Amazon Web Services Updated SAP-C02 Exam Questions and Answers by zachariah

Using AWS Transfer Family with Amazon S3 storage eliminates the need to manage file servers and offers a scalable and durable file storage solution.

S3 event notifications automatically trigger the AWS Glue transformation jobs upon file arrival, eliminating manual job scheduling.

AWS Glue jobs can be configured to send a notification to an Amazon SQS queue after completion, maintaining the messaging workflow with minimal operational overhead.

This fully managed approach simplifies the architecture and leverages AWS-native automation.

The requirements call for an event-driven redesign that uses serverless services and provides near real-time analytics updates. The current architecture relies on weekly ETL jobs, which is incompatible with near real-time analytics.

A serverless, event-driven architecture on AWS typically uses a managed event bus for decoupling producers and consumers and enabling routing/filtering to multiple targets. The analytics requirement suggests that events (orders, returns, updates) should be streamed to an analytics store continuously rather than copied on a weekly schedule.

Option C aligns with these goals. It modernizes the application components into microservices on a serverless compute substrate (AWS Fargate) and modernizes the databases to managed serverless offerings where possible. Aurora Serverless for MySQL provides an on-demand relational database option that reduces operational overhead for the transactional store. Redshift Serverless provides a managed data warehousing service suitable for analytics without provisioning clusters. Using Amazon EventBridge provides a serverless event routing layer that can deliver events from multiple sources to multiple targets, which supports near real-time propagation of business events from the applications into analytics ingestion and processing.

Option A is not fully aligned: it retains the transactional MySQL database on EC2 (not serverless/managed for the database layer) and moves analytics to Amazon Neptune, which is a graph database, not the typical replacement for an OLAP analytics database. SQS is a queue suited for point-to-point message processing, not a flexible event bus for fan-out to multiple analytics consumers and routing based on event patterns.

Option B is not serverless because it uses EC2 Auto Scaling groups for application compute. Although SNS can distribute messages, this option keeps compute server-based and does not directly provide a near real-time analytics warehouse pattern; it also uses Aurora MySQL for analytics, which is not a typical OLAP warehouse replacement compared to Redshift.

Option D is not appropriate: Amazon AppStream 2.0 is a service for streaming desktop applications to users, not for hosting microservices. AWS IoT Core is optimized for IoT device messaging and telemetry and is not the standard integration backbone for business application event routing across microservices and analytics.

Therefore, option C best satisfies the requirement for an event-driven, serverless architecture with near real-time analytics.

https://aws.amazon.com/about-aws/whats-new/2022/02/amazon-cloudfront-managed-prefix-list/

This solution will give the Lambda function access to the internet by routing its outbound traffic through the NAT gateway, which has a public Elastic IP address. This will allow the external provider to whitelist the single public IP address associated with the NAT gateway, and enable the application to access the new service

Deploying a NAT gateway and associating an Elastic IP address with it, and then configuring the VPC to use the NAT gateway, will give the application the ability to access the new service. This is because the NAT gateway will be the single public IP address that the external provider needs for the allow list. The NAT gateway will allow the application to access the service, while keeping the underlying Lambda functions private.

When configuring NAT gateways, you should ensure that the route table associated with the NAT gateway has a route to the internet gateway with a target of the internet gateway. Additionally, youshould ensure that the security group associated with the NAT gateway allows outbound traffic from the Lambda functions.