Exam SAP-C02 All QuestionsBrowse all questions from this exam
Go to Exam
Question 445

A company uses AWS Organizations to manage its development environment. Each development team at the company has its own AWS account. Each account has a single VPC and CIDR blocks that do not overlap.

The company has an Amazon Aurora DB cluster in a shared services account. All the development teams need to work with live data from the DB cluster.

Which solution will provide the required connectivity to the DB cluster with the LEAST operational overhead?

    Correct Answer: B

    The solution that provides connectivity to the Amazon Aurora DB cluster with the least operational overhead is creating a transit gateway in the shared services account and creating an AWS Resource Access Manager (AWS RAM) resource share for the transit gateway. Sharing the transit gateway with all the development accounts and configuring networking provides a centralized and straightforward approach that allows all teams to access the live data from the DB cluster. This avoids the complexities and limitations of other options, such as cloning with AWS RAM or the requirement for a Network Load Balancer with PrivateLink.

Discussion
matheusrdoOption: B

The question asks about working with live data and providing CONNECTIVITY to the DB cluster. B is the correct as it provides both

pangchnOption: B

B I originally chose A since I thoughtAurora DB cluster is sharable https://docs.aws.amazon.com/ram/latest/userguide/shareable.html#shareable-aur But as Verri mentioned, with that share, it only allow you to CLONE the db rather than use it as live https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/Aurora.Managing.Clone.html#Aurora.Managing.Clone.Cross-Account

txxxxxfOption: B

AWS PrivateLink requires an NLB (Network Load Balancer). Since the question mentions that IP addresses should not overlap, sharing via Transit Gateway might be a good approach.

VerRiOption: B

A: Sharing DB cluster with RAM allows you to CLONE a shared, centrally managed DB cluster C: PrivateLink needs NLB not ALB D: WTF

gustori99Option: B

C is wrong because for Private Link you need to use NLB not ALB. Correct answer is B.

JOKEROOption: A

https://docs.aws.amazon.com/ram/latest/userguide/shareable.html#shareable-aur

titi_rOption: B

Correct ans "B".

vip2Option: B

for live data, it should be B

red_pandaOption: A

For me it's A. We need to use the RAM only for the Aurora DB. We don't need to peer the VPCs with TransitGateway. Also less ops effort is option A. So Option B is unuseful complicated.

spencer_sharpOption: A

Seemed A since B requires a lot setup work

mav3r1ckOption: A

LEAST operational overhead is "A". You can share DB Cluster. https://docs.aws.amazon.com/ram/latest/userguide/shareable.html#shareable-aur

c22ddd8

Live data is catch here, A is for clone

pangchnOption: A

I will go for A as the ref link provided by JOKERO if not, the transit gateway would be ideal too.

c22ddd8

Live data is catch here, A is for clone

CMMCOption: C

Utilizing AWS PrivateLink to enable private connectivity between VPCs without the need for public IP addresses or internet gateways. Creating an ALB pointing to the DB cluster's IP address and then creating a PrivateLink endpoint service that uses the ALB allows each development account to securely connect to the DB cluster. This approach minimizes operational overhead and simplifies network connectivity.