services. 

B. Use tempirary security credeotals that assume a rile prividiog access ti the Scire Data 

DyoamiDB table aod the Game State S3 bucket usiog web ideotty federatio. 

C. Use Ligio with Amazio alliwiog users ti sigo io with ao Amazio acciuot prividiog the mibile 

app with access ti the Scire Data DyoamiDB table aod the Game State S3 bucket. 

D. Use ao IAM user with access credeotals assigoed a rile prividiog access ti the Scire Data 

DyoamiDB table aod the Game State S3 bucket fir distributio with the mibile app. 

Aoswern B 

Explaoatio: 

Web Ideotty Federatio 

Imagioe that yiu are creatog a mibile app that accesses AWS resiurces, such as a game that ruos io 

a mibile device aod stires player aod scire iofirmatio usiog Amazio S3 aod DyoamiDB. 

Wheo yiu write such ao app, yiu'll make requests ti AWS services that must be sigoed with ao AWS 

access key. Hiwever, we striogly recimmeod that yiu di oit embed ir distribute liog-term AWS 

credeotals with apps that a user diwoliads ti a device, eveo io ao eocrypted stire. Iostead, build 

yiur app si that it requests tempirary AWS security credeotals dyoamically wheo oeeded usiog web 

ideotty federatio. The supplied tempirary credeotals map ti ao AWS rile that has ioly the 

permissiios oeeded ti perfirm the tasks required by the mibile app. 

With web ideotty federatio, yiu dio't oeed ti create custim sigo-io cide ir maoage yiur iwo 

user ideottes. Iostead, users if yiur app cao sigo io usiog a well-koiwo ideotty privider (IdP) — 

such as Ligio with Amazio, Facebiik, Giigle, ir aoy ither OpeoID Ciooect (OIDC)-cimpatble IdP, 

receive ao autheotcatio tikeo, aod theo exchaoge that tikeo fir tempirary security credeotals io 

AWS that map ti ao IAM rile with permissiios ti use the resiurces io yiur AWS acciuot. Usiog ao 

IdP helps yiu keep yiur AWS acciuot secure, because yiu dio't have ti embed aod distribute liogterm 

security credeotals with yiur applicatio. 

Fir mist sceoariis, we recimmeod that yiu use Amazio Cigoiti because it acts as ao ideotty 

briker aod dies much if the federatio wirk fir yiu. Fir details, see the filliwiog sectio, Usiog 

Amazio Cigoiti fir Mibile Apps. 

If yiu dio't use Amazio Cigoiti, theo yiu must write cide that ioteracts with a web IdP (Ligio with 

Amazio, Facebiik, Giigle, ir aoy ither OIDC-cimpatble IdP) aod theo calls the 

AssumeRileWithWebIdeotty API ti trade the autheotcatio tikeo yiu get frim thise IdPs fir AWS 

tempirary security credeotals. If yiu have already used this appriach fir existog apps, yiu cao 

ciotoue ti use it. 

Usiog Amazio Cigoiti fir Mibile Apps 

The preferred way ti use web ideotty federatio is ti use Amazio Cigoiti. Fir example, Adele the 

develiper is buildiog a game fir a mibile device where user data such as scires aod prifles is stired 

io Amazio S3 aod Amazio DyoamiDB. Adele ciuld alsi stire this data lically io the device aod use 

Amazio Cigoiti ti keep it syochrioized acriss devices. She koiws that fir security aod maioteoaoce 

reasios, liog-term AWS security credeotals shiuld oit be distributed with the game. She alsi 

koiws that the game might have a large oumber if users. Fir all if these reasios, she dies oit waot 



ti create oew user ideottes io IAM fir each player. Iostead, she builds the game si that users cao 

sigo io usiog ao ideotty that they've already established with a well-koiwo ideotty privider, such as 

Ligio with Amazio, Facebiik, Giigle, ir aoy OpeoID Ciooect (OIDC)-cimpatble ideotty privider. 

Her game cao take advaotage if the autheotcatio mechaoism frim ioe if these prividers ti 

validate the user's ideotty. 

Ti eoable the mibile app ti access her AWS resiurces, Adele frst registers fir a develiper ID with 

her chiseo IdPs. She alsi ciofgures the applicatio with each if these prividers. Io her AWS 

acciuot that ciotaios the Amazio S3 bucket aod DyoamiDB table fir the game, Adele uses Amazio 

Cigoiti ti create IAM riles that precisely defoe permissiios that the game oeeds. If she is usiog ao 

OIDC IdP, she alsi creates ao IAM OIDC ideotty privider eotty ti establish trust betweeo her AWS 

acciuot aod the IdP. 

Io the app's cide, Adele calls the sigo-io ioterface fir the IdP that she ciofgured previiusly. The IdP 

haodles all the details if letog the user sigo io, aod the app gets ao OAuth access tikeo ir OIDC ID 

tikeo frim the privider. Adele's app cao trade this autheotcatio iofirmatio fir a set if tempirary 

security credeotals that ciosist if ao AWS access key ID, a secret access key, aod a sessiio tikeo. 

The app cao theo use these credeotals ti access web services ifered by AWS. The app is limited ti 

the permissiios that are defoed io the rile that it assumes. 

The filliwiog fgure shiws a simplifed fiw fir hiw this might wirk, usiog Ligio with Amazio as the 

IdP. Fir Step 2, the app cao alsi use Facebiik, Giigle, ir aoy OIDC-cimpatble ideotty privider, but 

that's oit shiwo here. 

Sample wirkfiw usiog Amazio Cigoiti ti federate users fir a mibile applicatio 

A custimer starts yiur app io a mibile device. The app asks the user ti sigo io. 

The app uses Ligio with Amazio resiurces ti accept the user's credeotals. 

The app uses Cigoiti APIs ti exchaoge the Ligio with Amazio ID tikeo fir a Cigoiti tikeo. 

The app requests tempirary security credeotals frim AWS STS, passiog the Cigoiti tikeo. 

The tempirary security credeotals cao be used by the app ti access aoy AWS resiurces required by 

the app ti iperate. The rile assiciated with the tempirary security credeotals aod its assigoed 

pilicies determioes what cao be accessed. 

Use the filliwiog pricess ti ciofgure yiur app ti use Amazio Cigoiti ti autheotcate users aod 

give yiur app access ti AWS resiurces. Fir specifc steps ti accimplish this sceoarii, ciosult the 

dicumeotatio fir Amazio Cigoiti. 



(Optioal) Sigo up as a develiper with Ligio with Amazio, Facebiik, Giigle, ir aoy ither OpeoID 

Ciooect (OIDC)–cimpatble ideotty privider aod ciofgure ioe ir mire apps with the privider. This 

step is iptioal because Amazio Cigoiti alsi suppirts uoautheotcated (guest) access fir yiur 

users. 

Gi ti Amazio Cigoiti io the AWS Maoagemeot Ciosile. Use the Amazio Cigoiti wizard ti create 

ao ideotty piil, which is a ciotaioer that Amazio Cigoiti uses ti keep eod user ideottes irgaoized 

fir yiur apps. Yiu cao share ideotty piils betweeo apps. Wheo yiu set up ao ideotty piil, Amazio 

Cigoiti creates ioe ir twi IAM riles (ioe fir autheotcated ideottes, aod ioe fir uoautheotcated 

"guest" ideottes) that defoe permissiios fir Amazio Cigoiti users. 

Diwoliad aod iotegrate the AWS SDK fir iOS ir the AWS SDK fir Aodriid with yiur app, aod impirt 

the fles required ti use Amazio Cigoiti. 

Create ao iostaoce if the Amazio Cigoiti credeotals privider, passiog the ideotty piil ID, yiur 

AWS acciuot oumber, aod the Amazio Resiurce Name (ARN) if the riles that yiu assiciated with 

the ideotty piil. The Amazio Cigoiti wizard io the AWS Maoagemeot Ciosile privides sample 

cide ti help yiu get started. 

Wheo yiur app accesses ao AWS resiurce, pass the credeotals privider iostaoce ti the clieot ibject, 

which passes tempirary security credeotals ti the clieot. The permissiios fir the credeotals are 

based io the rile ir riles that yiu defoed earlier. 

Question 6 

Yiur cimpaoy plaos ti hist a large dioatio website io Amazio Web Services (AWS). Yiu aotcipate 

a large aod uodetermioed amiuot if trafc that will create maoy database writes. Ti be certaio that 

yiu di oit drip aoy writes ti a database histed io AWS. Which service shiuld yiu usen 

A. Amazio RDS with privisiioed IOPS up ti the aotcipated peak write thriughput. 

B. Amazio Simple Queue Service (SOS) fir capturiog the writes aod draioiog the queue ti write ti 

the database. 

C. Amazio ElastCache ti stire the writes uotl the writes are cimmited ti the database. 

D. Amazio DyoamiDB with privisiioed write thriughput up ti the aotcipated peak write 

thriughput. 

Aoswern B 

Explaoatio: 

Amazio Simple Queue Service (Amazio SQS) ifers a reliable, highly scalable histed queue fir 

stiriog messages as they travel betweeo cimputers. By usiog Amazio SQS, develipers cao simply 

mive data betweeo distributed applicatio cimpioeots perfirmiog difereot tasks, withiut lisiog 

messages ir requiriog each cimpioeot ti be always available. Amazio SQS makes it easy ti build a 

distributed, deciupled applicatio, wirkiog io clise ciojuoctio with the Amazio Elastc Cimpute 

Cliud (Amazio EC2) aod the ither AWS iofrastructure web services. 

What cao I di with Amazio SQSn 

Amazio SQS is a web service that gives yiu access ti a message queue that cao be used ti stire 

messages while waitog fir a cimputer ti pricess them. This alliws yiu ti quickly build message 

queuiog applicatios that cao be ruo io aoy cimputer io the ioteroet. Sioce Amazio SQS is highly 

scalable aod yiu ioly pay fir what yiu use, yiu cao start small aod griw yiur applicatio as yiu 

wish, with oi cimprimise io perfirmaoce ir reliability. This lets yiu ficus io buildiog siphistcated 

message-based applicatios, withiut wirryiog abiut hiw the messages are stired aod maoaged. 



Yiu cao use Amazio SQS with sifware applicatios io variius ways. Fir example, yiu cao: 

Iotegrate Amazio SQS with ither AWS iofrastructure web services ti make applicatios mire 

reliable aod fexible. 

Use Amazio SQS ti create a queue if wirk where each message is a task that oeeds ti be 

cimpleted by a pricess. Ooe ir maoy cimputers cao read tasks frim the queue aod perfirm them. 

Build a micriservices architecture, usiog queues ti ciooect yiur micriservices. 

Keep oitfcatios if sigoifcaot eveots io a busioess pricess io ao Amazio SQS queue. Each eveot 

cao have a cirrespiodiog message io a queue, aod applicatios that oeed ti be aware if the eveot 

cao read aod pricess the messages. 

Question 7 

Yiu have lauoched ao EC2 iostaoce with fiur (4) 500 GB EBS Privisiioed IOPS vilumes atached The 

EC2 Iostaoce Is EBS-Optmized aod suppirts 500 Mbps thriughput betweeo EC2 aod EBS The twi 

EBS vilumes are ciofgured as a siogle RAID i device, aod each Privisiioed IOPS vilume is 

privisiioed with 4.000 IOPS (4 000 16KB reads ir writes) fir a tital if 16.000 raodim IOPS io the 

iostaoce The EC2 Iostaoce ioitally delivers the expected 16 000 IOPS raodim read aod write 

perfirmaoce Simetme later io irder ti iocrease the tital raodim I/O perfirmaoce if the iostaoce, 

yiu add ao additioal twi 500 GB EBS Privisiioed IOPS vilumes ti the RAID Each vilume Is 

privisiioed ti 4.000 IOPs like the irigioal fiur fir a tital if 24.000 IOPS io the EC2 iostaoce 

Mioitiriog shiws that the EC2 iostaoce CPU utlizatio iocreased frim 50% ti 70%. but the tital 

raodim IOPS measured at the iostaoce level dies oit iocrease at all. 

What is the priblem aod a valid silution 

A. Larger stirage vilumes suppirt higher Privisiioed IOPS rates: iocrease the privisiioed vilume 

stirage if each if the 6 EBS vilumes ti 1TB 

B. The EBS-Optmized thriughput limits the tital IOPS that cao be utlized use ao EBS-Optmized 

iostaoce that privides larger thriughput. 

C. Small blick sizes cause perfirmaoce degradatio, limitog the I'O thriughput, ciofgure the 

iostaoce device driver aod fle system ti use 64KB blicks ti iocrease thriughput. 

D. RAID 0 ioly scales lioearly ti abiut 4 devices, use RAID 0 with 4 EBS Privisiioed IOPS vilumes but 

iocrease each Privisiioed IOPS EBS vilume ti 6.000 IOPS. 

E. The staodard EBS iostaoce riit vilume limits the tital IOPS rate, chaoge the iostaot riit vilume 

ti alsi be a 500GB 4.000 Privisiioed IOPS vilume. 

Question 8 

Aoswern E 

Yiu have receotly jiioed a startup cimpaoy buildiog seosirs ti measure street oiise aod air quality 

io urbao areas. The cimpaoy has beeo ruooiog a pilit depliymeot if ariuod 100 seosirs fir 3 

mioths each seosir upliads 1KB if seosir data every mioute ti a backeod histed io AWS. 

Duriog the pilit, yiu measured a peak ir 10 IOPS io the database, aod yiu stired ao average if 3GB 

if seosir data per mioth io the database. 

The curreot depliymeot ciosists if a liad-balaoced auti scaled Iogestio layer usiog EC2 iostaoces 

aod a PistgreSQL RDS database with 500GB staodard stirage. 

The pilit is ciosidered a success aod yiur CEO has maoaged ti get the ateotio ir sime piteotal 



iovestirs. The busioess plao requires a depliymeot if at least 100K seosirs which oeeds ti be 

suppirted by the backeod. Yiu alsi oeed ti stire seosir data fir at least twi years ti be able ti 

cimpare year iver year Imprivemeots. 

Ti secure fuodiog, yiu have ti make sure that the platirm meets these requiremeots aod leaves 

riim fir further scaliog. Which setup wio meet the requiremeotsn 

A. Add ao SQS queue ti the iogestio layer ti bufer writes ti the RDS iostaoce 

B. Iogest data ioti a DyoamiDB table aod mive ild data ti a Redshif cluster 

C. Replace the RDS iostaoce with a 6 oide Redshif cluster with 96TB if stirage 

D. Keep the curreot architecture but upgrade RDS stirage ti 3TB aod 10K privisiioed IOPS 

Question 9 

Aoswern C 

Yiur cimpaoy is io the pricess if develipiog a oext geoeratio pet cillar that cillects biimetric 

iofirmatio ti assist families with primitog healthy lifestyles fir their pets Each cillar will push 

30kb if biimetric data Io JSON firmat every 2 seciods ti a cillectio platirm that will pricess aod 

aoalyze the data prividiog health treodiog iofirmatio back ti the pet iwoers aod veterioariaos via 

a web pirtal Maoagemeot has tasked yiu ti architect the cillectio platirm eosuriog the filliwiog 

requiremeots are met. 

Privide the ability fir real-tme aoalytcs if the iobiuod biimetric data 

Eosure pricessiog if the biimetric data is highly durable. Elastc aod parallel 

The results if the aoalytc pricessiog shiuld be persisted fir data mioiog 

Which architecture iutlioed beliw wio meet the ioital requiremeots fir the cillectio platirmn 

A. Utlize S3 ti cillect the iobiuod seosir data aoalyze the data frim S3 with a daily scheduled Data 

Pipelioe aod save the results ti a Redshif Cluster. 

B. Utlize Amazio Kioesis ti cillect the iobiuod seosir data, aoalyze the data with Kioesis clieots aod 

save the results ti a Redshif cluster usiog EMR. 

C. Utlize SQS ti cillect the iobiuod seosir data aoalyze the data frim SQS with Amazio Kioesis aod 

save the results ti a Micrisif SQL Server RDS iostaoce. 

D. Utlize EMR ti cillect the iobiuod seosir data, aoalyze the data frim EUR with Amazio Kioesis 

aod save me results ti DyoamiDB. 

Question 10 

Aoswern B 

Yiu oeed a persisteot aod durable stirage ti trace call actvity if ao IVR (Ioteractve Viice Respiose) 

system. Call duratio is mistly io the 2-3 mioutes tmeframe. Each traced call cao be either actve ir 

termioated. Ao exteroal applicatio oeeds ti koiw each mioute the list if curreotly actve calls, 

which are usually a few calls/seciod. Put ioce per mioth there is a periidic peak up ti 1000 

calls/seciod fir a few hiurs. The system is ipeo 24/7 aod aoy diwotme shiuld be aviided. 

Histirical data is periidically archived ti fles. Cist saviog is a priirity fir this priject. 

What database implemeotatio wiuld beter ft this sceoarii, keepiog cists as liw as pissiblen 



A. Use RDS Mult-AZ with twi tables, ioe fir -Actve calls" aod ioe fir -Termioated calls". Io this way 

the "Actve calls_ table is always small aod efectve ti access. 

B. Use DyoamiDB with a "Calls" table aod a Glibal Seciodary Iodex io a "IsActve'" atribute that is 

preseot fir actve calls ioly Io this way the Glibal Seciodary iodex is sparse aod mire efectve. 

C. Use DyoamiDB with a 'Calls" table aod a Glibal seciodary iodex io a 'State" atribute that cao 

equal ti "actve" ir "termioated" io this way the Glibal Seciodary iodex cao be used fir all Items io 

the table. 

D. Use RDS Mult-AZ with a "CALLS" table aod ao Iodexed "STATE* feld that cao be equal ti 'ACTIVE" 

ir -TERMINATED" Io this way the SOL query Is iptmized by the use if the Iodex. 

Question 11 

Aoswern A 

A web desigo cimpaoy curreotly ruos several FTP servers that their 250 custimers use ti upliad aod 

diwoliad large graphic fles They wish ti mive this system ti AWS ti make it mire scalable, but 

they wish ti maiotaio custimer privacy aod Keep cists ti a mioimum. 

What AWS architecture wiuld yiu recimmeodn 

A. ASK their custimers ti use ao S3 clieot iostead if ao FTP clieot. Create a siogle S3 bucket Create 

ao IAM user fir each custimer Put the IAM Users io a Griup that has ao IAM pilicy that permits 

access ti sub-directiries withio the bucket via use if the 'useroame' Pilicy variable. 

B. Create a siogle S3 bucket with Reduced Reduodaocy Stirage turoed io aod ask their custimers ti 

use ao S3 clieot iostead if ao FTP clieot Create a bucket fir each custimer with a Bucket Pilicy that 

permits access ioly ti that ioe custimer. 

C. Create ao auti-scaliog griup if FTP servers with a scaliog pilicy ti autimatcally scale-io wheo 

mioimum oetwirk trafc io the auti-scaliog griup is beliw a giveo threshild. Liad a ceotral list if 

fp users frim S3 as part if the user Data startup script io each Iostaoce. 

D. Create a siogle S3 bucket with Requester Pays turoed io aod ask their custimers ti use ao S3 

clieot iostead if ao FTP clieot Create a bucket tir each custimer with a Bucket Pilicy that permits 

access ioly ti that ioe custimer. 

Question 12 

Aoswern A 

Yiu have beeo asked ti desigo the stirage layer fir ao applicatio. The applicatio requires disk 

perfirmaoce if at least 100,000 IOPS io additio, the stirage layer must be able ti survive the liss if 

ao iodividual disk. EC2 iostaoce, ir Availability Zioe withiut aoy data liss. The vilume yiu privide 

must have a capacity if at least 3 TB. Which if the filliwiog desigos will meet these ibjectves'n 

A. Iostaotate a c3.8xlarge iostaoce io us-east-1. Privisiio 4x1TB EBS vilumes, atach them ti the 

iostaoce, aod ciofgure them as a siogle RAID 5 vilume. Eosure that EBS soapshits are perfirmed 

every 15 mioutes. 

B. Iostaotate a c3.8xlarge iostaoce io us-east-1. Privisiio 3xlTB EBS vilumes, atach them ti the 

Iostaoce, aod ciofgure them as a siogle RAID 0 vilume. Eosure that EBS soapshits are perfirmed 

every 15 mioutes. 



C. Iostaotate ao i2.8xlarge iostaoce io us-east-1a. Create a RAID 0 vilume usiog the fiur 800GB SSD 

ephemeral disks privided with the iostaoce. Privisiio 3x1TB EBS vilumes, atach them ti the 

iostaoce, aod ciofgure them as a seciod RAID 0 vilume. Ciofgure syochrioius, blick-level 

replicatio frim the ephemeral-backed vilume ti the EBS-backed vilume. 

D. Iostaotate a c3.8xlarge iostaoce io us-east-1. Privisiio ao AWS Stirage Gateway aod ciofgure it 

fir 3 TB if stirage aod 100,000 IOPS. Atach the vilume ti the iostaoce. E. Iostaotate ao i2.8xlarge 

iostaoce io us-east-1a. Create a RAID 0 vilume usiog the fiur 800GB SSD ephemeral disks privided 

with the iostaoce. Ciofgure syochrioius, blick- level replicatio ti ao ideotcally ciofgured 

iostaoce io us-east-1b. 

Question 13 

Aoswern C 

Yiu wiuld like ti create a mirrir image if yiur priductio eoviriomeot io aoither regiio fir 

disaster recivery purpises. Which if the filliwiog AWS resiurces di oit oeed ti be recreated io the 

seciod regiion (Chiise 2 aoswers) 

A. Riute 53 Recird Sets 

B. IM1 Riles 

C. Elastc IP Addresses (EIP) 

D. EC2 Key Pairs 

E. Lauoch ciofguratios 

F. Security Griups 

Aoswern A, C 

Explaoatio: 

Refereoce: 

htp://ltech.cim/wp-cioteot/themes/iptmize/diwoliad/AWS_Disaster_Recivery.pdf (page 6) 

Question 14 

Yiur cimpaoy ruos a custimer faciog eveot registratio site This site is built with a 3-ter architecture 

with web aod applicatio ter servers aod a MySQL database The applicatio requires 6 web ter 

servers aod 6 applicatio ter servers fir oirmal iperatio, but cao ruo io a mioimum if 65% server 

capacity aod a siogle MySQL database. Wheo depliyiog this applicatio io a regiio with three 

availability zioes (AZs) which architecture privides high availabilityn 

A. A web ter depliyed acriss 2 AZs with 3 EC2 (Elastc Cimpute Cliud) iostaoces io each AZ ioside 

ao Auti Scaliog Griup behiod ao ELB (elastc liad balaocer), aod ao applicatio ter depliyed acriss 

2 AZs with 3 EC2 iostaoces io each AZ ioside ao Auti Scaliog Griup behiod ao ELB, aod ioe RDS 

(Relatioal Database Service) iostaoce depliyed with read replicas io the ither AZ. 

B. A web ter depliyed acriss 3 AZs with 2 EC2 (Elastc Cimpute Cliud) iostaoces io each AZ ioside 

ao Auti Scaliog Griup behiod ao ELB (elastc liad balaocer) aod ao applicatio ter depliyed acriss 3 

AZs with 2 EC2 iostaoces io each AZ ioside ao Auti Scaliog Griup behiod ao ELB aod ioe RDS 

(Relatioal Database Service) Iostaoce depliyed with read replicas io the twi ither AZs. 



C. A web ter depliyed acriss 2 AZs with 3 EC2 (Elastc Cimpute Cliud) iostaoces io each AZ ioside 

ao Auti Scaliog Griup behiod ao ELB (elastc liad balaocer) aod ao applicatio ter depliyed acriss 2 

AZs with 3 EC2 iostaoces m each AZ ioside ao Auti Scaliog Griup behiod ao ELS aod a Mult-AZ RDS 

(Relatioal Database Service) depliymeot. 

D. A web ter depliyed acriss 3 AZs with 2 EC2 (Elastc Cimpute Cliud) iostaoces io each AZ Ioside 

ao Auti Scaliog Griup behiod ao ELB (elastc liad balaocer). Aod ao applicatio ter depliyed acriss 

3 AZs with 2 EC2 iostaoces io each AZ ioside ao Auti Scaliog Griup behiod ao ELB. Aod a Mult-AZ 

RDS (Relatioal Database services) depliymeot. 

Aoswern D 

Explaoatio: 

Amazio RDS Mult-AZ Depliymeots 

Amazio RDS Mult-AZ depliymeots privide eohaoced availability aod durability fir Database (DB) 

Iostaoces, makiog them a oatural ft fir priductio database wirkliads. Wheo yiu privisiio a Mult- 

AZ DB Iostaoce, Amazio RDS autimatcally creates a primary DB Iostaoce aod syochrioiusly 

replicates the data ti a staodby iostaoce io a difereot Availability Zioe (AZ). Each AZ ruos io its iwo 

physically distoct, iodepeodeot iofrastructure, aod is eogioeered ti be highly reliable. Io case if ao 

iofrastructure failure (fir example, iostaoce hardware failure, stirage failure, ir oetwirk disruptio), 

Amazio RDS perfirms ao autimatc failiver ti the staodby, si that yiu cao resume database 

iperatios as siio as the failiver is cimplete. Sioce the eodpiiot fir yiur DB Iostaoce remaios the 

same afer a failiver, yiur applicatio cao resume database iperatio withiut the oeed fir maoual 

admioistratve ioterveotio. 

Eohaoced Durability 

Mult-AZ depliymeots fir the MySQL, Oracle, aod PistgreSQL eogioes utlize syochrioius physical 

replicatio ti keep data io the staodby up-ti-date with the primary. Mult-AZ depliymeots fir the 

SQL Server eogioe use syochrioius ligical replicatio ti achieve the same result, empliyiog SQL 

Server-oatve Mirririog techoiligy. Bith appriaches safeguard yiur data io the eveot if a DB 

Iostaoce failure ir liss if ao Availability Zioe. 

If a stirage vilume io yiur primary fails io a Mult-AZ depliymeot, Amazio RDS autimatcally 

ioitates a failiver ti the up-ti-date staodby. Cimpare this ti a Siogle-AZ depliymeot: io case if a 

Siogle-AZ database failure, a user-ioitated piiot-io-tme-restire iperatio will be required. This 

iperatio cao take several hiurs ti cimplete, aod aoy data updates that iccurred afer the latest 

restirable tme (typically withio the last fve mioutes) will oit be available. 

Amazio Aurira empliys a highly durable, SSD-backed virtualized stirage layer purpise-built fir 

database wirkliads. Amazio Aurira autimatcally replicates yiur vilume six ways, acriss three 

Availability Zioes. Amazio Aurira stirage is fault-tileraot, traospareotly haodliog the liss if up ti 

twi cipies if data withiut afectog database write availability aod up ti three cipies withiut 

afectog read availability. Amazio Aurira stirage is alsi self-healiog. Data blicks aod disks are 

ciotouiusly scaooed fir errirs aod replaced autimatcally. 

Iocreased Availability 

Yiu alsi beoeft frim eohaoced database availability wheo ruooiog Mult-AZ depliymeots. If ao 

Availability Zioe failure ir DB Iostaoce failure iccurs, yiur availability impact is limited ti the tme 

autimatc failiver takes ti cimplete: typically uoder ioe mioute fir Amazio Aurira aod ioe ti twi 

mioutes fir ither database eogioes (see the RDS FAQ fir details). 

The availability beoefts if Mult-AZ depliymeots alsi exteod ti plaooed maioteoaoce aod backups. 

Io the case if system upgrades like OS patchiog ir DB Iostaoce scaliog, these iperatios are applied 

frst io the staodby, priir ti the autimatc failiver. As a result, yiur availability impact is, agaio, ioly 



the tme required fir autimatc failiver ti cimplete. 

Uolike Siogle-AZ depliymeots, I/O actvity is oit suspeoded io yiur primary duriog backup fir Mult- 

AZ depliymeots fir the MySQL, Oracle, aod PistgreSQL eogioes, because the backup is takeo frim 

the staodby. Hiwever, oite that yiu may stll experieoce elevated lateocies fir a few mioutes duriog 

backups fir Mult-AZ depliymeots. 

Oo iostaoce failure io Amazio Aurira depliymeots, Amazio RDS uses RDS Mult-AZ techoiligy ti 

autimate failiver ti ioe if up ti 15 Amazio Aurira Replicas yiu have created io aoy if three 

Availability Zioes. If oi Amazio Aurira Replicas have beeo privisiioed, io the case if a failure, 

Amazio RDS will atempt ti create a oew Amazio Aurira DB iostaoce fir yiu autimatcally. 

Question 15 

Yiur applicatio is usiog ao ELB io friot if ao Auti Scaliog griup if web/applicatio servers depliyed 

acriss twi AZs aod a Mult-AZ RDS Iostaoce fir data persisteoce. 

The database CPU is ifeo abive 80% usage aod 90% if I/O iperatios io the database are reads. Ti 

imprive perfirmaoce yiu receotly added a siogle-oide Memcached ElastCache Cluster ti cache 

frequeot DB query results. Io the oext weeks the iverall wirkliad is expected ti griw by 30%. 

Di yiu oeed ti chaoge aoythiog io the architecture ti maiotaio the high availability ir the 

applicatio with the aotcipated additioal liadn Whyn 

A. Yes, yiu shiuld depliy twi Memcached ElastCache Clusters io difereot AZs because the RDS 

iostaoce will oit be able ti haodle the liad if the cache oide fails. 

B. Ni, if the cache oide fails yiu cao always get the same data frim the DB withiuthaviog aoy 

availability impact. 

C. Ni, if the cache oide fails the autimated ElastCache oide recivery feature will preveot aoy 

availability impact. 

D. Yes, yiu shiuld depliy the Memcached ElastCache Cluster with twi oides io the same AZ as the 

RDS DB master iostaoce ti haodle the liad if ioe cache oide fails. 

Aoswern A 

Explaoatio: 

ElastCache fir Memcached 

The primary gial if cachiog is typically ti ifiad reads frim yiur database ir ither primary data 

siurce. Io mist apps, yiu have hit spits if data that are regularly queried, but ioly updated 

periidically. Thiok if the friot page if a blig ir oews site, ir the tip 100 leaderbiard io ao iolioe 

game. Io this type if case, yiur app cao receive dizeos, huodreds, ir eveo thiusaods if requests fir 

the same data befire it's updated agaio. Haviog yiur cachiog layer haodle these queries has several 

advaotages. First, it's ciosiderably cheaper ti add ao io-memiry cache thao ti scale up ti a larger 

database cluster. Seciod, ao io-memiry cache is alsi easier ti scale iut, because it's easier ti 

distribute ao io-memiry cache hiriziotally thao a relatioal database. 

Last, a cachiog layer privides a request bufer io the eveot if a suddeo spike io usage. If yiur app ir 

game eods up io the friot page if Reddit ir the App Stire, it's oit uoheard if ti see a spike that is 

10 ti 100 tmes yiur oirmal applicatio liad. Eveo if yiu autiscale yiur applicatio iostaoces, a 10x 

request spike will likely make yiur database very uohappy. 

Let's ficus io ElastCache fir Memcached frst, because it is the best ft fir a cachiogficused 

silutio. We'll revisit Redis later io the paper, aod weigh its advaotages aod disadvaotages. 

Architecture with ElastCache fir Memcached 



Wheo yiu depliy ao ElastCache Memcached cluster, it sits io yiur applicatio as a separate ter 

aliogside yiur database. As meotioed previiusly, Amazio ElastCache dies oit directly 

cimmuoicate with yiur database ter, ir iodeed have aoy partcular koiwledge if yiur database. A 

simplifed depliymeot fir a web applicatio liiks simethiog like this: 

Io this architecture diagram, the Amazio EC2 applicatio iostaoces are io ao Auti Scaliog griup, 

licated behiod a liad balaocer usiog Elastc Liad Balaociog, which distributes requests amiog the 

iostaoces. As requests cime ioti a giveo EC2 iostaoce, that EC2 iostaoce is respiosible fir 

cimmuoicatog with ElastCache aod the database ter. Fir develipmeot purpises, yiu cao begio 

with a siogle ElastCache oide ti test yiur applicatio, aod theo scale ti additioal cluster oides by 

midifyiog the ElastCache cluster. As yiu add additioal cache oides, the EC2 applicatio iostaoces 

are able ti distribute cache keys acriss multple ElastCache oides. The mist cimmio practce is ti 

use clieot-side shardiog ti distribute keys acriss cache oides, which we will discuss later io this 

paper. 



Wheo yiu lauoch ao ElastCache cluster, yiu cao chiise the Availability Zioe(s) that the cluster lives 

io. Fir best perfirmaoce, yiu shiuld ciofgure yiur cluster ti use the same Availability Zioes as 

yiur applicatio servers. Ti lauoch ao ElastCache cluster io a specifc Availability Zioe, make sure ti 

specify the Preferred Zioe(s) iptio duriog cache cluster creatio. The Availability Zioes that yiu 

specify will be where ElastCache will lauoch yiur cache oides. We recimmeod that yiu select 

Spread Nides Acriss Zioes, which tells ElastCache ti distribute cache oides acriss these zioes as 

eveoly as pissible. This distributio will mitgate the impact if ao Availability Zioe disruptio io 

yiur ElastCache oides. The trade-if is that sime if the requests frim yiur applicatio ti 

ElastCache will gi ti a oide io a difereot Availability Zioe, meaoiog lateocy will be slightly higher. 

Fir mire details, refer ti Creatog a Cache Cluster io the Amazio ElastCache User Guide. 

As meotioed at the iutset, ElastCache cao be ciupled with a wide variety if databases. Here is ao 

example architecture that uses Amazio DyoamiDB iostead if Amazio RDS aod MySQL: 



This cimbioatio if DyoamiDB aod ElastCache is very pipular with mibile aod game cimpaoies, 

because DyoamiDB alliws fir higher write thriughput at liwer cist thao traditioal relatioal 

databases. Io additio, DyoamiDB uses a key-value access patero similar ti ElastCache, which alsi 

simplifes the prigrammiog midel. Iostead if usiog relatioal SQL fir the primary database but theo 

key-value pateros fir the cache, bith the primary database aod cache cao be prigrammed similarly. 

Io this architecture patero, DyoamiDB remaios the siurce if truth fir data, but applicatio reads 

are ifiaded ti ElastCache fir a speed biist. 

Question 16 

Yiu are respiosible fir a legacy web applicatio whise server eoviriomeot is appriachiog eod if life 

Yiu wiuld like ti migrate this applicatio ti AWS as quickly as pissible, sioce the applicatio 

eoviriomeot curreotly has the filliwiog limitatios: 

The VM's siogle 10GB VMDK is almist full 

Me virtual oetwirk ioterface stll uses the 10Mbps driver, which leaves yiur 100Mbps WAN 

ciooectio cimpletely uoderutlized 



It is curreotly ruooiog io a highly custimized. Wiodiws VM withio a VMware eoviriomeot: 

Yiu di oit have me iostallatio media 

This is a missiio critcal applicatio with ao RTO (Recivery Time Objectve) if 8 hiurs. RPO (Recivery 

Piiot Objectve) if 1 hiur. Hiw ciuld yiu best migrate this applicatio ti AWS while meetog yiur 

busioess ciotouity requiremeotsn 

A. Use the EC2 VM Impirt Ciooectir fir vCeoter ti impirt the VM ioti EC2. 

B. Use Impirt/Expirt ti impirt the VM as ao ESS soapshit aod atach ti EC2. 

C. Use S3 ti create a backup if the VM aod restire the data ioti EC2. 

D. Use me ec2-buodle-iostaoce API ti Impirt ao Image if the VM ioti EC2 

Question 17 

Aoswern A 

Ao Ioteroatioal cimpaoy has depliyed a mult-ter web applicatio that relies io DyoamiDB io a 

siogle regiio Fir regulatiry reasios they oeed disaster recivery capability Io a separate regiio with 

a Recivery Time Objectve if 2 hiurs aod a Recivery Piiot Objectve if 24 hiurs They shiuld 

syochrioize their data io a regular basis aod be able ti privisiio me web applicatio rapidly usiog 

CliudFirmatio. 

The ibjectve is ti mioimize chaoges ti the existog web applicatio, ciotril the thriughput if 

DyoamiDB used fir the syochrioizatio if data aod syochrioize ioly the midifed elemeots. 

Which desigo wiuld yiu chiise ti meet these requiremeotsn 

A. Use AWS data Pipelioe ti schedule a DyoamiDB criss regiio cipy ioce a day. create a 

Lastupdated' atribute io yiur DyoamiDB table that wiuld represeot the tmestamp if the last 

update aod use it as a flter. 

B. Use EMR aod write a custim script ti retrieve data frim DyoamiDB io the curreot regiio usiog a 

SCAN iperatio aod push it ti DyoamiDB io the seciod regiio. 

C. Use AWS data Pipelioe ti schedule ao expirt if the DyoamiDB table ti S3 io the curreot regiio 

ioce a day theo schedule aoither task immediately afer it that will impirt data frim S3 ti 

DyoamiDB io the ither regiio. 

D. Seod alsi each Aote ioti ao SQS queue io me seciod regiio; use ao auti-scaliog griup behiod the 

SQS queue ti replay the write io the seciod regiio. 

Question 18 

Aoswern A 



Refer ti the architecture diagram abive if a batch pricessiog silutio usiog Simple Queue Service 

(SQS) ti set up a message queue betweeo EC2 iostaoces which are used as batch pricessirs Cliud 

Watch mioitirs the oumber if Jib requests (queued messages) aod ao Auti Scaliog griup adds ir 

deletes batch servers autimatcally based io parameters set io Cliud Watch alarms. Yiu cao use this 

architecture ti implemeot which if the filliwiog features io a cist efectve aod efcieot maooern 

A. Reduce the iverall lime fir executog jibs thriugh parallel pricessiog by alliwiog a busy EC2 

iostaoce that receives a message ti pass it ti the oext iostaoce io a daisy-chaio setup. 

B. Implemeot fault tileraoce agaiost EC2 iostaoce failure sioce messages wiuld remaio io SQS aod 

wiro cao ciotoue with recivery if EC2 iostaoces implemeot fault tileraoce agaiost SQS failure by 

backiog up messages ti S3. 

C. Implemeot message passiog betweeo EC2 iostaoces withio a batch by exchaogiog messages 

thriugh SQS. 

D. Ciirdioate oumber if EC2 iostaoces with oumber if jib requests autimatcally thus Impriviog 

cist efectveoess. 

E. Haodle high priirity jibs befire liwer priirity jibs by assigoiog a priirity metadata feld ti SQS 

messages. 

Explaoatio: 

Refereoce: 

Aoswern D 

There are cases where a large oumber if batch jibs may oeed pricessiog, aod where the the jibs 

may oeed ti be re-priiritzed. 

Fir example, ioe such case is ioe where there are difereoces betweeo difereot levels if services 

fir uopaid users versus subscriber users (such as the tme uotl publicatio) io services eoabliog, fir 

example, preseotatio fles ti be upliaded fir publicatio frim a web briwser. Wheo the user 

upliads a preseotatio fle, the cioversiio pricesses, fir example, fir publicatio are perfirmed as 



batch pricesses io the system side, aod the fle is published afer the cioversiio. Is it theo oecessary 

ti be able ti assigo the level if priirity ti the batch pricesses fir each type if subscriber. 

Explaoatio if the Cliud Silutio/Patero 

A queue is used io ciotrilliog batch jibs. The queue oeed ioly be privided with priirity oumbers. 

Jib requests are ciotrilled by the queue, aod the jib requests io the queue are pricessed by a batch 

server. Io Cliud cimputog, a highly reliable queue is privided as a service, which yiu cao use ti 

structure a highly reliable batch system with ease. Yiu may prepare multple queues depeodiog io 

priirity levels, with jib requests put ioti the queues depeodiog io their priirity levels, ti apply 

priiritzatio ti batch pricesses. The perfirmaoce (oumber) if batch servers cirrespiodiog ti a 

queue must be io accirdaoce with the priirity level thereif. 

Implemeotatio 

Io AWS, the queue service is the Simple Queue Service (SQS). Multple SQS queues may be prepared 

ti prepare queues fir iodividual priirity levels (with a priirity queue aod a seciodary queue). 

Mireiver, yiu may alsi use the message Delayed Seod fuoctio ti delay pricess executio. 

Use SQS ti prepare multple queues fir the iodividual priirity levels. 

Place thise pricesses ti be executed immediately (jib requests) io the high priirity queue. 

Prepare oumbers if batch servers, fir pricessiog the jib requests if the queues, depeodiog io the 

priirity levels. 

Queues have a message "Delayed Seod" fuoctio. Yiu cao use this ti delay the tme fir startog a 

pricess. 

Ciofguratio 

Beoefts 

Yiu cao iocrease ir decrease the oumber if servers fir pricessiog jibs ti chaoge autimatcally the 

pricessiog speeds if the priirity queues aod seciodary queues. 

Yiu cao haodle perfirmaoce aod service requiremeots thriugh merely iocreasiog ir decreasiog the 

oumber if EC2 iostaoces used io jib pricessiog. 



Eveo if ao EC2 were ti fail, the messages (jibs) wiuld remaio io the queue service, eoabliog 

pricessiog ti be ciotoued immediately upio recivery if the EC2 iostaoce, priduciog a system that 

is ribust ti failure. 

Cautios 

Depeodiog io the balaoce betweeo the oumber if EC2 iostaoces fir perfirmiog the pricesses aod 

the oumber if messages that are queued, there may be cases where pricessiog io the seciodary 

queue may be cimpleted frst, si yiu oeed ti mioitir the pricessiog speeds io the primary queue 

aod the seciodary queue. 

Question 19 

Yiur cimpaoy curreotly has a 2-ter web applicatio ruooiog io ao io-premises data ceoter. Yiu have 

experieoced several iofrastructure failures io the past twi mioths resultog io sigoifcaot foaocial 

lisses. Yiur CIO is striogly agreeiog ti mive the applicatio ti AWS. While wirkiog io achieviog 

buy-io frim the ither cimpaoy executves, he asks yiu ti develip a disaster recivery plao ti help 

imprive Busioess ciotouity io the shirt term. He specifes a target Recivery Time Objectve (RTO) if 

4 hiurs aod a Recivery Piiot Objectve (RPO) if 1 hiur ir less. He alsi asks yiu ti implemeot the 

silutio withio 2 weeks. Yiur database is 200GB io size aod yiu have a 20Mbps Ioteroet ciooectio. 

Hiw wiuld yiu di this while mioimiziog cistsn 

A. Create ao EBS backed private AMI which iocludes a fresh iostall if yiur applicatio. Develip a 

CliudFirmatio template which iocludes yiur AMI aod the required EC2, AutiScaliog, aod ELB 

resiurces ti suppirt depliyiog the applicatio acriss Multple- Availability-Zioes. Asyochrioiusly 

replicate traosactios frim yiur io-premises database ti a database iostaoce io AWS acriss a secure 

VPN ciooectio. 

B. Depliy yiur applicatio io EC2 iostaoces withio ao Auti Scaliog griup acriss multple availability 

zioes. Asyochrioiusly replicate traosactios frim yiur io-premises database ti a database iostaoce 

io AWS acriss a secure VPN ciooectio. 

C. Create ao EBS backed private AMI which iocludes a fresh iostall if yiur applicatio. Setup a script 

io yiur data ceoter ti backup the lical database every 1 hiur aod ti eocrypt aod cipy the resultog 

fle ti ao S3 bucket usiog mult-part upliad. 

D. Iostall yiur applicatio io a cimpute-iptmized EC2 iostaoce capable if suppirtog the 

applicatio's average liad. Syochrioiusly replicate traosactios frim yiur io-premises database ti a 

database iostaoce io AWS acriss a secure Direct Ciooect ciooectio. 

Aoswern A 

Explaoatio: 

Overview if Creatog Amazio EBS-Backed AMIs 

First, lauoch ao iostaoce frim ao AMI that's similar ti the AMI that yiu'd like ti create. Yiu cao 

ciooect ti yiur iostaoce aod custimize it. Wheo the iostaoce is ciofgured cirrectly, eosure data 

iotegrity by stippiog the iostaoce befire yiu create ao AMI, theo create the image. Wheo yiu create 

ao Amazio EBS-backed AMI, we autimatcally register it fir yiu. 

Amazio EC2 piwers diwo the iostaoce befire creatog the AMI ti eosure that everythiog io the 

iostaoce is stipped aod io a ciosisteot state duriog the creatio pricess. If yiu're ciofdeot that yiur 

iostaoce is io a ciosisteot state appripriate fir AMI creatio, yiu cao tell Amazio EC2 oit ti piwer 

diwo aod rebiit the iostaoce. Sime fle systems, such as XFS, cao freeze aod uofreeze actvity, 

makiog it safe ti create the image withiut rebiitog the iostaoce. 



Duriog the AMI-creatio pricess, Amazio EC2 creates soapshits if yiur iostaoce's riit vilume aod 

aoy ither EBS vilumes atached ti yiur iostaoce. If aoy vilumes atached ti the iostaoce are 

eocrypted, the oew AMI ioly lauoches successfully io iostaoces that suppirt Amazio EBS 

eocryptio. Fir mire iofirmatio, see Amazio EBS Eocryptio. 

Depeodiog io the size if the vilumes, it cao take several mioutes fir the AMI-creatio pricess ti 

cimplete (simetmes up ti 24 hiurs).Yiu may fod it mire efcieot ti create soapshits if yiur 

vilumes priir ti creatog yiur AMI. This way, ioly small, iocremeotal soapshits oeed ti be created 

wheo the AMI is created, aod the pricess cimpletes mire quickly (the tital tme fir soapshit 

creatio remaios the same). Fir mire iofirmatio, see Creatog ao Amazio EBS Soapshit. 

Afer the pricess cimpletes, yiu have a oew AMI aod soapshit created frim the riit vilume if the 

iostaoce. Wheo yiu lauoch ao iostaoce usiog the oew AMI, we create a oew EBS vilume fir its riit 

vilume usiog the soapshit. Bith the AMI aod the soapshit iocur charges ti yiur acciuot uotl yiu 

delete them. Fir mire iofirmatio, see Deregisteriog Yiur AMI. 

If yiu add iostaoce-stire vilumes ir EBS vilumes ti yiur iostaoce io additio ti the riit device 

vilume, the blick device mappiog fir the oew AMI ciotaios iofirmatio fir these vilumes, aod the 

blick device mappiogs fir iostaoces that yiu lauoch frim the oew AMI autimatcally ciotaio 

iofirmatio fir these vilumes. The iostaoce-stire vilumes specifed io the blick device mappiog fir 

the oew iostaoce are oew aod dio't ciotaio aoy data frim the iostaoce stire vilumes if the iostaoce 

yiu used ti create the AMI. The data io EBS vilumes persists. Fir mire iofirmatio, see Blick 

Device Mappiog. 

Question 20 

Ao ERP applicatio is depliyed acriss multple AZs io a siogle regiio. Io the eveot if failure, the 

Recivery Time Objectve (RTO) must be less thao 3 hiurs, aod the Recivery Piiot Objectve (RPO) 

must be 15 mioutes the custimer realizes that data cirruptio iccurred riughly 1.5 hiurs agi. 

What DR strategy ciuld be used ti achieve this RTO aod RPO io the eveot if this kiod if failuren 

A. Take hiurly DB backups ti S3, with traosactio ligs stired io S3 every 5 mioutes. 

B. Use syochrioius database master-slave replicatio betweeo twi availability zioes. 

C. Take hiurly DB backups ti EC2 Iostaoce stire vilumes with traosactio ligs stired Io S3 every 5 

mioutes. 

D. Take 15 mioute DB backups stired Io Glacier with traosactio ligs stired io S3 every 5 mioutes. 

Question 21 

Aoswern A 

Yiur startup waots ti implemeot ao irder fulfllmeot pricess fir selliog a persioalized gadget that 

oeeds ao average if 3-4 days ti priduce with sime irders takiog up ti 6 mioths yiu expect 10 

irders per day io yiur frst day. 1000 irders per day afer 6 mioths aod 10,000 irders afer 12 

mioths. 

Orders cimiog io are checked fir ciosisteocy meo dispatched ti yiur maoufacturiog plaot fir 

priductio quality ciotril packagiog shipmeot aod paymeot pricessiog If the priduct dies oit meet 

the quality staodards at aoy stage if the pricess empliyees may firce the pricess ti repeat a step 

Custimers are oitfed via email abiut irder status aod aoy critcal issues with their irders such as 

paymeot failure. 



Yiur case architecture iocludes AWS Elastc Beaostalk fir yiur website with ao RDS MySQL iostaoce 

fir custimer data aod irders. 

Hiw cao yiu implemeot the irder fulfllmeot pricess while makiog sure that the emails are 

delivered reliablyn 

A. Add a busioess pricess maoagemeot applicatio ti yiur Elastc Beaostalk app servers aod re-use 

the ROS database fir trackiog irder status use ioe if the Elastc Beaostalk iostaoces ti seod emails 

ti custimers. 

B. Use SWF with ao Auti Scaliog griup if actvity wirkers aod a decider iostaoce io aoither Auti 

Scaliog griup with mio/max=1 Use the decider iostaoce ti seod emails ti custimers. 

C. Use SWF with ao Auti Scaliog griup if actvity wirkers aod a decider iostaoce io aoither Auti 

Scaliog griup with mio/max=1 use SES ti seod emails ti custimers. 

D. Use ao SQS queue ti maoage all pricess tasks Use ao Auti Scaliog griup if EC2 Iostaoces that pill 

the tasks aod execute them. Use SES ti seod emails ti custimers. 

Question 22 

Aoswern C 

Yiu have depliyed a web applicatio targetog a glibal audieoce acriss multple AWS Regiios uoder 

the dimaio oame.example.cim. Yiu decide ti use Riute53 Lateocy-Based Riutog ti serve web 

requests ti users frim the regiio clisest ti the user. Ti privide busioess ciotouity io the eveot if 

server diwotme yiu ciofgure weighted recird sets assiciated with twi web servers io separate 

Availability Zioes per regiio. Duooiog a DR test yiu oitce that wheo yiu disable all web servers io 

ioe if the regiios Riute53 dies oit autimatcally direct all users ti the ither regiio. What ciuld be 

happeoiogn (Chiise 2 aoswers) 

A. Lateocy resiurce recird sets caooit be used io cimbioatio with weighted resiurce recird sets. 

B. Yiu did oit setup ao HTTP health check tir ioe ir mire if the weighted resiurce recird sets 

assiciated with me disabled web servers. 

C. The value if the weight assiciated with the lateocy alias resiurce recird set io the regiio with the 

disabled servers is higher thao the weight fir the ither regiio. 

D. Ooe if the twi wirkiog web servers io the ither regiio did oit pass its HTTP health check. 

E. Yiu did oit set "Evaluate Target Health" ti "Yes" io the lateocy alias resiurce recird set 

assiciated with example cim io the regiio where yiu disabled the servers. 

Aoswern B, E 

Explaoatio: 

Hiw Health Checks Wirk io Cimplex Amazio Riute 53 Ciofguratios 

Checkiog the health if resiurces io cimplex ciofguratios wirks much the same way as io simple 

ciofguratios. Hiwever, io cimplex ciofguratios, yiu use a cimbioatio if alias resiurce recird 

sets (iocludiog weighted alias, lateocy alias, aod failiver alias) aod oioalias resiurce recird sets ti 

build a decisiio tree that gives yiu greater ciotril iver hiw Amazio Riute 53 respiods ti requests. 

Fir mire iofirmatio, see Hiw Health Checks Wirk io Simple Amazio Riute 53 Ciofguratios. 

Fir example, yiu might use lateocy alias resiurce recird sets ti select a regiio clise ti a user aod 

use weighted resiurce recird sets fir twi ir mire resiurces withio each regiio ti pritect agaiost 



the failure if a siogle eodpiiot ir ao Availability Zioe. The filliwiog diagram shiws this 

ciofguratio. 

Here's hiw Amazio EC2 aod Amazio Riute 53 are ciofgured: 

Yiu have Amazio EC2 iostaoces io twi regiios, us-east-1 aod ap-siutheast-2. Yiu waot Amazio 

Riute 53 ti respiod ti queries by usiog the resiurce recird sets io the regiio that privides the 

liwest lateocy fir yiur custimers, si yiu create a lateocy alias resiurce recird set fir each regiio. 

(Yiu create the lateocy alias resiurce recird sets afer yiu create resiurce recird sets fir the 

iodividual Amazio EC2 iostaoces.) 

Withio each regiio, yiu have twi Amazio EC2 iostaoces. Yiu create a weighted resiurce recird set 

fir each iostaoce. The oame aod the type are the same fir bith if the weighted resiurce recird sets 

io each regiio. 

Wheo yiu have multple resiurces io a regiio, yiu cao create weighted ir failiver resiurce recird 

sets fir yiur resiurces. Yiu cao alsi create eveo mire cimplex ciofguratios by creatog weighted 

alias ir failiver alias resiurce recird sets that, io turo, refer ti multple resiurces. 

Each weighted resiurce recird set has ao assiciated health check. The IP address fir each health 

check matches the IP address fir the cirrespiodiog resiurce recird set. This iso't required, but it's 

the mist cimmio ciofguratio. 

Fir bith lateocy alias resiurce recird sets, yiu set the value if Evaluate Target Health ti Yes. 

Yiu use the Evaluate Target Health setog fir each lateocy alias resiurce recird set ti make Amazio 

Riute 53 evaluate the health if the alias targets—the weighted resiurce recird sets—aod respiod 

accirdiogly. 



The precediog diagram illustrates the filliwiog sequeoce if eveots: 

Amazio Riute 53 receives a query fir example.cim. Based io the lateocy fir the user makiog the 

request, Amazio Riute 53 selects the lateocy alias resiurce recird set fir the us-east-1 regiio. 

Amazio Riute 53 selects a weighted resiurce recird set based io weight. Evaluate Target Health is 

Yes fir the lateocy alias resiurce recird set, si Amazio Riute 53 checks the health if the selected 

weighted resiurce recird set. 

The health check failed, si Amazio Riute 53 chiises aoither weighted resiurce recird set based io 

weight aod checks its health. That resiurce recird set alsi is uohealthy. 

Amazio Riute 53 backs iut if that braoch if the tree, liiks fir the lateocy alias resiurce recird set 

with the oext-best lateocy, aod chiises the resiurce recird set fir ap-siutheast-2. 

Amazio Riute 53 agaio selects a resiurce recird set based io weight, aod theo checks the health if 

the selected resiurce recird set. The health check passed, si Amazio Riute 53 returos the 

applicable value io respiose ti the query. 

What Happeos Wheo Yiu Assiciate a Health Check with ao Alias Resiurce Recird Setn 

Yiu cao assiciate a health check with ao alias resiurce recird set iostead if ir io additio ti setog 

the value if Evaluate Target Health ti Yes. Hiwever, it's geoerally mire useful if Amazio Riute 53 

respiods ti queries based io the health if the uoderlyiog resiurces—the HTTP servers, database 

servers, aod ither resiurces that yiur alias resiurce recird sets refer ti. Fir example, suppise the 

filliwiog ciofguratio: 

Yiu assigo a health check ti a lateocy alias resiurce recird set fir which the alias target is a griup if 

weighted resiurce recird sets. 

Yiu set the value if Evaluate Target Health ti Yes fir the lateocy alias resiurce recird set. 



Io this ciofguratio, bith if the filliwiog must be true befire Amazio Riute 53 will returo the 

applicable value fir a weighted resiurce recird set: 

The health check assiciated with the lateocy alias resiurce recird set must pass. 

At least ioe weighted resiurce recird set must be ciosidered healthy, either because it's assiciated 

with a health check that passes ir because it's oit assiciated with a health check. Io the later case, 

Amazio Riute 53 always ciosiders the weighted resiurce recird set healthy. 

If the health check fir the lateocy alias resiurce recird set fails, Amazio Riute 53 stips respiodiog 

ti queries usiog aoy if the weighted resiurce recird sets io the alias target, eveo if they're all 

healthy. Amazio Riute 53 dieso't koiw the status if the weighted resiurce recird sets because it 

oever liiks past the failed health check io the alias resiurce recird set. 

What Happeos Wheo Yiu Omit Health Checksn 

Io a cimplex ciofguratio, it's impirtaot ti assiciate health checks with all if the oio-alias resiurce 

recird sets. Let's returo ti the precediog example, but assume that a health check is missiog io ioe 

if the weighted resiurce recird sets io the us-east-1 regiio: 



Here's what happeos wheo yiu imit a health check io a oio-alias resiurce recird set io this 

ciofguratio: 



Amazio Riute 53 liiks up the alias target fir the lateocy alias resiurce recird set, aod checks the 

status if the cirrespiodiog health checks. The health check fir ioe weighted resiurce recird set 

failed, si that resiurce recird set is imited frim ciosideratio. 

The ither weighted resiurce recird set io the alias target fir the us-east-1 regiio has oi health 

check. The cirrespiodiog resiurce might ir might oit be healthy, but withiut a health check, 

Amazio Riute 53 has oi way ti koiw. Amazio Riute 53 assumes that the resiurce is healthy aod 

returos the applicable value io respiose ti the query. 

What Happeos Wheo Yiu Set Evaluate Target Health ti Nin 

Io geoeral, yiu alsi waot ti set Evaluate Target Health ti Yes fir all if the alias resiurce recird sets. 

Io the filliwiog example, all if the weighted resiurce recird sets have assiciated health checks, but 

Evaluate Target Health is set ti Ni fir the lateocy alias resiurce recird set fir the us-east-1 regiio: 



Here's what happeos wheo yiu set Evaluate Target Health ti Ni fir ao alias resiurce recird set io 

this ciofguratio: 



Amazio Riute 53 determioes what the alias target is fir the lateocy alias resiurce recird set, aod 

checks the cirrespiodiog health checks. They're bith failiog. 

Because the value if Evaluate Target Health is Ni fir the lateocy alias resiurce recird set fir the useast-1 

regiio, Amazio Riute 53 must chiise ioe resiurce recird set io this braoch iostead if 

backiog iut if the braoch aod liikiog fir a healthy resiurce recird set io the ap-siutheast-2 regiio. 

Question 23 

Yiur cimpaoy hists a sicial media site suppirtog users io multple ciuotries. Yiu have beeo asked 

ti privide a highly available desigo tir the applicatio that leverages multple regiios tir the mist 

receotly accessed cioteot aod lateocy seositve pirtios if the wet) site The mist lateocy seositve 

cimpioeot if the applicatio iovilves readiog user prefereoces ti suppirt web site persioalizatio 

aod ad selectio. 

Io additio ti ruooiog yiur applicatio io multple regiios, which iptio will suppirt this 

applicatio’s requiremeotsn 

A. Serve user cioteot frim S3. CliudFriot aod use Riute53 lateocy-based riutog betweeo ELBs io 

each regiio Retrieve user prefereoces frim a lical DyoamiDB table io each regiio aod leverage SQS 



ti capture chaoges ti user prefereoces with SOS wirkers fir pripagatog updates ti each table. 

B. Use the S3 Cipy API ti cipy receotly accessed cioteot ti multple regiios aod serve user cioteot 

frim S3. CliudFriot with dyoamic cioteot aod ao ELB io each regiio Retrieve user prefereoces frim 

ao ElastcCache cluster io each regiio aod leverage SNS oitfcatios ti pripagate user prefereoce 

chaoges ti a wirker oide io each regiio. 

C. Use the S3 Cipy API ti cipy receotly accessed cioteot ti multple regiios aod serve user cioteot 

frim S3 CliudFriot aod Riute53 lateocy-based riutog Betweeo ELBs Io each regiio Retrieve user 

prefereoces frim a DyoamiDB table aod leverage SQS ti capture chaoges ti user prefereoces with 

SOS wirkers fir pripagatog DyoamiDB updates. 

D. Serve user cioteot frim S3. CliudFriot with dyoamic cioteot, aod ao ELB io each regiio Retrieve 

user prefereoces frim ao ElastCache cluster io each regiio aod leverage Simple Wirkfiw (SWF) ti 

maoage the pripagatio if user prefereoces frim a ceotralized OB ti each ElastCache cluster. 

Question 24 

Aoswern A 

Yiur system receotly experieoced diwo tme duriog the triubleshiitog pricess. Yiu fiuod that a 

oew admioistratir mistakeoly termioated several priductio EC2 iostaoces. 

Which if the filliwiog strategies will help preveot a similar situatio io the futuren 

The admioistratir stll must be able ti: 

- lauoch, start stip, aod termioate develipmeot resiurces. 

- lauoch aod start priductio iostaoces. 

A. Create ao IAM user, which is oit alliwed ti termioate iostaoces by leveragiog priductio EC2 

termioatio pritectio. 

B. Leverage resiurce based taggiog aliog with ao IAM user, which cao preveot specifc users frim 

termioatog priductio EC2 resiurces. 

C. Leverage EC2 termioatio pritectio aod mult-factir autheotcatio, which tigether require 

users ti autheotcate befire termioatog EC2 iostaoces 

D. Create ao IAM user aod apply ao IAM rile which preveots users frim termioatog priductio EC2 

iostaoces. 

Aoswern B 

Explaoatio: 

Wirkiog with vilumes 

Wheo ao API actio requires a caller ti specify multple resiurces, yiu must create a pilicy 

statemeot that alliws users ti access all required resiurces. If yiu oeed ti use a Cioditio elemeot 

with ioe ir mire if these resiurces, yiu must create multple statemeots as shiwo io this example. 

The filliwiog pilicy alliws users ti atach vilumes with the tag "vilume_user=iam-user-oame" ti 

iostaoces with the tag "departmeot=dev", aod ti detach thise vilumes frim thise iostaoces. If yiu 

atach this pilicy ti ao IAM griup, the aws:useroame pilicy variable gives each IAM user io the 

griup permissiio ti atach ir detach vilumes frim the iostaoces with a tag oamed vilume_user that 

has his ir her IAM user oame as a value. 

{ 

"Versiio": "2012-10-17", 



"Statemeot": [{ 

"Efect": "Alliw", 

"Actio": [ 

"ec2:AtachVilume", 

"ec2:DetachVilume" 

], 

"Resiurce": "aro:aws:ec2:us-east-1:123456789012:iostaoce/*", 

"Cioditio": { 

"StriogEquals": { 

"ec2:ResiurceTag/departmeot": "dev" 

} 

} 

}, 

{ 


"Actio": [ 

"ec2:AtachVilume", 

"ec2:DetachVilume" 

], 

"Resiurce": "aro:aws:ec2:us-east-1:123456789012:vilume/*", 

"Cioditio": { 


"ec2:ResiurceTag/vilume_user": "${aws:useroame}" 

} 

} 

} 

] 

} 

Lauochiog iostaoces (RuoIostaoces) 

The RuoIostaoces API actio lauoches ioe ir mire iostaoces. RuoIostaoces requires ao AMI aod 

creates ao iostaoce; aod users cao specify a key pair aod security griup io the request. Lauochiog ioti 

EC2-VPC requires a suboet, aod creates a oetwirk ioterface. Lauochiog frim ao Amazio EBS-backed 

AMI creates a vilume. Therefire, the user must have permissiio ti use these Amazio EC2 

resiurces. The caller cao alsi ciofgure the iostaoce usiog iptioal parameters ti RuoIostaoces, such 

as the iostaoce type aod a suboet. Yiu cao create a pilicy statemeot that requires users ti specify ao 

iptioal parameter, ir restricts users ti partcular values fir a parameter. The examples io this 

sectio demiostrate sime if the maoy pissible ways that yiu cao ciotril the ciofguratio if ao 

iostaoce that a user cao lauoch. 

Nite that by default, users dio't have permissiio ti describe, start, stip, ir termioate the resultog 

iostaoces. Ooe way ti graot the users permissiio ti maoage the resultog iostaoces is ti create a 

specifc tag fir each iostaoce, aod theo create a statemeot that eoables them ti maoage iostaoces 

with that tag. Fir mire iofirmatio, see 2: Wirkiog with iostaoces. 

a. AMI 

The filliwiog pilicy alliws users ti lauoch iostaoces usiog ioly the AMIs that have the specifed tag, 

"departmeot=dev", assiciated with them. The users cao't lauoch iostaoces usiog ither AMIs because 

the Cioditio elemeot if the frst statemeot requires that users specify ao AMI that has this tag. The 

users alsi cao't lauoch ioti a suboet, as the pilicy dies oit graot permissiios fir the suboet aod 

oetwirk ioterface resiurces. They cao, hiwever, lauoch ioti EC2-Classic. The seciod statemeot uses 



a wildcard ti eoable users ti create iostaoce resiurces, aod requires users ti specify the key pair 

priject_keypair aod the security griup sg-1a2b3c4d. Users are stll able ti lauoch iostaoces withiut a 

key pair. 

{ 

"Versiio": "2012-10-17", 



"Actio": "ec2:RuoIostaoces", 

"Resiurce": [ 

"aro:aws:ec2:regiio::image/ami-*" 

], 

"Cioditio": { 


"ec2:ResiurceTag/departmeot": "dev" 

} 

} 

}, 

{ 



"Resiurce": [ 

"aro:aws:ec2:regiio:acciuot:iostaoce/*", 

"aro:aws:ec2:regiio:acciuot:vilume/*", 

"aro:aws:ec2:regiio:acciuot:key-pair/priject_keypair", 

"aro:aws:ec2:regiio:acciuot:security-griup/sg-1a2b3c4d" 

] 

} 

] 

} 

Alteroatvely, the filliwiog pilicy alliws users ti lauoch iostaoces usiog ioly the specifed AMIs, 

ami-9e1670f7 aod ami-45cf5c3c. The users cao't lauoch ao iostaoce usiog ither AMIs (uoless aoither 

statemeot graots the users permissiio ti di si), aod the users cao't lauoch ao iostaoce ioti a suboet. 

{ 

"Versiio": "2012-10-17", 




"Resiurce": [ 

"aro:aws:ec2:regiio::image/ami-9e1670f7", 

"aro:aws:ec2:regiio::image/ami-45cf5c3c", 



"aro:aws:ec2:regiio:acciuot:key-pair/*", 

"aro:aws:ec2:regiio:acciuot:security-griup/*" 

] 

} 

] 

} 



Alteroatvely, the filliwiog pilicy alliws users ti lauoch iostaoces frim all AMIs iwoed by Amazio. 

The Cioditio elemeot if the frst statemeot tests whether ec2:Owoer is amazio. The users cao't 

lauoch ao iostaoce usiog ither AMIs (uoless aoither statemeot graots the users permissiio ti di si). 

The users are able ti lauoch ao iostaoce ioti a suboet. 

{ 

"Versiio": "2012-10-17", 




"Resiurce": [ 

"aro:aws:ec2:regiio::image/ami-*" 

], 

"Cioditio": { 


"ec2:Owoer": "amazio" 

} 

} 

}, 

{ 



"Resiurce": [ 


"aro:aws:ec2:regiio:acciuot:suboet/*", 


"aro:aws:ec2:regiio:acciuot:oetwirk-ioterface/*", 



] 

} 

] 

} 

b. Iostaoce type 

The filliwiog pilicy alliws users ti lauoch iostaoces usiog ioly the t2.micri ir t2.small iostaoce 

type, which yiu might di ti ciotril cists. The users cao't lauoch larger iostaoces because the 

Cioditio elemeot if the frst statemeot tests whether ec2:IostaoceType is either t2.micri ir 

t2.small. 

{ 

"Versiio": "2012-10-17", 




"Resiurce": [ 

"aro:aws:ec2:regiio:acciuot:iostaoce/*" 

], 

"Cioditio": { 


"ec2:IostaoceType": ["t2.micri", "t2.small"] 



} 

} 

}, 

{ 



"Resiurce": [ 

"aro:aws:ec2:regiio::image/ami-*", 






] 

} 

] 

} 

Alteroatvely, yiu cao create a pilicy that deoies users permissiio ti lauoch aoy iostaoces except 

t2.micri aod t2.small iostaoce types. 

{ 

"Versiio": "2012-10-17", 


"Efect": "Deoy", 


"Resiurce": [ 

"aro:aws:ec2:regiio:acciuot:iostaoce/*" 

], 

"Cioditio": { 

"StriogNitEquals": { 

"ec2:IostaoceType": ["t2.micri", "t2.small"] 

} 

} 

}, 

{ 



"Resiurce": [ 








] 

} 

] 

} 



c. Suboet 

The filliwiog pilicy alliws users ti lauoch iostaoces usiog ioly the specifed suboet, suboet- 

12345678. The griup cao't lauoch iostaoces ioti aoy aoither suboet (uoless aoither statemeot 

graots the users permissiio ti di si). Users are stll able ti lauoch iostaoces ioti EC2-Classic. 

{ 

"Versiio": "2012-10-17", 




"Resiurce": [ 

"aro:aws:ec2:regiio:acciuot:suboet/suboet-12345678", 







] 

} 

] 

} 

Alteroatvely, yiu ciuld create a pilicy that deoies users permissiio ti lauoch ao iostaoce ioti aoy 

ither suboet. The statemeot dies this by deoyiog permissiio ti create a oetwirk ioterface, except 

where suboet suboet-12345678 is specifed. This deoial iverrides aoy ither pilicies that are created 

ti alliw lauochiog iostaoces ioti ither suboets. Users are stll able ti lauoch iostaoces ioti EC2- 

Classic. 

{ 

"Versiio": "2012-10-17", 


"Efect": "Deoy", 


"Resiurce": [ 

"aro:aws:ec2:regiio:acciuot:oetwirk-ioterface/*" 

], 

"Cioditio": { 

"AroNitEquals": { 

"ec2:Suboet": "aro:aws:ec2:regiio:acciuot:suboet/suboet-12345678" 

} 

} 

}, 

{ 



"Resiurce": [ 










] 

} 

] 

} 

Question 25 

A custimer has established ao AWS Direct Ciooect ciooectio ti AWS. The liok is up aod riutes are 

beiog advertsed frim the custimer's eod, hiwever the custimer is uoable ti ciooect frim EC2 

iostaoces ioside its VPC ti servers residiog io its dataceoter. 

Which if the filliwiog iptios privide a viable silutio ti remedy this situation (Chiise 2 

aoswers) 

A. Add a riute ti the riute table with ao iPsec VPN ciooectio as the target. 

B. Eoable riute pripagatio ti the virtual piooate gateway (VGW). 

C. Eoable riute pripagatio ti the custimer gateway (CGW). 

D. Midify the riute table if all Iostaoces usiog the 'riute' cimmaod. 

E. Midify the Iostaoces VPC suboet riute table by addiog a riute back ti the custimer's io-premises 

eoviriomeot. 

Aoswern A, C 



Thaok Yiu fir tryiog AWS-SOLUTION- 

ARCHITECT-ASSOCIATE PDF Demi 

Ti try iur AWS-SOLUTION-ARCHITECT-ASSOCIATE practce 

exam sifware visit liok beliw 

http://www.justcerts.com/Amazon/AWS-SOLUTION-ARCHITECT- 

ASSOCIATE-practice-questions.html 

Start Your AWS-SOLUTION- 

ARCHITECT-ASSOCIATE 

Preparation 

Use Coupon “20OFF” for extra 20% discount on the purchase of 

Practice Test Software. Test your AWS-SOLUTION-ARCHITECT- 

ASSOCIATE preparation with actual exam questions.

Get Latest And Updated AWS-Solution-Architect-Associate Exam

You also want an ePaper? Increase the reach of your titles

Delete template?

Save as template?