Correct Answer: C

Copying a snapshot to a new Region is commonly used for geographic expansion, migration, disaster recovery, etc.

EBS snapshots' lifecycle policies contain some rules. One of the rules is that when you copy a policy's snapshot, the new copy is not influenced by the retention schedule.

• Option A is incorrect because the copied snapshots will be kept.

• Option B is incorrect because no matter whether the copied snapshots are in the same region or not, they can be retained.

• Option C is CORRECT because the new snapshots are not affected by the original policy.

• Option D is incorrect because there is no delete protection option for snapshots.

Reference:

• https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/snapshot-lifecycle.html

Correct Answer: A

To use AWS PrivateLink, an interface VPC endpoint for a service in the VPC is required.

Option A is CORRECT: Because the interface VPC endpoint is essential to establish a secure connection to the private link.

• Option B is incorrect: Because a site-to-site VPN connection is used for the VPN connection between AWS and the on-premise data center which is not suitable for this case.

• Option C is incorrect: Because it should be an interface VPC endpoint rather than a gateway VPC endpoint. Secondly, the IP address in the elastic network interface should be private instead of elastic.

• Option D is incorrect: Because an AWS Direct Connect connection is for the private connection between an on-premise server and AWS VPC. However, this question asks for a solution to communicate between the SaaS and AWS VPC.

• Details can be checked in the AWS document https://docs.aws.amazon.com/vpc/latest/userguide/endpoint-services-overview.html

Correct Answer: D

• Option A is incorrect because S3 is not ideal for handling huge amounts of real-time requests.

• Option B is incorrect because Amazon Cognito is not suitable for handling real-time data.

• Option C is incorrect because DynamoDB is not suitable for data ingestion and handling.

• Option D is CORRECT because the requirement is real-time data ingestion and analytics. The best option is to use Kinesis for storing real-time incoming data. The data can then be moved to S3 and then analyzed using EMR and Redshift. Data can then be moved to Glacier for archival.

More information about the use of Amazon Kinesis:

Amazon Kinesis is a platform for streaming data on AWS, making it easy to load and analyze streaming data, and also providing the ability for you to build custom streaming data applications for specialized needs.

• Use Amazon Kinesis Streams to collect and process large streams of data records in real-time.

• Use Amazon Kinesis Firehose to deliver real-time streaming data to destinations such as Amazon S3 and Amazon Redshift.

• Use Amazon Kinesis Analytics to process and analyze streaming data with standard SQL.

More information about the use of Amazon Cognito:

Amazon Cognito lets you easily add user sign-up and sign-in and manage permissions for your mobile and web apps. You can create your own user directory within Amazon Cognito, or you can authenticate users through social identity providers such as Facebook, Twitter, or Amazon; with SAML identity solutions; or by using your own identity system. In addition, Amazon Cognito enables you to save data locally on users' devices, allowing your applications to work even when the devices are offline. You can then synchronize data across users' devices so that their app experience remains consistent regardless of the device they use.

Prev

Correct Answer: B

• Option​ ​A is ​incorrect because the application should use the new endpoint of the promoted Aurora DB cluster in us-east-1. Please check https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/aurora-global-database-disaster-recovery.html#aurora-global-database-failover for the details.

• Option​ B is​ CORRECT because detaching the secondary DB cluster immediately stops the replication and promotes it to be a standalone DB cluster with full read/write capabilities. Reconfiguring the endpoint makes sure that the application uses the correct Aurora DB cluster.

• Option​ ​C ​is​ ​incorrect because it should not add the AWS region us-west-2 back as the secondary region as there is an outage in us-west-2. It may cause the global database to fail synchronization or replication.

• Option​ ​D ​is​ ​incorrect because restoring the database from the latest DB snapshot does not perform a cross-region failover. With this option, the global database will still have the outage in the primary us-west-2 region.

Reference:

• https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/aurora-global-database-disaster-recovery.html#aurora-global-database-failover

Correct Answer: B

As per AWS documentation:

You can use intrinsic functions only in specific parts of a template. Currently, you can use intrinsic functions in resource properties, outputs, metadata attributes, and update policy attributes. You can also use intrinsic functions to create stack resources conditionally.

• Hence, B is the correct answer.

For more information on intrinsic function, please refer to the below link.

• http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/intrinsic-function-reference.html