Printable PDF
Vendor: Amazon
Exam Code: SAA-C03
Exam Name: AWS Certified Solutions Architect - Associate (SAA-C03)
Certification: AWS Certified Associate
Total Questions: 1224 Q&A
Updated on: Dec 08, 2024
Note: Product instant download. Please sign in and click My account to download your product.
A company recently launched Linux-based application instances on Amazon EC2 in a private subnet and launched a Linux-based bastion host on an Amazon EC2 instance in a public subnet of a VPC A solutions architect needs to connect from the on-premises network, through the company's internet connection to the bastion host and to the application servers The solutions architect must make sure that the security groups of all the EC2 instances will allow that access
Which combination of steps should the solutions architect take to meet these requirements? (Select TWO)
A. Replace the current security group of the bastion host with one that only allows inbound access from the application instances
B. Replace the current security group of the bastion host with one that only allows inbound access from the internal IP range for the company
C. Replace the current security group of the bastion host with one that only allows inbound access from the external IP range for the company
D. Replace the current security group of the application instances with one that allows inbound SSH access from only the private IP address of the bastion host
E. Replace the current security group of the application instances with one that allows inbound SSH access from only the public IP address of the bastion host
A company has an ecommerce checkout workflow that writes an order to a database and calls a service to process the payment. Users are experiencing timeouts during the checkout process. When users resubmit the checkout form, multiple unique orders are created for the same desired transaction.
How should a solutions architect refactor this workflow to prevent the creation of multiple orders?
A. Configure the web application to send an order message to Amazon Kinesis Data Firehose. Set the payment service to retrieve the message from Kinesis Data Firehose and process the order.
B. Create a rule in AWS CloudTrail to invoke an AWS Lambda function based on the logged application path request Use Lambda to query the database, call the payment service, and pass in the order information.
C. Store the order in the database. Send a message that includes the order number to Amazon Simple Notification Service (Amazon SNS). Set the payment service to poll Amazon SNS. retrieve the message, and process the order.
D. Store the order in the database. Send a message that includes the order number to an Amazon Simple Queue Service (Amazon SQS) FIFO queue. Set the payment service to retrieve the message and process the order. Delete the message from the queue.
A company's developers want a secure way to gain SSH access on the company's Amazon EC2 instances that run the latest version of Amazon Linux. The developers work remotely and in the corporate office. The company wants to use AWS services as a part of the solution. The EC2 instances are hosted in a VPC private subnet and access the internet through a NAT gateway that is deployed in a public subnet. What should a solutions architect do to meet these requirements MOST cost-effectively?
A. Create a bastion host in the same subnet as the EC2 instances. Grant the ec2:CreateVpnConnection IAM permission to the developers. Install EC2 Instance Connect so that the developers can connect to the EC2 instances.
B. Create an AWS Site-to-Site VPN connection between the corporate network and the VPC. Instruct the developers to use the Site-to-Site VPN connection to access the EC2 instances when the developers are on the corporate network. Instruct the developers to set up another VPN connection for access when they work remotely.
C. Create a bastion host in the public subnet of the VPConfigure the security groups and SSH keys of the bastion host to only allow connections and SSH authentication from the developers' corporate and remote networks. Instruct the developers to connect through the bastion host by using SSH to reach the EC2 instances.
D. Attach the AmazonSSMManagedInstanceCore IAM policy to an IAM role that is associated with the EC2 instances. Instruct the developers to use AWS Systems Manager Session Manager to access the EC2 instances.
Hannah Johnson
Leads4Pass is one of the best websites I have ever used. It only took me 3 days of preparation to complete my goal plan. Not only that, I was successful with high scores.
Joel C
It was the 16th when I purchased the Leads4Pass materials. They updated the materials on the 18th. When I asked them to send me the latest materials, they quickly sent me the latest ones. The new materials included several of the latest core question types. Finally, I succeeded. Six of the new core questions were completely matched. Thank you!
Martha W
I have used free materials, the privacy is poor, the public content matching rate is too low,I gave up on them because they failed me once. Leads4Pass was recommended by a friend. Both the privacy protection and the preciousness of the materials are very high. By the way, I won this time.
David Frazier
There is nothing more satisfying than success! Their question types are very similar, and they were very helpful to my progress in answering questions during the exam. Thank you.
Dolores N
I need to take multiple certification exams for my organization. There are so many certification exams that I can't help but choose supporting materials. I have tried multiple platforms with some success and failure. In the end, I chose Leads4Pass. It was instant for me. Effective materials are where the real value lies.
Helen Kovac
I was despised by a close friend until he failed twice and I passed once and then he changed his mind. He shared his failure experience with me. He told me that he had been learning through books and looking for free materials. These outdated contents could not really help him. Later I recommended him Leads4Passs and he also succeeded.
Raymond I
I was lucky enough to choose Leads4Pass for the first time. I used their VCE tool to learn, and it was really easy and efficient. I think what’s really amazing is that they can ensure that all materials are industry-leading, which is really amazing.
The following table comprehensively analyzes the quality and value of AWS Certified Associate SAA-C03 exam materials.