AWS-Solution Architect Associate-Q & A – Latest

John is working on a new requirement where the customer is searching for an approach to utilize standard formats for provisioning their framework on AWS. Which AWS administration John can utilize in this situation?

ANS: CloudFormation

Ben is a Solutions Architect at Cloud Training. A customer is using API Gateway for handling countless API calls to AWS Lambda. The customer’s business is developing and anticipating that an enormous increment in rush hour gridlock. The customer has requested guidance on guaranteeing the administrations can scale with no decrease in execution. What will you do here?

ANS: We can scales API Gateway up to the default throttling limit, with some additional burst capacity available. And AWS Lambda scales concurrently executing functions up to your default limit.

John is working in a project in which he has to develop a mobile application that will be hosted on AWS. It is normal that the quantity of clients associating every day could be more than 1 million. The information that is transferred must be put away in a solid and tireless information store. The information store should likewise be exceptionally accessible and effectively versatile.
Which AWS administrations would John use?


John is a Solutions Architect, he should structure an answer that encrypts information in Amazon S1. Corporate strategy commands encryption keys be produced and oversaw on premises. What arrangement should John use to meet the security necessities?

SSE-C: Server-side encryption with customer-provided encryption keys

John is a Solutions Architect in US Based company, he should structure a Storage solution for approaching billing reports in CSV format. The information will be broke down inconsistently and disposed of following 10 days.
Which mix of administrations will be MOST practical in meeting these necessities?

ANS: Write the files to an S1 bucket and use Amazon Athena to query the data

John’s organization is opening another office in the UNITED STATES area. Clients in the new office should take information from a RDS database that is facilitated in the Canada . To improve execution, John is wanting to actualize a Read Replica of the database. Your Chief Security Officer (CSO) has disclosed to you that the organization approach directs that all information that leaves the Canada  must be encoded . What to do now?

John can create an encrypted Read Replica that is encrypted with a different key and he can enable encryption for the master DB by creating a new DB from a snapshot with encryption enabled


You can use tags to organize your AWS bill to reflect your own cost structure.


Harry works in a cloud organization , his organization has a famous web application that associates with an Amazon RDS MySQL DB occurrence running in a private VPC subnet that was made with default ACL settings. The web servers must be open just to clients on a SSL association. The database should just be open to web servers in an open subnet.
What arrangement meets these prerequisites ? 

Create a web server security group that allows HTTPS port 441 inbound traffic from Anywhere ( and apply it to the web servers
Create a DB server security group that allows MySQL port 1106 inbound and specify the source as a web server security group

You have a JavaScript application that is used to upload objects to Amazon S3 by hundreds of thousands of clients. You are using server-side encryption with the AWS Key Management Service. You are finding that many requests are not working. What is going on?

Ans:-You have exceeded the KMS API call limit

 Jacob need to empower sign in his mobile app using social identity suppliers including Amazon, Facebook and Google. How can he do?

ANS:He can use Amazon Cognito

Jacob works as a Solutions Architect at Cloud Training. He is working on a disaster recovery solution that permits to raise his applications in another AWS region. A portion of his applications run on EC instances and have restrictive programming setups with implanted licenses. He has to make copy duplicates of EC occurrences in the other region.
what is the solution?

He can create an AMI of each EC instance and copy the AMIs to the other region and can create new EC instances from the AMIs

John is working in a cloud venture, one of his customer needs to execute a mutual index framework. Prerequisites are that it ought to give a various leveled structure, bolster solid information consistency, and be open from numerous records, districts and on-premises servers utilizing their AWS Direct Connect interface.
Which storage service John would prescribe to the customer?

Amazon EFS

 Jacob is a solution architect, one of his venture customer intends to relocate an on-premise multi-level application to AWS. The application is coordinated with industry-standard message merchants. The customer needs to relocate from the current message merchant without modifying application code. Which administration ought to be utilized?

Amazon MQ

We have multiple No SQL databses in AWS. Suppose you have created an e-commerce site using DynamoDB. When creating a primary key on a table which of the following would be the best attribute for the primary key?

Ans:-user_id where there are many users to few products

When creating a primary key on a table which of the following would be the best attribute for the primary key?

Ans:-user_id where there are many users to few products

 John is a Solutions Architect, he needs to deploy a HTTP/HTTPS administration on Amazon EC cases that will be put behind an Elastic Load Balancer. The ELB must help WebSockets.
Launch a Network Load Balancer (NLB)
Launch a Classic Load Balancer (CLB)
Launch an Application Load Balancer (ALB)

Launch an Application Load Balancer (ALB)

 When you update a stack, you modify the original stack template then AWS CloudFormation:

Ans:-updates only the resources that you modified

Jacob is working in a cloud project as AWS engineer, a mobile customer requires information from a few application-layer administrations to populate its UI. What can the application group use to decouple the customer interface from the hidden administrations behind them?

Amazon API Gateway

We can create IAM role and provide access to particular EC2 instance.How can you check an IAM role for permissions to a Kinesis stream is associated to an EC2 instance?

Ans:-Check the EC2 instance metadata at iam/security-credentials/role-name

Jack is a solution architect is managing an application that exports information from a social database into a S1 pail. The information investigation group needs to bring this information into a RedShift bunch in a VPC in a similar record. Because of the information being delicate the security group has trained you to guarantee that the information crosses the VPC without being steered by means of the open Internet.
Which blend of activities would meet this prerequisite? (choose 2)

Enable Amazon RedShift Enhanced VPC routing
Create and configure an Amazon S1 VPC endpoint

 Jack is a Solutions Architect, he has made a VPC plan that meets the security necessities of their association. Any new applications that are sent must utilize this VPC structure.
By what method can project team deploy and erase VPCs that meet this plan with the LEAST authoritative effort?

Deploy an AWS CloudFormation template that defines components of the VPC

You have created one EC2 instance and your application is running on EC2 instance.You are using AWS X-ray to record trace data for requests to your application running on EC2. Unfortunately, the trace data is not appearing in the X-ray console. You are in the Sao Paulo region. What is the most probable cause?

Ans:-the ec2 instance does not have a role with permissions to send trace segments or telemetry records

You are AWS Solution architect or developer in your company. Now Your organisation would like to have clear separation of costs between departments. What is the best way to achieve this?

Ans:-We can create separate AWS accounts for departments and use consolidated billing.

Your AWS Lambda function integrates with other AWS serverless services. You would like to deploy this application and be able to rollback any deployments that are not successful. What will you do?

Ans:-We can Create a zip file containing your code and libraries. Upload the deployment package using the Lambda console or AWS CLI/SDKs CreateFunction.

You would like to increase the throughput of a table scan but still leave capacity for the day to day workload. How would you do this?

Ans:-You can use a parallel scan with rate-limit parameter

Your AWS CodeBuild project keeps failing to compile your code. How can you identify what is happening?

Ans:-Check the build logs in the CodeBuild console

Suppose you want to host ten secure websites on a single EC2 server using multiple SSL certificates. Can we achieve this?

Ans:- We can assign a secondary private IPv4 address to a second attached network interface and can associate an elastic IP address with the private IPv4 address.

You have created an alias in IAM for your company called cloudvikas-com. What will be the login address for your IAM users?


In AWS BIGDATA project we have an Amazon Kinesis Stream that is consuming records from an application. A Lambda function will process the records from the Kinesis Stream. What order will the records be processed.

Ans:-In the exact order it is received by each Kinesis shard on a FIFO basis. Order across shards is not guaranteed.

How will you create an application  that should run on an EC2 instance inside a VPC and it can access to Amazon S3?

Ans:-Create a VPC S3 endpoint

A VPC subnet can only be associated with one route table at a time, and you cannot associate multiple subnets with the same route table.