A company wants to migrate its on-premises data center to the AWS Cloud. This includes thousands of virtualized Linux and Microsoft Windows servers, SAN storage, Java and PHP applications with MYSQL, and Oracle databases. There are many dependent services hosted either in the same data center or externally. The technical documentation is incomplete and outdated. A solutions architect needs to understand the current environment and estimate the cloud resource costs after the migration. Which tools or services should solutions architect use to plan the cloud migration? (Choose three.)
A. AWS Application Discovery Service
B. AWS SMS
C. AWS x-Ray
D. AWS Cloud Adoption Readiness Tool (CART)
E. Amazon Inspector
F. AWS Migration Hub
A company runs many workloads on AWS and uses AWS Organizations to manage its accounts. The workloads are hosted on Amazon EC2. AWS Fargate. and AWS Lambda. Some of the workloads have unpredictable demand. Accounts record high usage in some months and low usage in other months. The company wants to optimize its compute costs over the next 3 years A solutions architect obtains a 6-month average for each of the accounts across the organization to calculate usage. Which solution will provide the MOST cost savings for all the organization's compute usage?
A. Purchase Reserved Instances for the organization to match the size and number of themost common EC2 instances from the member accounts.
B. Purchase a Compute Savings Plan for the organization from the management accountby using the recommendation at the management account level
C. Purchase Reserved Instances for each member account that had high EC2 usageaccording to the data from the last 6 months.
D. Purchase an EC2 Instance Savings Plan for each member account from the management account based on EC2 usage data from the last 6 months.
A solutions architect is determining the DNS strategy for an existing VPC. The VPC is provisioned to use the 10.24.34.0/24 CIDR block. The VPC also uses Amazon Route 53 Resolver for DNS. New requirements mandate that DNS queries must use private hosted zones. Additionally, instances that have public IP addresses must receive corresponding public hostnames. Which solution will meet these requirements to ensure that the domain names are correctly resolved within the VPC?
A. Create a private hosted zone. Activate the enableDnsSupport attribute and theenableDnsHostnames attribute for the VPC. Update the VPC DHCP options set to includedomain-name-servers-10.24.34.2.
B. Create a private hosted zone. Associate the private hosted zone with the VPC. Activatethe enableDnsSupport attribute and the enableDnsHostnames attribute for the VPC.Create a new VPC DHCP options set, and configure domain-nameservers=AmazonProvidedDNS. Associate the new DHCP options set with the VPC.
C. Deactivate the enableDnsSupport attribute for the VPC. Activate theenableDnsHostnames attribute for the VPC. Create a new VPC DHCP options set, andconfigure domain-name-servers=10.24.34.2. Associate the new DHCP options set with theVPC.
D. Create a private hosted zone. Associate the private hosted zone with the VPC. Activatethe enableDnsSupport attribute for the VPC. Deactivate the enableDnsHostnames attributefor the VPC. Update the VPC DHCP options set to include domain-nameservers=AmazonProvidedDNS.
A large company is migrating ils entire IT portfolio to AWS. Each business unit in the company has a standalone AWS account that supports both development and test environments. New accounts to support production workloads will be needed soon. The finance department requires a centralized method for payment but must maintain visibility into each group's spending to allocate costs. The security team requires a centralized mechanism to control 1AM usage in all the company's accounts. What combination of the following options meet the company's needs with the LEAST effort? (Select TWO.)
A. Use a collection of parameterized AWS CloudFormation templates defining common1AM permissions that are launched into each account. Require all new and existingaccounts to launch the appropriate stacks to enforce the least privilege model.
B. Use AWS Organizations to create a new organization from a chosen payer account anddefine an organizational unit hierarchy. Invite the existing accounts to join the organizationand create new accounts using Organizations.
C. Require each business unit to use its own AWS accounts. Tag each AWS account appropriately and enable Cost Explorer to administer chargebacks.
D. Enable all features of AWS Organizations and establish appropriate service controlpolicies that filter 1AM permissions for sub-accounts.
E. Consolidate all of the company's AWS accounts into a single AWS account. Use tags forbilling purposes and the lAM's Access Advisor feature to enforce the least privilege model.
An enterprise company is building an infrastructure services platform for its users. The company has the following requirements: Provide least privilege access to users when launching AWS infrastructure so users cannot provision unapproved services. Use a central account to manage the creation of infrastructure services. Provide the ability to distribute infrastructure services to multiple accounts in AWS Organizations. Provide the ability to enforce tags on any infrastructure that is started by users. Which combination of actions using AWS services will meet these requirements? (Choose three.)
A. Develop infrastructure services using AWS Cloud Formation templates. Add thetemplates to a central Amazon S3 bucket and add the-IAM roles or users that requireaccess to the S3 bucket policy.
B. Develop infrastructure services using AWS Cloud Formation templates. Upload eachtemplate as an AWS Service Catalog product to portfolios created in a central AWSaccount. Share these portfolios with the Organizations structure created for the company.
C. Allow user IAM roles to have AWSCloudFormationFullAccess andAmazonS3ReadOnlyAccess permissions. Add an Organizations SCP at the AWS accountroot user level to deny all services except AWS CloudFormation and Amazon S3.
D. Allow user IAM roles to have ServiceCatalogEndUserAccess permissions only. Use anautomation script to import the central portfolios to local AWS accounts, copy theTagOption assign users access and apply launch constraints.
E. Use the AWS Service Catalog TagOption Library to maintain a list of tags required bythe company. Apply the TagOption to AWS Service Catalog products or portfolios.
F. Use the AWS CloudFormation Resource Tags property to enforce the application of tagsto any CloudFormation templates that will be created for users.
A company is migrating a legacy application from an on-premises data center to AWS. The application consists of a single application server and a Microsoft SQL Server database server. Each server is deployed on a VMware VM that consumes 500 TB of data across multiple attached volumes. The company has established a 10 Gbps AWS Direct Connect connection from the closest AWS Region to its on-premises data center. The Direct Connect connection is not currently in use by other services. Which combination of steps should a solutions architect take to migrate the application with the LEAST amount of downtime? (Choose two.)
A. Use an AWS Server Migration Service (AWS SMS) replication job to migrate thedatabase server VM to AWS.
B. Use VM Import/Export to import the application server VM.
C. Export the VM images to an AWS Snowball Edge Storage Optimized device.
D. Use an AWS Server Migration Service (AWS SMS) replication job to migrate theapplication server VM to AWS.
E. Use an AWS Database Migration Service (AWS DMS) replication instance to migratethe database to an Amazon RDS DB instance.
A company has an application that uses an Amazon Aurora PostgreSQL DB cluster for the application's database. The DB cluster contains one small primary instance and three larger replica instances. The application runs on an AWS Lambda function. The application makes many short-lived connections to the database's replica instances to perform readonly operations. During periods of high traffic, the application becomes unreliable and the database reports that too many connections are being established. The frequency of high-traffic periods is unpredictable. Which solution will improve the reliability of the application?
A. Use Amazon RDS Proxy to create a proxy for the DB cluster. Configure a read-onlyendpoint for the proxy. Update the Lambda function to connect to the proxy endpoint.
B. Increase the max_connections setting on the DB cluster's parameter group. Reboot allthe instances in the DB cluster. Update the Lambda function to connect to the DB clusterendpoint.
C. Configure instance scaling for the DB cluster to occur when the DatabaseConnectionsmetric is close to the max _ connections setting. Update the Lambda function to connect tothe Aurora reader endpoint.
D. Use Amazon RDS Proxy to create a proxy for the DB cluster. Configure a read-onlyendpoint for the Aurora Data API on the proxy. Update the Lambda function to connect tothe proxy endpoint.
A company is planning to migrate its on-premises transaction-processing application to AWS. The application runs inside Docker containers that are hosted on VMS in the company's data center. The Docker containers have shared storage where the application records transaction data. The transactions are time sensitive. The volume of transactions inside the application is unpredictable. The company must implement a low-latency storage solution that will automatically scale throughput to meet increased demand. The company cannot develop the application further and cannot continue to administer the Docker hosting environment. How should the company migrate the application to AWS to meet these requirements?
A. Migrate the containers that run the application to Amazon Elastic Kubernetes Service(Amazon EKS). Use Amazon S3 to store the transaction data that the containers share.
B. Migrate the containers that run the application to AWS Fargate for Amazon ElasticContainer Service (Amazon ECS). Create an Amazon Elastic File System (Amazon EFS)file system. Create a Fargate task definition. Add a volume to the task definition to point tothe EFS file system
C. Migrate the containers that run the application to AWS Fargate for Amazon ElasticContainer Service (Amazon ECS). Create an Amazon Elastic Block Store (Amazon EBS)volume. Create a Fargate task definition. Attach the EBS volume to each running task.
D. Launch Amazon EC2 instances. Install Docker on the EC2 instances. Migrate thecontainers to the EC2 instances. Create an Amazon Elastic File System (Amazon EFS) filesystem. Add a mount point to the EC2 instances for the EFS file system.
An online retail company is migrating its legacy on-premises .NET application to AWS. The application runs on load-balanced frontend web servers, load-balanced application servers, and a Microsoft SQL Server database. The company wants to use AWS managed services where possible and does not want to rewrite the application. A solutions architect needs to implement a solution to resolve scaling issues and minimize licensing costs as the application scales. Which solution will meet these requirements MOST cost-effectively?
A. Deploy Amazon EC2 instances in an Auto Scaling group behind an Application LoadBalancer for the web tier and for the application tier. Use Amazon Aurora PostgreSQL withBabelfish turned on to replatform the SOL Server database.
B. Create images of all the servers by using AWS Database Migration Service (AWSDMS). Deploy Amazon EC2 instances that are based on the on-premises imports. Deploythe instances in an Auto Scaling group behind a Network Load Balancer for the web tierand for the application tier. Use Amazon DynamoDB as the database tier.
C. Containerize the web frontend tier and the application tier. Provision an Amazon ElasticKubernetes Service (Amazon EKS) cluster. Create an Auto Scaling group behind aNetwork Load Balancer for the web tier and for the application tier. Use Amazon RDS forSOL Server to host the database.
D. Separate the application functions into AWS Lambda functions. Use Amazon APIGateway for the web frontend tier and the application tier. Migrate the data to Amazon S3.Use Amazon Athena to query the data.
A company is deploying a third-party web application on AWS. The application is packaged as a Docker image. The company has deployed the Docker image as an AWS Fargate service in Amazon Elastic Container Service (Amazon ECS). An Application Load Balancer (ALB) directs traffic to the application. The company needs to give only a specific list of users the ability to access the application from the internet. The company cannot change the application and cannot integrate the application with an identity provider. All users must be authenticated through multi-factor authentication (MFA). Which solution will meet these requirements?
A. Create a user pool in Amazon Cognito. Configure the pool for the application. Populatethe pool with the required users. Configure the pool to require MFA. Configure a listenerrule on the ALB to require authentication through the Amazon Cognito hosted UI.
B. Configure the users in AWS Identity and Access Management (IAM). Attach a resourcepolicy to the Fargate service to require users to use MFA. Configure a listener rule on theALB to require authentication through IAM.
C. Configure the users in AWS Identity and Access Management (IAM). Enable AWS IAMIdentity Center (AWS Single Sign-On). Configure resource protection for the ALB. Create a resource protection rule to require users to use MFA.
D. Create a user pool in AWS Amplify. Configure the pool for the application. Populate thepool with the required users. Configure the pool to require MFA. Configure a listener ruleon the ALB to require authentication through the Amplify hosted UI.