Amazon Web Services braindumps2go saa-c03 Leak Questions by Casey q281 vce pdf

Page: 29 / 50

Exam Name:	AWS Certified Solutions Architect - Associate (SAA-C03)
Exam Code:	SAA-C03 Dumps
Vendor:	Amazon Web Services	Certification:	AWS Certified Associate
Questions:	724 Q&A's	Shared By:	casey

Question 116

A company wants to deploy an AWS Lambda function that will read and write objects to Amazon S3 bucket. The Lambda function must be connected to the company's VPC. The company must deploy the Lambda function only to private subnets in the VPC. The Lambda function must not be allowed to access the internet.

Which solutions will meet these requirements? (Select TWO.)

Options:

Create a private NAT gateway to access the S3 bucket.

Attach an Elastic IP address to the NAT gateway.

Create a gateway VPC endpoint for the S3 bucket.

Create an interface VPC endpoint for the S3 bucket.

Create a public NAT gateway to access the S3 bucket.

Discussion

Question 117

A company is using microservices to build an ecommerce application on AWS. The company wants to preserve customer transaction information after customers submit orders. The company wants to store transaction data in an Amazon Aurora database. The company expects sales volumes to vary throughout each year.

Options:

Use an Amazon API Gateway REST API to invoke an AWS Lambda function to send transaction data to the Aurora database. Send transaction data to an Amazon Simple Queue Service (Amazon SQS) queue that has a dead-letter queue. Use a second Lambda function to read from the SQS queue and to update the Aurora database.

Use an Amazon API Gateway HTTP API to send transaction data to an Application Load Balancer (ALB). Use the ALB to send the transaction data to Amazon Elastic Container Service (Amazon ECS) on Amazon EC2. Use ECS tasks to store the data in Aurora database.

Use an Application Load Balancer (ALB) to route transaction data to Amazon Elastic Kubernetes Service (Amazon EKS). Use Amazon EKS to send the data to the Aurora database.

Use Amazon Data Firehose to send transaction data to Amazon S3. Use AWS Database Migration Service (AWS DMS) to migrate the data from Amazon S3 to the Aurora database.

Discussion

Question 118

A company uses Amazon S3 to store customer data that contains personally identifiable information (PII) attributes. The company needs to make the customer information available to company resources through an AWS Glue Catalog. The company needs to have fine-grained access control for the data so that only specific IAM roles can access the PII data.

Options:

Create one IAM policy that grants access to PII. Create a second IAM policy that grants access to non-PII data. Assign the PII policy to the specified IAM roles.

Create one IAM role that grants access to PII. Create a second IAM role that grants access to non-PII data. Assign the PII policy to the specified IAM roles.

Use AWS Lake Formation to provide the specified IAM roles access to the PII data.

Use AWS Glue to create one view for PII data. Create a second view for non-PII data. Provide the specified IAM roles access to the PII view.

Discussion

Anaya

I found so many of the same questions on the real exam that I had already seen in the Cramkey Dumps. Thank you so much for making exam so easy for me. I passed it successfully!!!

Nina Dec 25, 2025

It's true! I felt so much more confident going into the exam because I had already seen and understood the questions.

Hendrix

Great website with Great Exam Dumps. Just passed my exam today.

Luka Dec 17, 2025

Absolutely. Cramkey Dumps only provides the latest and most updated exam questions and answers.

Alessia

Amazing Dumps. Found almost all questions in actual exam whih I prepared from these valuable dumps. Recommended!!!!

Belle Dec 10, 2025

That's impressive. I've been struggling with finding good study material for my certification. Maybe I should give Cramkey Dumps a try.

Sam

Can I get help from these dumps and their support team for preparing my exam?

Audrey Dec 15, 2025

Definitely, you won't regret it. They've helped so many people pass their exams and I'm sure they'll help you too. Good luck with your studies!

Question 119

A company has deployed a multi-tier web application to support a website. The architecture includes an Application Load Balancer (ALB) in public subnets, two Amazon Elastic Container Service (Amazon ECS) tasks in the public subnets, and a PostgreSQL cluster that runs on Amazon EC2 instances in private subnets.

The EC2 instances that host the PostgreSQL database run shell scripts that need to access an external API to retrieve product information. A solutions architect must design a solution to allow the EC2 instances to securely communicate with the external API without increasing operational overhead.

Which solution will meet these requirements?

Options:

Assign public IP addresses to the EC2 instances in the private subnets. Configure security groups to allow outbound internet access.

Configure a NAT gateway in the public subnets. Update the route table for the private subnets to route traffic to the NAT gateway.

Configure a VPC peering connection between the private subnets and a public subnet that has access to the external API.

Deploy an interface VPC endpoint to securely connect to the external API.