Exam AWS Certified Solutions Architect - Professional SAP-C02 topic 1 question 324 discussion

The database must be able to scale based on demand, so Provisioned IOPS volume is out because they will be throttled. A and D are out. EC2 hosted in a private subnet without an internet connection, have to use VPC Endpoint, for DynamoDB, it must be Gateway VPC endpoint. B is the answer.

D is right option. Instance endpoint is for connecting specific instance (primary or replica) and not recommended.

Just summarizing from comments :) A and D out because provisioned IOPS is not considered scalable. C is out because DynamoDB only works with gateway vpc endpoint. B works, because MongoDB only used as key value store, it make sense to replace it with DynamoDB with little impact to the requirements.

The key here is Can you use Amazon Dynamodb to replace a MongoDB used as a key-value database and the answer is YES! Amazon DynamoDB supports interface VPC endpoints (AWS PrivateLink). This allows you to securely connect to DynamoDB from your VPC without the need for an internet gateway, NAT device, VPN connection, or AWS Direct Connect connection.

D. This is the correct answer. Amazon DocumentDB (with MongoDB compatibility) meets the requirements: 1. It can be hosted in a private subnet without an internet connection, as required by the technical guidelines. 2. Connectivity between the application and the database can be encrypted, as stated in the requirements. 3. Amazon DocumentDB can scale based on demand, which is another requirement mentioned in the question. 4. The use of the cluster endpoint to connect to Amazon DocumentDB is the appropriate approach, as it provides a single, highly available endpoint for the database cluster. Therefore, option D is the solution that best meets the given requirements.

DynamoDB isn't compatible withMongo

EC2 has no such concept called `cluster endpoint`. has to be B

Correct ans: D

D :Compatibility: Amazon DocumentDB, which is compatible with MongoDB, is an ideal choice. This ensures that the application can be migrated with minimal changes. Scalability: can automatically scale the storage and supports read scaling by adding more replicas. This meets the requirement for the database to scale based on demand. Encryption: DocumentDB supports encryption at rest and in transit, ensuring that all data connectivity is encrypted as per the company's guidelines. Private Connectivity: Amazon DocumentDB can be accessed within a VPC using a cluster endpoint, and it does not require internet connectivity, making it suitable for private subnet deployments. Option B: DynamoDB is a managed NoSQL database service that could meet the key-value requirement and scalability. However, it is not MongoDB-compatible, which means significant changes to the application code might be required

D. Create new Amazon DocumentDB (with MongoDB compatibility) tables for the application with Provisioned IOPS volumes. Use the cluster endpoint to connect to Amazon DocumentDB.

I guess the key par here is key-value . That kind of confirms that we can use DynamoDB here and hence B looks more promisin now. D seems good but Provisioned IOPS is a red flag regarding scaling

DocumentDB is not DynamoDB. Gateway Endpoint does not support DocumentDB.

B: If MongoDB is used as a key-value store, then a gateway endpoint is the way to connect to DynamoDB, which is a straight-up key-value store.

B b/c needs to scale based on demand and Gateway VPC endpoint with DynamoDB goes together like peanut butter and jelly

D is the right option. - It's legacy application, so re-factoring to dynamodb hardly possible. - D is scalable and compatible, cluster endpoint is right choise. - Provisioned IOPS volumes are for he application, not for database, so database is still scalable.

Answer: D B and C are ruled out since they are using DynamoDB which is a NoSQL database service, and may not be a direct replacement for MongoDB if the application specifically requires MongoDB compatibility when you have Document DB. So the answer should be either A or D. Why D? because Amazon DocumentDB provides a cluster endpoint that can be used for connecting to the cluster. This endpoint is accessible from within your Virtual Private Cloud (VPC) but doesn't require internet access. It aligns with the guideline of hosting instances in private subnets.

Sorry. Answer is B. Gateway endpoint use private internet.