A company must ensure that any objects uploaded to an S3 bucket are encrypted.
Which of the following actions will meet this requirement? (Choose two.)
A company must ensure that any objects uploaded to an S3 bucket are encrypted.
Which of the following actions will meet this requirement? (Choose two.)
CE
Reference:
https://docs.aws.amazon.com/AmazonS3/latest/userguide/acl-overview.html#sample-acl
A company has a stateful web application that is hosted on Amazon EC2 instances in an Auto Scaling group. The instances run behind an Application Load
Balancer (ALB) that has a single target group. The ALB is configured as the origin in an Amazon CloudFront distribution. Users are reporting random logouts from the web application.
Which combination of actions should a SysOps administrator take to resolve this problem? (Choose two.)
To resolve the issue of random logouts in a stateful web application hosted on Amazon EC2 instances in an Auto Scaling group behind an Application Load Balancer (ALB) with a CloudFront distribution, two actions should be taken: configure cookie forwarding in the CloudFront distribution cache behavior and enable sticky sessions on the ALB target group. Cookie forwarding ensures that CloudFront passes user session information to the origin, while enabling sticky sessions on the ALB target group maintains user sessions by ensuring that subsequent requests from a user are directed to the same target.
A company is running a serverless application on AWS Lambda. The application stores data in an Amazon RDS for MySQL DB instance. Usage has steadily increased, and recently there have been numerous "too many connections" errors when the Lambda function attempts to connect to the database. The company already has configured the database to use the maximum max_connections value that is possible.
What should a SysOps administrator do to resolve these errors?
To resolve the issue of 'too many connections' errors when a Lambda function attempts to connect to an Amazon RDS for MySQL DB instance, using Amazon RDS Proxy is the most appropriate solution. Amazon RDS Proxy acts as an intermediary between the application and the database, managing connection pools and reducing the number of direct connections to the database. This helps in handling a large number of simultaneous connections more efficiently by reusing existing connections, thus avoiding the maximum connections limit. Updating the connection string in the Lambda function to use the RDS Proxy will significantly improve connection management in this serverless architecture.
A SysOps administrator is deploying an application on 10 Amazon EC2 instances. The application must be highly available. The instances must be placed on distinct underlying hardware.
What should the SysOps administrator do to meet these requirements?
To ensure high availability and place the instances on distinct underlying hardware, the SysOps administrator should launch the instances into a spread placement group in a single AWS Region. Spread placement groups are designed to spread instances across distinct hardware to reduce the risk of simultaneous failures. Placement groups cannot span multiple AWS Regions, so the correct approach is to use a spread placement group within a single region.
A SysOps administrator is troubleshooting an AWS CloudFormation template whereby multiple Amazon EC2 instances are being created. The template is working in us-east-1, but it is failing in us-west-2 with the error code:
AMI [ami-12345678] does not exist
How should the Administrator ensure that the AWS CloudFormation template is working in every region?
The correct way to ensure the AWS CloudFormation template works in every region is to modify the template to use the 'Mappings' section. This section allows defining a map of region-specific values, which can include different AMI IDs for each region. By referring to the proper mapping within the template, the correct AMI for the respective region is used, thus resolving the issue of the template failing when the specified AMI does not exist in the target region.