The CFO of a company wants to allow one of his employees to view only the AWS usage report page.
Which of the below mentioned IAM policy statements allows the user to have access to the AWS usage report page?
AWS Identity and Access Management is a web service which allows organizations to manage users and user permissions
for various AWS services. If the CFO wants to allow only AWS usage report page access, the policy for that IAM user will be
as given below:
"Effect": "Allow", "Action": [
A company hosts a large on-premises MySQL database at its main office that supports an issue tracking system used by
employees around the world. The company already uses AWS for some workloads and has created an Amazon Route 53
entry for the database endpoint that points to the on-premises database. Management is concerned about the database
being a single point of failure and wants a solutions architect to migrate the database to AWS without any data loss or
Which set of actions should the solutions architect implement?
A company has an application that runs on a fleet of Amazon EC2 instances and stores 70 GB of device data for each
instance in Amazon S3. Recently, some of the S3 uploads have been failing. At the same time, the company is seeing an
unexpected increase in storage data costs. The application code cannot be modified.
What is the MOST efficient way to upload the device data to Amazon S3 while managing storage costs?
In AWS, which security aspects are the customer's responsibility? (Choose four.)
A C D F
A company hosts a legacy application that runs on an Amazon EC2 instance inside a VPC without internet access. Users
access the application with a desktop program installed on their corporate laptops. Communication between the laptops and
the VPC flows through AWS Direct Connect (DX). A new requirement states that all data in transit must be encrypted
between users and the VPC.
Which strategy should a solutions architect use to maintain consistent network performance while meeting this new
In AWS IAM, which of the following predefined policy condition keys checks how long ago (in seconds) the MFA-validated
security credentials making the request were issued using multi- factor authentication (MFA)?
aws:MultiFactorAuthAge is one of the predefined keys provided by AWS that can be included within a Condition element of
an IAM policy. The key allows to check how long ago (in seconds) the MFAvalidated security credentials making the request
were issued using Multi-Factor Authentication (MFA).
A company is moving a business-critical application onto AWS. It is a traditional three-tier web application using an Oracle
database. Data must be encrypted in transit and at rest. The database hosts 12 TB of data. Network connectivity to the
source Oracle database over the internal is allowed, and the company wants to reduce operational costs by using AWS
Managed Services where possible. All resources within the web and application tiers have been migrated. The database has
a few tables and a simple schema using primary keys only; however, it contains many Binary Large Object (BLOB) fields. It
was not possible to use the databases native replication tools because of licensing restrictions.
Which database migration solution will result in the LEAST amount of impact to the applications availability?
(DMS in transit encryption)
A company plans to refactor a monolithic application into a modern application design deployed on AWS. The CI/CD pipeline
needs to be upgraded to support the modern design for the application with the following requirements:
It should allow changes to be released several times every hour. It should be able to roll back the changes as quickly as
Which design will meet these requirements?
A company has a data center that must be migrated to AWS as quickly as possible. The data center has a 500 Mbps AWS
Direct Connect link and a separate, fully available 1 Gbps ISP connection. A Solutions Architect must transfer 20 TB of data
from the data center to an Amazon S3 bucket.
What is the FASTEST way transfer the data?
Import/Export supports importing and exporting data into and out of Amazon S3 buckets. For significant data sets, AWS
Import/Export is often faster than Internet transfer and more cost effective than upgrading your connectivity.
A company is moving a business-critical, multi-tier application to AWS. The architecture consists of a desktop client
application and server infrastructure. The server infrastructure resides in an on-premises data center that frequently fails to
maintain the application uptime SLA of 99.95%. A Solutions Architect must re-architect the application to ensure that it can
meet or exceed the SLA.
The application contains a PostgreSQL database running on a single virtual machine. The business logic and presentation
layers are load balanced between multiple virtual machines. Remote users complain about slow load times while using this
Which of the following will meet the availability requirements with little change to the application while improving user
experience and minimizing costs?