ExamTopics Logo
Mail Us[email protected]
Menu
Amazon Discussions
exam questions

Exam AWS Certified Solutions Architect - Professional SAP-C02 All Questions

View all questions & answers for the AWS Certified Solutions Architect - Professional SAP-C02 exam
Go to Exam

Exam AWS Certified Solutions Architect - Professional SAP-C02 topic 1 question 317 discussion

Exam question from Amazon's AWS Certified Solutions Architect - Professional SAP-C02
Question #: 317
Topic #: 1
[All AWS Certified Solutions Architect - Professional SAP-C02 Questions]

A company is deploying a new API to AWS. The API uses Amazon API Gateway with a Regional API endpoint and an AWS Lambda function for hosting. The API retrieves data from an external vendor API, stores data in an Amazon DynamoDB global table, and retrieves data from the DynamoDB global table The API key for the vendor's API is stored in AWS Secrets Manager and is encrypted with a customer managed key in AWS Key Management Service (AWS KMS). The company has deployed its own API into a single AWS Region.

A solutions architect needs to change the API components of the company’s API to ensure that the components can run across multiple Regions in an active-active configuration.

Which combination of changes will meet this requirement with the LEAST operational overhead? (Choose three.)

  • A. Deploy the API to multiple Regions. Configure Amazon Route 53 with custom domain names that route traffic to each Regional API endpoint. Implement a Route 53 multivalue answer routing policy.
  • B. Create a new KMS multi-Region customer managed key. Create a new KMS customer managed replica key in each in-scope Region.
  • C. Replicate the existing Secrets Manager secret to other Regions. For each in-scope Region's replicated secret, select the appropriate KMS key.
  • D. Create a new AWS managed KMS key in each in-scope Region. Convert an existing key to a multiRegion key. Use the multi-Region key in other Regions.
  • E. Create a new Secrets Manager secret in each in-scope Region. Copy the secret value from the existing Region to the new secret in each in-scope Region.
  • F. Modify the deployment process for the Lambda function to repeat the deployment across in-scope Regions. Turn on the multi-Region option for the existing API. Select the Lambda function that is deployed in each Region as the backend for the multi-Region API.
Show Suggested Answer Hide Answer
Suggested Answer: ABC 🗳️
by KungLjao at Oct. 29, 2023, 7:11 p.m.
Disclaimers:
  • - ExamTopics website is not related to, affiliated with, endorsed or authorized by Amazon.
  • - Trademarks, certification & product names are used for reference only and belong to Amazon.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
AzureDP900
5 months, 1 week ago
Deploying the API to multiple Regions (A) allows the company's API to run across multiple Regions, meeting one of the requirements. Creating a new KMS multi-Region customer managed key (B) ensures that the encryption keys used to store the vendor's API secret are accessible across multiple Regions. This allows the company to use a single secret in Secrets Manager across all Regions, reducing operational overhead. Replicating the existing Secrets Manager secret to other Regions (C) is not necessary if you have an AWS-managed key or a multi-region customer managed key (B), but it's still a valid option that can meet the requirement. In fact, the combination of A, B, and C would be the most suitable answer, as they all contribute to ensuring that the API components can run across multiple Regions in an active-active configuration with minimal operational overhead.
upvoted 1 times
...
fab2872
5 months, 4 weeks ago
BCF "A" does not create the Lambda in other regions. " The API uses Amazon API Gateway with a Regional API endpoint and an AWS Lambda function for hosting. "
upvoted 2 times
...
obihuang
1 year ago
Why C? Does the new KMS key not need to create a new encrypted secret?
upvoted 1 times
...
career360guru
1 year, 3 months ago
Selected Answer: ABC
A, B , C are the right options.
upvoted 3 times
...
adelynllllllllll
1 year, 3 months ago
ABC: A : deploy the API to other region includes deploy the lambda functions too. so F is not needed.
upvoted 2 times
bjexamprep
1 year, 1 month ago
that's a big assumption
upvoted 2 times
alexbraila
4 months, 4 weeks ago
Not so big, no. The question states: The API uses Amazon API Gateway with a Regional API endpoint and an AWS Lambda function for hosting In my understanding, the above says that the API includes the API Gateway and the Lambda function
upvoted 2 times
...
...
...
duriselvan
1 year, 4 months ago
ABC ANShttps://aws.amazon.com/blogs/compute/building-a-multi-region-serverless-application-with-amazon-api-gateway-and-aws-lambda/
upvoted 1 times
...
HappyPrince
1 year, 4 months ago
Selected Answer: BCF
The diagram mentioned here supports F https://docs.aws.amazon.com/architecture-diagrams/latest/multi-region-api-gateway-with-cloudfront/multi-region-api-gateway-with-cloudfront.html
upvoted 2 times
yuliaqwerty
1 year, 4 months ago
it is mention here about AWS Lambda @Edge not simple lambda
upvoted 1 times
...
career360guru
1 year, 3 months ago
This diagram has cloudfront. Option F does not include Cloudfront. So F is not correct.
upvoted 1 times
...
...
Sheyla
1 year, 5 months ago
Selected Answer: ABC
ABC is the answer
upvoted 3 times
...
shaaam80
1 year, 5 months ago
Selected Answer: ABC
Cannot convert single region KMS to multi-region. ABC is the answer
upvoted 3 times
...
shaaam80
1 year, 5 months ago
Cannot convert single region KMS to multi-region. ABC is the answer
upvoted 3 times
...
career360guru
1 year, 5 months ago
Selected Answer: BCF
B, C and D is right answer. In an Active Active setup with Regional API Gateway endpoint Lambda must be deployed in each Region. https://aws.amazon.com/blogs/compute/building-a-multi-region-serverless-application-with-amazon-api-gateway-and-aws-lambda/
upvoted 2 times
...
s61
1 year, 5 months ago
Selected Answer: ABC
https://docs.aws.amazon.com/kms/latest/developerguide/multi-region-keys-create.html https://docs.aws.amazon.com/secretsmanager/latest/userguide/create-manage-multi-region-secrets.html
upvoted 4 times
...
KungLjao
1 year, 6 months ago
Selected Answer: ABC
ABC, others make no sense
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago