AWS-02

DEV with Spot Instances and PROD with On-Demand Instances

DEV with On-Demand Instances and PROD with Spot Instances

DEV with Scheduled Reserved Instances and PROD with Reserved Instances

DEV with On-Demand Instances and PROD with Scheduled Reserved Instances

Create an Amazon EFS file system and mount it from each EC2 instance

Create an Amazon S3 bucket and permit access from all the EC2 instances in the VPC

Create a file system on an Amazon EBS Provisioned IOPS SSD (101) volume. Attach the volume to all the EC2 instances

Create file systems on Amazon EBS volumes attached to each EC2 instance. Synchronize the Amazon EBS volumes across the different EC2 instances

Increase the minimum capacity for the Auto Scaling group

Increase the maximum capacity for the Auto Scaling group.

Configure scheduled scaling to scale up to the desired compute level

Change the scaling policy to add more EC2 instances during each scaling operation

Use an Amazon CloudFront distribution with an origin access identity (OAI). Configure the distribution with an Amazon S3 origin to provide access to the file through signed URLs. Design a Lambda function to remove data that is older than 14 days

Use an S3 bucket and provide direct access to the tile Design the application to track purchases in a DynamoDB table. Configure a Lambda function to remove data that is older than 14 days based on a query to Amazon DynamoDB.

Use an Amazon CloudFront distribution with an OAI. Configure the distribution with an Amazon S3 origin to provide access to the file through signed URLs. Design the application to sot an expiration of 14 days for the URL

Use an Amazon CloudFront distribution with an OAI. Configure the distribution with an Amazon S3 origin to provide access to the file through signed URLs. Design the application to set an expiration of 60 minutes for the URL and recreate the URL as necessary

Configure the security group for the EC2 instances

Configure the security group on the Application Load Balancer

Configure AWS WAF on the Application Load Balancer in a VPC.

Configure the network ACL for the subnet that contains the EC2 instances.

Create a site-to-site VPN connection between the private subnet and the network in which the public site is deployed

Create a NAT gateway in a public subnet. Route outbound traffic from the private subnet through the NAI gateway

Create a network ACL for the private subnet where the EC2 instance deployed only allows access from the IP address range of the public website

Create a security group that only allows connections from the IP address range of the public website. Attach the security group to the EC2 instance.

Use AWS Snowball

Use AWS DataSync

Use a secure VPN connection

Use Amazon S3 Transfer Acceleration

Use step scaling

Use simple scaling

Use lifecycle hooks

Use scheduled scaling.

Implement Amazon SNS to store the database calls

Implement Amazon ElastiCache to cache the large datasets

Implement an RDS for MySQL read replica to cache database calls

Implement Amazon Kinesis Data Firehose to stream the calls to the database

Deploy Amazon S3 Glacier Vault and enable expedited retrieval. Enable provisioned retrieval capacity for the workload

Deploy AWS Storage Gateway using cached volumes. Use Storage Gateway to store data in Amazon S3 while retaining copies of frequently accessed data subsets locally

Deploy AWS Storage Gateway using stored volumes to store data locally. Use Storage Gateway to asynchronously back up point-in-time snapshots of the data to Amazon S3

Deploy AWS Direct Connect to connect with the on-premises data center. Configure AWS Storage Gateway to store data locally. Use Storage Gateway to asynchronously back up pointin- time snapshots of the data to Amazon S3.

Configure a lifecycle policy to delete the objects after 30 days

Configure a lifecycle policy to transition the objects to Amazon S3 Glacier after 30 days

Configure a lifecycle policy to transition the objects to Amazon S3 Standard-Infrequent Access (S3 Standard-IA) after 30 days

Configure a lifecycle policy to transition the objects to Amazon S3 One Zone-Infrequent Access (S3 One Zone-IA) after 30 days

Enable public access on an Amazon S3 bucket.

Generate a pre signed URL to share with the users

Encrypt files using AWS KMS and provide keys to the users

Create and assign IAM roles that will grant GetObject permissions to the users

Use an AWS Storage Gateway file gateway to provide file storage to AWS, then perform analytics on this data in the AWS Cloud

Use an AWS storage Gateway tape gateway to copy the backup of the local data to AWS, then perform analytics on this data in the AWS cloud

Use an AWS Storage Gateway volume gateway in a stored volume configuration to regularly take snapshots of the local data, then copy the data to AWS

Use an AWS Storage Gateway volume gateway in a cached volume configuration to back up all the local storage in the AWS cloud, then perform analytics on this data in the cloud

Server-side encryption with customer-provided encryption keys

Client-side encryption with Amazon S3 managed encryption keys

Server-side encryption with keys stored in AWS key Management Service (AWS KMS)

Client-side encryption with a master key stored in AWS Key Management Service (AWS KMS)

Use Amazon DynamoDB transactions

Create an Amazon Neptune database in a Multi AZ design

Use a fully managed Amazon RDS for MySQL database in a Multi-AZ design

Deploy PostgreSQL on an Amazon EC2 instance that uses Amazon EBS Throughput Optimized HDD storage

Use Lambda@Edge for CloudFront

Use Amazon S3 Transfer Acceleration for CloudFront.

Configure another EC2 instance in a different Availability Zone as part of the origin group

Configure another EC2 instance as part of the origin server cluster in the same Availability Zone.

Set up a VPC peering connection between VPC-A and VPC-B.

Set up VPC gateway endpoints for the EC2 instance running in VPC-B.

Attach a virtual private gateway to VPC-B and enable routing from VPC-A.

Create a private virtual interface (VIF) for the EC2 instance running in VPC-B and add appropriate routes from VPC-B.

Amazon S3

AWS Secrets Manager

AWS Systems Manager Parameter store

AWS Key Management Service (AWS KMS)

Set up AWS Storage Gateway to connect with the backup applications using the NFS interface.

Set up an Amazon EFS file system that connects with the backup applications using the NFS interface.

Set up an Amazon EFS file system that connects with the backup applications using the iSCSI interface

Set up AWS Storage Gateway to connect with the backup applications using the iSCSIvirtual tape library (VTL) interface

Amazon EBS Cold HDD (sc1)

Amazon EBS General Purpose SSD (gp2)

Amazon EBS Provisioned IOPS SSD (io1)

Amazon EBS Throughput Optimized HDD (st1)

Create a private hosted zone using Amazon Route 53

Configure a VPC gateway endpoint for Amazon S3 in the VPC.

Configure AWS Private Link between the EC2 instance and the S3 bucket

Set up a site-to-site VPN connection between the VPC and the S3 bucket.

Configure two AWS Lambda functions to run the applications. Create an Amazon EC2 instance with an instance store volume to store the data.

Configure two AWS Lambda functions to run the applications. Create an Amazon EC2 instance with an Amazon Elastic Block Store (Amazon EBS) volume to store the data.

Configure one memory optimized Amazon EC2 instance to run both applications simultaneously. Create an Amazon Elastic Block Store (Amazon EBS) volume with Provisioned IOPS to store the data

Configure two Amazon EC2 instances to run both applications. Configure Amazon Elastic File System (Amazon EFS) with General Purpose performance mode and Bursting Throughput mode to store the data

Export the data to Amazon DynamoDB and have the business analysts run their queries

Load the data into Amazon ElastiCache and have the business analysts run their queries

Create a read replica of the primary database and have the business analysts run their queries.

Copy the data into an Amazon Redshift cluster and have the business analysts run their queries.

Deploy AWS Certificate Manager to generate certificates. Use the certificates to encrypt the database volume

Deploy AWS Certificate Manager to generate certificates. Use the certificates to encrypt the database volume

Configure SSL encryption using AWS Key Management Service customer master keys (AWS KMS CMKs) to encrypt database volumes

Configure Amazon Elastic Block Store (Amazon EBS) encryption and Amazon RDS encryption with AWS Key Management Service (AWS KMS) keys to encrypt instance and database volumes

Use Amazon Aurora with Multi-AZ Aurora Replicas and restore from mysqldump for the test database

Use Amazon Aurora with Multi-AZ Aurora Replicas and restore snapshots from Amazon RDS for the test database

Use Amazon RDS for MySQL with a Multi-AZ deployment and read replicas, and use the standby instance for the test database

Use Amazon RDS for SQL Server with a Multi-AZ deployment and read replicas, and restore snapshots from RDS for the test database

Configure an AWS Lambda function in each developer account to copy the log files to the central account. Create an IAM role in the central account for the auditor. Attach an IAM policy providing read-only permissions to the bucket

Configure an AWS Lambda function in each developer account to copy the log files to the central account. Create an IAM role in the central account for the auditor. Attach an IAM policy providing read-only permissions to the bucket

Configure CloudTrail from each developer account to deliver the log files to an S3 bucket in the central account. Create an IAM role in the central account for the auditor. Attach an IAM policy providing read-only permissions to the bucket.

Configure an AWS Lambda function in the central account to copy the log files from the S3 bucket in each developer account. Create an IAM user in the central account for the auditor. Attach an IAM policy providing full permissions to the bucket

Spot Fleet

Spot Instances

Reserved Instances

On-Demand Instances

Configure a volume using Amazon EFS. Mount the EBS volume to each Windows Instance.

Configure AWS Storage Gateway in Volume Gateway mode. Mount the volume to each Windows Instance

Configure Amazon FSx for Windows File Server. Mount the Amazon FSx volume to each Windows Instance

Configure an Amazon EBS volume with the required size. Attach each EC2 instance to the volume. Mount the file system within the volume to each Windows instance.

Enable an ALB health check

Enable an Amazon Route 53 health check

Crate an CNAME record on Amazon Route 53 pointing to the ALB endpoint

Create conditional forwarding rules on Amazon Route 53 pointing to an internal BIND DNS server

Configure Amazon DynamoDB Accelerator (DAX) for the new messages table. Update the code to use the DAX endpoint

Add DynamoDB read replicas to handle the increased read load. Update the application to point to the read endpoint for the read replicas.

Double the number of read capacity units for the new messages table in DynamoDB. Continue to use the existing DynamoDB endpoint

Add an Amazon ElastiCache for Redis cache to the application stack. Update the application to point to the Redis cache endpoint instead of DynamoDB.

Reduce the threshold for CPU utilization in the Auto Scaling group

Replace the Application Load Balancer with a Network Load Balancer

Add read replicas for the RDS instances and direct read traffic to the replica

Add Multi-AZ support to the RDS instances and direct read traffic to the new EC2 instance.

Use Amazon S3 website hosting for the backup website and Route 53 failover routing policy.

Use Amazon S3 website hosting for the backup website and Route 53 latency routing policy.

Deploy the application in another AWS Region and use ELB health checks for failover routing.

Deploy the application in another AWS Region and use server-side redirection on the primary website

Amazon EBS for maximum performance, Amazon S3 for durable data storage, and Amazon S3 Glacier for archival storage

Amazon EBS for maximum performance. Amazon EFS for durable data storage, and Amazon S3 Glacier for archival storage

Amazon EC2 instance store for maximum performance, Amazon EFS for durable data storage, and Amazon S3 for archival storage

Amazon EC2 instance store for maximum performance, Amazon S3 for durable data storage, and Amazon S3 Glacier for archival storage

Use S3 ACLs.

Use Amazon Elastic Block Store (EBS) automated snapshots

Use S3 Intelligent-Tiering storage

Use S3 One Zone-infrequent Access (S3 One Zone-IA).

Use Amazon SQS with AWS Lambda to generate reports

Increase the idle timeout on the Application Load Balancer to 5 minutes

Update the client-side application code to increase its request timeout to 5 minutes

Publish the reports to Amazon S3 and use Amazon CloudFront for downloading to the user.

Create a Network Load Balancer backed by an Auto Scaling group with a UDP listener

Create a Network Load Balancer backed by a Spot Fleet with instances in a group with instances in a partition placement group

Create a Network Load Balancer backed by the existing serves in different Availability Zones as the target

Create a Network Load Balancer backed by an Auto Scaling with instances in multiple Availability zones as the target

Replace the SQS queue with Amazon Kinesis Data Firehose

Use Amazon ElastiCache for Redis in front of the DynamoDB backend tier

Add an Amazon CloudFront distribution to cache the responses for the web tier

Use Amazon EC2 Auto Scaling to scale out the middle tier instances based on the SOS queue depth

Deploy the EC2 instances in an Auto Scaling group Set the minimum to 4 and the maximum to M, with 2 in Availability Zone A and 2 in Availability Zone B

Deploy the EC2 instances in an Auto Scaling group Set the minimum to 4 and the maximum to 12, with all 4 in Availability Zone A.

Deploy the EC2 instances in an Auto Scaling group Set the minimum to 8 and the maximum to 12, with 4 in Availability Zone A and 4 in Availability Zone B

Deploy the EC2 instances in an Auto Scaling group Set the minimum to 8 and the maximum to 12, with 4 in Availability Zone A and 4 in Availability Zone B

Use an instance from the I3 I/O optimized family and leverage local ephemeral storage to achieve the IOPS requirement

Create an Nitro-based Amazon EC2 instance with an Amazon EBS Provisioned IOPS SSD (io1) volume attached. Configure the volume to have 64,000 IOPS

Create and map an Amazon Elastic File System (Amazon EFS) volume to the database instance and use the volume to achieve the required IOPS for the database.

Provision two volumes and assign 32,000 IOPS to each. Create a logical volume at the operating system level that aggregates both volumes to achieve the IOPS requirements.

An Auto Scaling group with Spot Instance types

Placement group using a cluster placement strategy

A placement group using a partition placement strategy

A placement group using a partition placement strategy

Set up AWS Global Accelerator and add endpoints

Set up AWS Direct Connect locations in multiple Regions

Set up an Amazon CloudFront distribution to access an application

Set up an Amazon Route 53 geo proximity routing policy to route traffic

AWS CloudHSM with the CloudHSM client

AWS Key Management Service (AWS KMS) with AWS CloudHSM

AWS Key Management Service (AWS KMS) with an external key material origin

AWS Key Management Service (AWS KMS) with AWS managed customer master keys (CMKs)

Deploy a NAT gateway inside the public subnet for each Availability Zone and associate it with an Elastic IP address. Update the routing table of the private subnet to use it as the default route

Deploy a NAT gateway inside the private subnet for each Availability Zone and associate it with an Elastic IP address. Update the routing table of the private subnet to use it as the default route.

Deploy two NAT instances inside the public subnet for each Availability Zone and associate them with Elastic IP addresses. Update the routing table of the private subnet to use it as the default route

Deploy two NAT instances inside the private subnet for each Availability Zone and associate them with Elastic IP addresses. Update the routing table of the private subnet to use it as the default route

Use Amazon Kinesis Data Streams to ingest the data. Process the data using AWS Lambda functions

Use Amazon API Gateway on top of the existing application. Create a usage plan with a quota limit for the third-party vendor.

Use Amazon Simple Notification Service (Amazon SNS) to ingest the data. Put the EC2 instances in an Auto Scaling group behind an Application Load Balancer

Repackage the application as a container. Deploy the application using Amazon Elastic Container Service (Amazon ECS) using the EC2 launch type with an Auto Scaling group

Amazon EBS

Amazon EC2

Amazon FSx

Amazon S3