A company is migrating a legacy application from an on-premises data center to AWS. The application uses MongoDB as a key-value database. According to the company's technical guidelines, all Amazon EC2 instances must be hosted in a private subnet without an internet connection. In addition, all connectivity between applications and databases must be encrypted. The database must be able to scale based on demand.
Which solution will meet these requirements?
The solution needs to involve a database that can scale based on demand and ensure that all connectivity between applications and databases is encrypted while being accessible without an internet connection. Amazon DynamoDB is a scalable key-value database suitable for this use and offers on-demand capacity mode, which automatically adjusts to accommodate workload fluctuations. By using a gateway VPC endpoint for DynamoDB, we can ensure that EC2 instances in a private subnet can securely connect to the DynamoDB tables without requiring internet access. This setup aligns well with the company's technical guidelines.
The database must be able to scale based on demand, so Provisioned IOPS volume is out because they will be throttled. A and D are out. EC2 hosted in a private subnet without an internet connection, have to use VPC Endpoint, for DynamoDB, it must be Gateway VPC endpoint. B is the answer.
D is right option. Instance endpoint is for connecting specific instance (primary or replica) and not recommended.
This time you are wrong. A and D option use provisioned IOPS which is not scalable. Between B and C. DynamoDB only works with gateway endpoint. Answer is B.
It does not say you need automated scaling. You can manually scale DynanoDB with provisioned IOPS.
Answer: D B and C are ruled out since they are using DynamoDB which is a NoSQL database service, and may not be a direct replacement for MongoDB if the application specifically requires MongoDB compatibility when you have Document DB. So the answer should be either A or D. Why D? because Amazon DocumentDB provides a cluster endpoint that can be used for connecting to the cluster. This endpoint is accessible from within your Virtual Private Cloud (VPC) but doesn't require internet access. It aligns with the guideline of hosting instances in private subnets.
D is the right option. - It's legacy application, so re-factoring to dynamodb hardly possible. - D is scalable and compatible, cluster endpoint is right choise. - Provisioned IOPS volumes are for he application, not for database, so database is still scalable.
How are IOPS volumes not for the database? The sentence is: "Create new Amazon DocumentDB (with MongoDB compatibility) tables for the application with Provisioned IOPS volumes", which means that the DB is provisioned for the application, but it's still DB with IOPS volumes.
B - good spot on the Provisioned Capacity vs On Demand. I must admit that I have missed it
instance endpoint to connect is for public conenction
B is the answer. DynamoDB provisioned in on-demand capacity can scale. And instances in the private subnet can access DynamoDB securely via VPC Gateway end point.
D :Compatibility: Amazon DocumentDB, which is compatible with MongoDB, is an ideal choice. This ensures that the application can be migrated with minimal changes. Scalability: can automatically scale the storage and supports read scaling by adding more replicas. This meets the requirement for the database to scale based on demand. Encryption: DocumentDB supports encryption at rest and in transit, ensuring that all data connectivity is encrypted as per the company's guidelines. Private Connectivity: Amazon DocumentDB can be accessed within a VPC using a cluster endpoint, and it does not require internet connectivity, making it suitable for private subnet deployments. Option B: DynamoDB is a managed NoSQL database service that could meet the key-value requirement and scalability. However, it is not MongoDB-compatible, which means significant changes to the application code might be required
You don't need MongoDB compatibility as it is used as key-value, not as a document db
I guess the key par here is key-value . That kind of confirms that we can use DynamoDB here and hence B looks more promisin now. D seems good but Provisioned IOPS is a red flag regarding scaling
B b/c needs to scale based on demand and Gateway VPC endpoint with DynamoDB goes together like peanut butter and jelly
Sorry. Answer is B. Gateway endpoint use private internet.
C. Because gateway endpoint use public internet.
Correct ans: D
D. Create new Amazon DocumentDB (with MongoDB compatibility) tables for the application with Provisioned IOPS volumes. Use the cluster endpoint to connect to Amazon DocumentDB.
DocumentDB is not DynamoDB. Gateway Endpoint does not support DocumentDB.
My bad, B is using DynamoDB, so it is B
B: If MongoDB is used as a key-value store, then a gateway endpoint is the way to connect to DynamoDB, which is a straight-up key-value store.
b ANShttps://repost.aws/knowledge-center/connect-s3-vpc-endpoint