Amazon Web Services Updated SAP-C02 Exam Questions and Answers by lowen

S3 Event Notifications is a feature that allows users to receive notifications when certain events happen in an S3 bucket, such as object creation or deletion1. Users can configure S3 Event Notifications to invoke an AWS Lambda function when a user stores an image in the bucket. Lambda is a serverless compute service that runs code in response to events and automatically manages the underlying compute resources2. The Lambda function can resize the image in place and store the original file in the same S3 bucket. This way, the solution can handle significant variance in demand and be reliable at enterprise scale. Thesolution can also rerun processing jobs in the event of failure by using the retry and dead-letter queue features of Lambda2.

S3 Lifecycle is a feature that allows users to manage their objects so that they are stored cost-effectively throughout their lifecycle3. Users can create an S3 Lifecycle policy to move all stored images to S3 Standard-Infrequent Access (S3 Standard-IA) after 6 months. S3 Standard-IA is a storage class designed for data that is accessed less frequently, but requires rapid access when needed4. It offers a lower storage cost than S3 Standard, but charges a retrieval fee. Therefore, moving the images to S3 Standard-IA after 6 months can reduce the storage cost for the solution.

Option A is incorrect because using AWS Step Functions to process the S3 event that occurs when a user stores an image is not necessary or cost-effective. AWS Step Functions is a service that lets users coordinate multiple AWS services into serverless workflows. However, for this use case, a single Lambda function can handle the image resizing task without needing Step Functions.

Option B is incorrect because using Amazon EventBridge to process the S3 event that occurs when a user uploads an image is not necessary or cost-effective. Amazon EventBridge is a serverless event bus service that makes it easy to connect applications with data from a variety of sources. However, for this use case, S3 Event Notifications can directly invoke the Lambda function without needing EventBridge.

Option D is incorrect because using Amazon Simple Queue Service (Amazon SQS) to process the S3 event that occurs when a user stores an image is not necessary or cost-effective. Amazon SQS is a fully managed message queuing service that enables users to decouple and scale microservices, distributed systems, and serverless applications. However, for this use case, S3 Event Notifications can directly invoke the Lambda function without needing SQS. Moreover, storing the resized file in an S3 bucket that uses S3 Standard-IA will incur a retrieval fee every time the file is accessed, which may not be cost-effective for frequently accessed files.

Option A is correct because using an Elastic Load Balancer and an Auto Scaling group with a minimum capacity of two instances can improve the availability and scalability of the EC2 instances that host the application. The load balancer can distribute traffic across multiple instances and the Auto Scaling group can replace any unhealthy instances automatically1

Option D is correct because modifying the DB instance to create a Multi-AZ deployment that extends across two Availability Zones can improve the availability and durability of the RDS for MariaDB database. Multi-AZ deployments provide enhanceddata protection and minimize downtime by automatically failing over to astandby replica in another Availability Zone in case of a planned or unplanned outage4

Option F is correct because creating a replication group for the ElastiCache for Redis cluster and enabling Multi-AZ on the cluster can improve the availability and fault tolerance of the in-memory data store. A replication group consists of a primary node and up to five read-only replica nodes that are synchronized with the primary node using asynchronous replication. Multi-AZ allows automatic failover to one of the replicas if the primary node fails or becomes unreachable6

The goal is to ensure the application operates across multiple Availability Zones. That means removing single points of failure in compute, database, and network egress for private subnets.

For compute, the Auto Scaling group currently has min=1 and max=1, which guarantees only one instance is running at a time. Even if the Auto Scaling group spans multiple subnets, a single-instance configuration cannot provide multi-AZ active capacity because a failure of the Availability Zone hosting the single instance would cause downtime until a new instance is launched in a different zone. To operate across multiple Availability Zones, the solution should run multiple instances across different AZs, which implies increasing the minimum capacity above 1 and allowing the group to launch across multiple subnets/AZs.

For the database, a single-AZ RDS for MySQL instance is a single point of failure. Converting to an RDS Multi-AZ configuration provides synchronous replication to a standby in a different Availability Zone and managed failover to maintain availability when the primary AZ or instance fails.

For NAT, a single NAT gateway is an AZ-scoped managed resource. If private subnets in other AZs route to a NAT gateway in one AZ, an AZ outage can break outbound connectivity for workloads that depend on NAT. The resilient pattern is to deploy a NAT gateway in each Availability Zone and configure each private subnet’s route table to use the NAT gateway in the same AZ.

Option A addresses all three: it deploys additional NAT gateways per AZ and updates route tables accordingly, converts RDS to Multi-AZ, and adjusts Auto Scaling to launch across AZs with min and max set to 3 so there are instances running in multiple AZs simultaneously. This ensures the application remains available across AZ failures, meeting the requirement.

Option B replaces NAT with a virtual private gateway, which is used for VPN/Direct Connect connectivity, not for internet egress from private subnets. It does not satisfy the NAT functionality requirement. Although Aurora can provide high availability, the NAT replacement is not correct for the described architecture.

Option C increases operational overhead by replacing NAT gateway with NAT instances, which are self-managed and less resilient without additional design. It also changes the database engine to PostgreSQL unnecessarily and does not directly address the requirement with minimal change.

Option D improves NAT resiliency but only enables RDS automatic backups, which is a durability feature, not a high availability feature. Backups do not provide automatic failover and do not ensure the application will operate across multiple AZs. Also, keeping Auto Scaling min/max at 1 still leaves the application compute layer single-AZ at any given moment.

Therefore, option A is the correct solution.