exam questions

Exam AWS Certified Solutions Architect - Professional All Questions

View all questions & answers for the AWS Certified Solutions Architect - Professional exam

Exam AWS Certified Solutions Architect - Professional topic 1 question 885 discussion

A new application is running on Amazon Elastic Container Service (Amazon ECS) with AWS Fargate. The application uses an Amazon Aurora MySQL database.
The application and the database run in the same subnets of a VPC with distinct security groups that are configured.
The password for the database is stored in AWS Secrets Manager and is passed to the application through the DB_PASSWORD environment variable. The hostname of the database is passed to the application through the DB_HOST environment variable. The application is failing to access the database.
Which combination of actions should a solutions architect take to resolve this error? (Choose two.)

  • A. Ensure that the container has the environment variable with name "DB_PASSWORD" specified with a ג€ValueFromג€ and the ARN of the secret.
  • B. Ensure that the container has the environment variable with name "DB_PASSWORD" specified with a ג€ValueFromג€ and the secret name of the secret.
  • C. Ensure that the Fargate service security group allows inbound network traffic from the Aurora MySQL database on the MySQL TCP port 3306.
  • D. Ensure that the Aurora MySQL database security group allows inbound network traffic from the Fargate service on the MySQL TCP port 3306.
  • E. Ensure that the container has the environment variable with name "DB_HOST" specified with the hostname of a DB instance endpoint.
  • F. Ensure that the container has the environment variable with name "DB_HOST" specified with the hostname of the DB cluster endpoint.
Show Suggested Answer Hide Answer
Suggested Answer: AD 🗳️

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
joancarles
Highly Voted 2 years, 2 months ago
A D F In this type of question, with six possible answers, it is usually necessary to choose three: A. Select the ARN https://docs.aws.amazon.com/AmazonECS/latest/userguide/specifying-sensitive-data-secrets.html D. Ensure the SG allows traffic in the DB F. Amazon Aurora typically involves a cluster of DB instances instead of a single instance. A cluster endpoint (or writer endpoint) for an Aurora DB cluster connects to the current primary DB instance for that DB cluster. https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/Aurora.Overview.Endpoints.html
upvoted 7 times
kiwtirApp
1 year, 1 month ago
Why D and not C? same logic applies there too right?
upvoted 1 times
...
...
nsvijay04b1
Most Recent 2 years, 1 month ago
Selected Answer: AD
ADF Admin, plz make it 3 options.
upvoted 4 times
Byrney
2 years ago
I'm not sure about D. Why would you allow list the Fargate 'service'? The traffic from the task to the DB comes from an ENI injected by Fargate into your subnet, within your VPC.
upvoted 1 times
...
...
firstabed
2 years, 2 months ago
D&F --<>
upvoted 3 times
...
JohnPi
2 years, 2 months ago
A D F 3 correct answers
upvoted 3 times
...
asg76
2 years, 2 months ago
My Answer - B,D
upvoted 1 times
asg76
2 years, 2 months ago
Typo...D&F
upvoted 2 times
...
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
Loading ...