SAA-C03 Reviews Questions

AWS Control Tower: Provides a managed service to set up and govern a secure, multi-account AWS environment based on AWS best practices. It automates the setup of AWS Organizations and applies security controls (guardrails).

Networking Account:

Create a centralized networking account that includes a VPC with both private and public subnets.

This centralized VPC will manage and control the networking resources.

AWS Resource Access Manager (AWS RAM):

Use AWS RAM to share the subnets from the networking account with the other workload accounts.

This allows different workload accounts to utilize the shared networking resources without the need to manage their own VPCs.

Operational Efficiency: Using AWS Control Tower simplifies the setup and governance of multiple AWS accounts, while AWS RAM facilitates centralized management of networking resources, reducing operational overhead and ensuring consistent security and compliance.

AWS Lambda is not suitable for long-running jobs that can take up to 20 minutes, as Lambda has a maximum execution duration of 15 minutes.

Amazon ECS with AWS Fargate allows you to run containers without managing EC2 instances, providing a scalable and highly available environment. You can scale Fargate tasks to handle large and parallel video processing jobs. Amazon Aurora is a highly available, managed relational database. S3 Intelligent-Tiering is cost-effective for storing large video files with variable access patterns.

AWS Documentation Extract:

" AWS Fargate lets you run containers without managing servers or clusters, providing a highly available and scalable compute environment. Fargate is suitable for running data processing workloads that require long-running compute tasks. "

(Source: AWS Fargate documentation, Use Cases)

A: Lambda is not suitable for long-running (over 15 min) or heavy compute jobs.

C: Amazon EMR is optimized for big data analytics, not specific video processing. FSx for Lustre and Kinesis are not best fit for this use case.

D: EKS with EC2 adds operational overhead and RDS in a single AZ is not highly available; Glacier Deep Archive is not suitable for frequently accessed video files.

Amazon RDS read replicas provide a way to offload read traffic from the primary database, allowing read-intensive applications to query the replica without impacting the performance of the production (write) database. This is especially effective for workloads that involve frequently changing data but do not benefit from caching, since queries are rarely repeated.

Reference Extract from AWS Documentation / Study Guide:

" Read replicas allow you to elastically scale out beyond the capacity constraints of a single DB instance for read-heavy database workloads. "

Source: AWS Certified Solutions Architect – Official Study Guide, RDS Read Replica section.

Amazon RDS Blue/Green Deploymentsis the best answer because AWS documents that it creates a synchronized staging environment from the production database so you canmake and test changesbefore switching traffic. AWS also specifically calls outmajor and minor engine version upgradesas a supported use case and notes that Blue/Green Deployments help reduce upgrade risk and minimize downtime. This is more operationally efficient than building a custom migration or relying only on snapshots and manual restore testing. Since the company wants a quick, low-overhead way to test the upgrade safely on critical data, Blue/Green Deployments is the strongest AWS-native solution.

============