ExamTopics Logo
Mail Us[email protected]
Menu
Amazon Discussions
exam questions

Exam AWS Certified Solutions Architect - Professional SAP-C02 All Questions

View all questions & answers for the AWS Certified Solutions Architect - Professional SAP-C02 exam
Go to Exam

Exam AWS Certified Solutions Architect - Professional SAP-C02 topic 1 question 400 discussion

Exam question from Amazon's AWS Certified Solutions Architect - Professional SAP-C02
Question #: 400
Topic #: 1
[All AWS Certified Solutions Architect - Professional SAP-C02 Questions]

A company is running a serverless application that consists of several AWS Lambda functions and Amazon DynamoDB tables. The company has created new functionality that requires the Lambda functions to access an Amazon Neptune DB cluster. The Neptune DB cluster is located in three subnets in a VPC.

Which of the possible solutions will allow the Lambda functions to access the Neptune DB cluster and DynamoDB tables? (Choose two.)

  • A. Create three public subnets in the Neptune VPC, and route traffic through an internet gateway. Host the Lambda functions in the three new public subnets.
  • B. Create three private subnets in the Neptune VPC, and route internet traffic through a NAT gateway. Host the Lambda functions in the three new private subnets.
  • C. Host the Lambda functions outside the VPUpdate the Neptune security group to allow access from the IP ranges of the Lambda functions.
  • D. Host the Lambda functions outside the VPC. Create a VPC endpoint for the Neptune database, and have the Lambda functions access Neptune over the VPC endpoint.
  • E. Create three private subnets in the Neptune VPC. Host the Lambda functions in the three new isolated subnets. Create a VPC endpoint for DynamoDB, and route DynamoDB traffic to the VPC endpoint.
Show Suggested Answer Hide Answer
Suggested Answer: BE 🗳️
by cypkir at Nov. 22, 2023, 8:19 a.m.
Disclaimers:
  • - ExamTopics website is not related to, affiliated with, endorsed or authorized by Amazon.
  • - Trademarks, certification & product names are used for reference only and belong to Amazon.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
heatblur
Highly Voted 1 year, 5 months ago
Selected Answer: BE
B and E is the answer. Was really torn about option D.... D involves hosting Lambda functions outside the VPC and creating a VPC endpoint for the Neptune database. The key issue here is that while AWS supports VPC endpoints for several services, as of my last update in April 2023, Amazon Neptune does not support VPC endpoints. Without VPC endpoint support for Neptune, Lambda functions outside the VPC cannot access the Neptune DB cluster in this way. So it must be B and E !
upvoted 11 times
...
Dgix
Highly Voted 1 year, 1 month ago
Selected Answer: BE
The only thing to remember with this question is that the two alternatives are SEPARATE. They are complete on their own and are not in conjunction.
upvoted 6 times
...
AloraCloud
Most Recent 6 months, 2 weeks ago
For B: Why do we need to route internet traffic through a NAT gateway??
upvoted 2 times
alexbraila
4 months, 3 weeks ago
To access DynamoDB over public internet
upvoted 2 times
...
...
djangoUnchained
1 year, 1 month ago
Selected Answer: AE
For B how will the Lambda access DynamoDB from a Private subnet and without an IGW? Should be A.
upvoted 1 times
...
pangchn
1 year, 1 month ago
Selected Answer: BE
till March 2024 "its endpoints are only accessible within that VPC" https://docs.aws.amazon.com/neptune/latest/userguide/security-vpc.html so any answer outside the VPC is wrong apparently you won't choose A to have it public
upvoted 3 times
...
career360guru
1 year, 1 month ago
Selected Answer: BE
B and E
upvoted 1 times
...
ayadmawla
1 year, 4 months ago
Amazon Neptune only allows connections from clients located in the same VPC as the Neptune cluster. So we have to use a load balancer or proxy inside the vpc to give us access. The following Github article show architectural designs that outline the approach. https://aws-samples.github.io/aws-dbs-refarch-graph/src/connecting-using-a-load-balancer/#:~:text=your%20Neptune%20cluster.-,Amazon%20Neptune%20only%20allows%20connections%20from%20clients%20located%20in%20the,via%20an%20Application%20Load%20Balancer.
upvoted 4 times
...
heatblur
1 year, 5 months ago
Selected Answer: BE
B. Create three private subnets in the Neptune VPC, route internet traffic through a NAT gateway, and host the Lambda functions in the new private subnets. E. Create three private subnets in the Neptune VPC, host the Lambda functions in these subnets, and create a VPC endpoint for DynamoDB.
upvoted 2 times
...
Jonalb
1 year, 5 months ago
Selected Answer: BE
opções B e E são as mais viáveis
upvoted 1 times
...
Jonalb
1 year, 5 months ago
Portanto, as opções B e E são as mais viáveis para permitir que as funções Lambda acessem tanto o cluster de banco de dados Amazon Neptune quanto as tabelas do Amazon DynamoDB.
upvoted 2 times
...
thala
1 year, 5 months ago
Selected Answer: BE
https://www.examtopics.com/discussions/amazon/view/81635-exam-aws-certified-solutions-architect-professional-topic-1/
upvoted 3 times
...
devalenzuela86
1 year, 5 months ago
Selected Answer: DE
Answer DE
upvoted 1 times
devalenzuela86
1 year, 5 months ago
It's true BE
upvoted 1 times
...
...
cypkir
1 year, 5 months ago
Selected Answer: BE
Answer: B E
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago