Amazon Web Services Updated SAA-C03 Exam Questions and Answers by sufyan

https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-integrate-with-cognito.html

To control access to the REST API and reduce development efforts, the company can use an Amazon Cognito user pool authorizer in API Gateway. This will allow Amazon Cognito to validate each request and ensure that only authenticated users can access the API. This solution has the LEAST operational overhead, as it does not require the company to develop and maintain any additional infrastructure or code.

Session Manager is a fully managed AWS Systems Manager capability. With Session Manager, you can manage your Amazon Elastic Compute Cloud (Amazon EC2) instances, edge devices, on-premises servers, and virtual machines (VMs). You can use either an interactive one-click browser-based shell or the AWS Command Line Interface (AWS CLI). Session Manager provides secure and auditable node management without the need to open inbound ports, maintainbastion hosts, or manage SSH keys. Session Manager also allows you to comply with corporate policies that require controlled access to managed nodes, strict security practices, and fully auditable logs with node access details, while providing end users with simple one-click cross-platform access to your managed nodes.https://docs.aws.amazon.com/systems-manager/latest/userguide/session-manager.html

This option is the most efficient because it uses aMulti-AZ deployment for the DB instance, which provides enhanced availability and durability for RDS database instances by automatically replicating the data to a standby instance in a different AvailabilityZone1. It also provides a recovery point objective (RPO) of less than 1 second for all its production databases, as the standby instance is kept in sync with the primary instanceusing synchronous physical replication2. This solution meets the requirement of requiring a RPO of less than 1 second for all its production databases. Option B is less efficientbecause it uses auto scaling for the DB instance in one Availability Zone, which is a way to automatically adjust the compute capacity of your DB instance based on load or a schedule3. However, this does not provide a RPO of lessthan 1 second for all its production databases, as it does not replicate the data to another Availability Zone. Option C is less efficient because it uses read replicas in a separate Availability Zone, which are read-only copies of your primary database that can serve read traffic and support scaling. However, this does not provide a RPO of less than 1 second for all its production databases, as read replicas use asynchronous replication and can lag behind the primary database. Option D is less efficient because it uses AWS Database Migration Service (AWS DMS) change data capture (CDC) tasks, which are tasks that capture changes made to source data and apply them to target data. However, this does not provide a RPO of less than 1 second for all its production databases, as AWS DMS uses asynchronous replication and can lag behind the source database.

• Launching instances within a single AZ and using a cluster placement group provides the lowest network latency and highest bandwidth between instances. This maximizes performance for an in-memory database and high-throughput application.

• Communications between instances in the same AZ and placement group are free, minimizing data transfer charges. Inter-AZ and public IP traffic can incur charges.

• A cluster placement group enables the instances to be placed close together within the AZ, allowing the high network throughput required. Partition groups span AZs, reducing bandwidth.

• Auto Scaling across zones could launch instances in AZs that increase data transfer charges. It may reduce network throughput, impacting performance.