A company has hired an external vendor to perform work in the company's AWS account The vendor uses an automated tool that is hosted in an AWS account that the vendor owns The vendor does not have IAM access to the company's AWS account
How should a solutions architect grant this access to the vendor?
A company allows its developers to attach existing IAM policies to existing IAM roles to enable faster experimentation and agility. However, the security operations team is concerned that the developers could attach the existing administrator policy, which would allow the developers to circumvent any other security policies.
How should a solution architect address this issue?
A company is managing health records on-peruses. The company must keep these records Indefinitely, disable any modifications to the records once they are stored, and granularly audit access at all levels. The chief technology officer (CTO) is concerned because there are already millions of record not being used by any application, and the current infrastructure is running out of space. The CTO has requested solutions architect design a solution to move easting data and support future records.
Which services can the solutions architect recommend to meet these requirements?
A company has an application that runs on Amazon EC2 instances and uses an Amazon Aurora database. The EC2 instances connect to the database by using user names and passwords that are stored locally in a file. The company wants to minimize the operational overhead of credential management.
What should a solutions architect do to accomplish this goal?
A company is hosting its website by using Amazon EC2 instances behind an Elastic Load balancer across multiple Availability Zones. The instances run in an EC2 Scaling group. The website uses Amazon Elastic Block Store (Amazon EBS) volume to store product manuals for users to download. The company updates the product content often, so new instances launched by the Auto Scaling group often have data. It can take to 30 minutes for the new instances to receive all the updates. The updates also require the EBS volumes to be resized during business hours.
The company wants to ensure that the product manuals are always up to data on all instances and that the architecture adjusts quickly to increased user demand. A solutions architect needs to meet these requirements without causing the company lo update Its application code or adjust its website
What should the solutions architect do to accomplish this goal?
A company has a business-critical application that runs on Amazon bC2 instances. The application stores data m an Amazon DynamoDB table. The company must be able to revert the table to any point within the last 24 hours. Which solution meets these requirements with the LEAST operational overhead?
A company's application Is having performance issues The application staleful and needs to complete m-memory tasks on Amazon EC2 instances. The company used AWS CloudFormation to deploy infrastructure and used the M5 EC2 Instance family As traffic increased, the application performance degraded Users are reporting delays when the users attempt to access the application.
Which solution will resolve these issues in the MOST operationally efficient way?
A company is designing an application to run in a VPC on AWS The application consists of Amazon EC2 instances that tun in private subnets as part of an Auto Scaling group The application also includes a Network Load Balancer that extends across public subnets The application stores data in an Amazon RDS OB instance
The company has attached a security group that is named "web-servers' to the EC2 instances. The company has attached a security group that is named "database" to the DB Instance.
How should a solutions architect configure the communication between the EC2 instances and the DB instance?
A Configure the "web-servers* security group (o allow access lo the OB instance's current IP addresses Configure the "database" security group to allow access from the current set of IP addresses in use by the EC? instances
B. Configure the "web-servers" security group to allow access to the "database" security group Configure the "database" security group to allow access from the "web-servers" security group
C. Configure the "web-servers" security group to allow access to the DB instance's current IP addresses Configure the "database" security group to allow access from the Auto Scaling group
D. Configure the "web servers" security group to allow access to the "database" security group Configure the "database" security group to allow access from the Auto Scaling group