A company is running a workload that consists of thousands of Amazon EC2 instances. The workload is running in a VPC that contains several public subnets and private subnets.The public subnets have a route for 0.0.0.0/0 to an existing internet gateway. The private subnets have a route for 0.0.0.0/0 to an existing NAT gateway. A solutions architect needs to migrate the entire fleet of EC2 instances to use IPv6. The EC2 instances that are in private subnets must not be accessible from the public internet. What should the solutions architect do to meet these requirements?
A. Update the existing VPC, and associate a custom IPv6 CIDR block with the VPC and allsubnets. Update all the VPC route tables, and add a route for ::/0 to the internet gateway.
B. Update the existing VPC, and associate an Amazon-provided IPv6 CIDR block with theVPC and all subnets. Update the VPC route tables for all private subnets, and add a routefor ::/0 to the NAT gateway.
C. Update the existing VPC, and associate an Amazon-provided IPv6 CIDR block with theVPC and all subnets. Create an egress-only internet gateway. Update the VPC route tablesfor all private subnets, and add a route for ::/0 to the egress-only internet gateway.
D. Update the existing VPC, and associate a custom IPv6 CIDR block with the VPC and allsubnets. Create a new NAT gateway, and enable IPv6 support. Update the VPC routetables for all private subnets, and add a route for ::/0 to the IPv6-enabled NAT gateway.
A solutions architect is reviewing an application's resilience before launch. The application runs on an Amazon EC2 instance that is deployed in a private subnet of a VPC. The EC2 instance is provisioned by an Auto Scaling group that has a minimum capacity of I and a maximum capacity of I. The application stores data on an Amazon RDS for MySQL DB instance. The VPC has subnets configured in three Availability Zones and is configured with a single NAT gateway. The solutions architect needs to recommend a solution to ensure that the application will operate across multiple Availability Zones. Which solution will meet this requirement?
A. Deploy an additional NAT gateway in the other Availability Zones. Update the routetables with appropriate routes. Modify the RDS for MySQL DB instance to a Multi-AZconfiguration. Configure the Auto Scaling group to launch instances across AvailabilityZones. Set the minimum capacity and maximum capacity of the Auto Scaling group to 3.
B. Replace the NAT gateway with a virtual private gateway. Replace the RDS for MySQLDB instance with an Amazon Aurora MySQL DB cluster. Configure the Auto Scaling groupto launch instances across all subnets in the VPC. Set the minimum capacity andmaximum capacity of the Auto Scaling group to 3.
C. Replace the NAT gateway with a NAT instance. Migrate the RDS for MySQL DBinstance to an RDS for PostgreSQL DB instance. Launch a new EC2 instance in the otherAvailability Zones.
D. Deploy an additional NAT gateway in the other Availability Zones. Update the route tables with appropriate routes. Modify the RDS for MySQL DB instance to turn onautomatic backups and retain the backups for 7 days. Configure the Auto Scaling group tolaunch instances across all subnets in the VPC. Keep the minimum capacity and themaximum capacity of the Auto Scaling group at 1.
A company is running an application on premises. The application uses a set of web servers that host a static React-based single-page application (SPA), a Node.js API, and a MYSQL database server. The database is read intensive. The company will need to expand the database's storage at an unpredictable rate. The company must migrate the application to AWS. The company also must modernize the architecture to reduce infrastructure management and increase scalability. Which solution will meet these requirements with the LEAST operational overhead?
A. Use AWS Database Migration Service (AWS DMS) to migrate the database to AmazonRDS for MySQL. Use AWS Application Migration Service to migrate the web application toa fleet of Amazon EC2 instances behind an Elastic Load Balancing (ELB) load balancer.Use a Spot Fleet with a request type of request to host the API.
B. Use AWS Database Migration Service (AWS DMS) to migrate the database to AmazonAurora MySQL. Copy the web files to an Amazon S3 bucket and set up web hosting. Copythe API code to AWS Lambda functions. Configure Amazon API Gateway to point to theLambda functions.
C. Use AWS Database Migration Service (AWS DMS) to migrate the database to a MySQLdatabase that runs on Amazon EC2 instances. Use AWS DataSync to migrate the web files and API files to an Amazon FSx for Windows File Server file system. Set up a fleet of EC2instances in an Auto Scaling group as web servers. Mount the FSx for Windows File Serverfile system.
D. Use AWS Application Migration Service to migrate the database to Amazon EC2instances. Copy the web files to containers that run on Amazon Elastic Kubernetes Service(Amazon EKS). Set up an Elastic Load Balancing (ELB) load balancer for the EC2instances and EKS containers. Copy the API code to AWS Lambda functions. ConfigureAmazon API Gateway to point to the Lambda functions.
A company has AWS accounts that are in an organization in AWS rganizations. The company wants to track Amazon EC2 usage as a metric. The company's architecture team must receive a daily alert if the EC2 usage is more than 10% higher than the average EC2 usage from the last 30 days. Which solution will meet these requirements?
A. Configure AWS Budgets in the organization's management account. Specify a usagetype of EC2 running hours. Specify a daily period. Set the budget amount to be 10% morethan the reported average usage for the last 30 days from AWS Cost Explorer.
B. Configure an alert to notify the architecture team if the usage threshold is met. ConfigureAWS Cost Anomaly Detection in the organization's management account. Configure amonitor type of AWS Service. Apply a filter of Amazon EC2. Configure an alert subscriptionto notify the architecture team if the usage is 10% more than the average usage for the last30 days.
C. Enable AWS Trusted Advisor in the organization's management account. Configure acost optimization advisory alert to notify the architecture team if the EC2 usage is 10%more than the reported average usage for the last 30 days.
D. Configure Amazon Detective in the organization's management account. Configure anEC2 usage anomaly alert to notify the architecture team if Detective identifies a usageanomaly of more than 10%.
A solutions architect must update an application environment within AWS Elastic Beanstalk using a blue/green deployment methodology The solutions architect creates an environment that is identical to the existing application environment and deploys the application to the new environment. What should be done next to complete the update?
A. Redirect to the new environment using Amazon Route 53
B. Select the Swap Environment URLs option
C. Replace the Auto Scaling launch configuration
D. Update the DNS records to point to the green environment
A solutions architect works for a government agency that has strict disaster recovery requirements. All Amazon Elastic Block Store (Amazon EBS) snapshots are required to be saved in at least two additional AWS Regions. The agency also is required to maintain the lowest possible operational overhead. Which solution meets these requirements?
A. Configure a policy in Amazon Data Lifecycle Manager (Amazon DLM) to run once dailyto copy the EBS snapshots to the additional Regions.
B. Use Amazon EventBridge (Amazon CloudWatch Events) to schedule an AWS Lambdafunction to copy the EBS snapshots to the additional Regions.
C. Set up AWS Backup to create the EBS snapshots. Configure Amazon S3 cross-Regionreplication to copy the EBS snapshots to the additional Regions.
D. Schedule Amazon EC2 Image Builder to run once daily to create an AMI and copy theAMI to the additional Regions
A software as a service (SaaS) company uses AWS to host a service that is powered by AWS PrivateLink. The service consists of proprietary software that runs on three Amazon EC2 instances behind a Network Load Balancer (NL B). The instances are in private subnets in multiple Availability Zones in the eu-west-2 Region. All the company's customers are in eu-west-2. However, the company now acquires a new customer in the us-east-I Region. The company creates a new VPC and new subnets in us-east-I. The company establishes inter-Region VPC peering between the VPCs in the two Regions. The company wants to give the new customer access to the SaaS service, but the company does not want to immediately deploy new EC2 resources in us-east-I Which solution will meet these requirements?
A. Configure a PrivateLink endpoint service in us-east-I to use the existing NL B that is ineu-west-2. Grant specific AWS accounts access to connect to the SaaS service.
B. Create an NL B in us-east-I . Create an IP target group that uses the IP addresses of thecompany's instances in eu-west-2 that host the SaaS service. Configure a PrivateLinkendpoint service that uses the NLB that is in us-east-I . Grant specific AWS accountsaccess to connect to the SaaS service.
C. Create an Application Load Balancer (ALB) in front of the EC2 instances in eu-west-2.Create an NLB in us-east-I . Associate the NLB that is in us-east-I with an ALB target groupthat uses the ALB that is in eu-west-2. Configure a PrivateLink endpoint service that usesthe NLB that is in us-east-I . Grant specific AWS accounts access to connect to the SaaSservice.
D. Use AWS Resource Access Manager (AWS RAM) to share the EC2 instances that arein eu-west-2. In us-east-I , create an NLB and an instance target group that includes theshared EC2 instances from eu-west-2. Configure a PrivateLink endpoint service that usesthe NL B that is in us-east-I. Grant specific AWS accounts access to connect to the SaaSservice.
A company operates a fleet of servers on premises and operates a fleet of Amazon EC2 instances in its organization in AWS Organizations. The company's AWS accounts contain hundreds of VPCs. The company wants to connect its AWS accounts to its on-premises network. AWS Site-to-Site VPN connections are already established to a single AWS account. The company wants to control which VPCs can communicate with other VPCs. Which combination of steps will achieve this level of control with the LEAST operational effort? (Choose three.)
A. Create a transit gateway in an AWS account. Share the transit gateway across accountsby using AWS Resource Access Manager (AWS RAM).
B. Configure attachments to all VPCs and VPNs.
C. Set up transit gateway route tables. Associate the VPCs and VPNs with the route tables.
D. Configure VPC peering between the VPCs.
E. Configure attachments between the VPCs and VPNs.
F. Set up route tables on the VPCs and VPNs.
A company wants to use Amazon S3 to back up its on-premises file storage solution. The company's on-premises file storage solution supports NFS, and the company wants its new solution to support NFS. The company wants to archive the backup files after 5 days. If the company needs archived files for disaster recovery, the company is willing to wait a few days for the retrieval of those files. Which solution meets these requirements MOST cost-effectively?
A. Deploy an AWS Storage Gateway files gateway that is associated with an S3 bucket.Move the files from the on-premises file storage solution to the file gateway. Create an S3Lifecycle rule to move the file to S3 Standard-Infrequent Access (S3 Standard-IA) after 5days.
B. Deploy an AWS Storage Gateway volume gateway that is associated with an S3 bucket.Move the files from the on-premises file storage solution to the volume gateway. Create anS3 Lifecycle rule to move the files to S3 Glacier Deep Archive after 5 days.
C. Deploy an AWS Storage Gateway tape gateway that is associated with an S3 bucket.Move the files from the on-premises file storage solution to the tape gateway. Create an S3Lifecycle rule to move the files to S3 Standard-Infrequent Access (S3 Standard-IA) after 5days.
D. Deploy an AWS Storage Gateway file gateway that is associated with an S3 bucket. Move the files from the on-premises file storage solution to the tape gateway. Create an S3Lifecycle rule to move the files to S3 Standard-Infrequent Access (S3 Standard-IA) after 5days.
E. Deploy an AWS Storage Gateway file gateway that is associated with an S3 bucket.Move the files from the on-premises file storage solution to the file gateway. Create an S3Lifecycle rule to move the files to S3 Glacier Deep Archive after 5 days.
A company operates quick-service restaurants. The restaurants follow a predictable model with high sales traffic for 4 hours daily Sales traffic is lower outside of those peak hours. The point of sale and management platform is deployed in the AWS Cloud and has a backend that is based on Amazon DynamoDB. The database table uses provisioned throughput mode with 100.000 RCUs and 80.000 WCUs to match known peak resource consumption. The company wants to reduce its DynamoDB cost and minimize the operational overhead for the IT staff. Which solution meets these requirements MOST cost-effectively?
A. Reduce the provisioned RCUs and WCUs
B. Change the DynamoDB table to use on-demand capacity.
C. Enable Dynamo DB auto scaling tor the table
D. Purchase 1-year reserved capacity that is sufficient to cover the peak load for 4 hourseach day