SAA 考试每日练习 - 2024/12/05

来源：Amazon AWS Certified Solutions Architect - Associate SAA-C03 Exam
50 题 (No.336 ~ No.385) 只记录了 11 道首次碰到的、错误的或有疑问的题目，仅供自己复习使用。
如果侵权请联系删除。

🌟 单词：

embedded_{adj. 植入的, 内含的, 深入的 | v. 埋入, 植入, 深入 | vbl. 埋入, 植入, 深入}
overall_{adj. 全面的；综合的；总体的 | adv. 全部；总计；一般来说；大致上 | n. 外套；罩衣；工装服；连身工作服}

一、Aurora cross region

A solutions architect must create a disaster recovery (DR) plan for a high-volume software as a service (SaaS) platform. All data for the platform is stored in an Amazon Aurora MySQL DB cluster.
The DR plan must replicate data to a secondary AWS Region.
Which solution will meet these requirements MOST cost-effectively?

Use MySQL binary log replication to an Aurora cluster in the secondary Region. Provision one DB instance for the Aurora cluster in the secondary Region.
✅ Set up an Aurora global database for the DB cluster. When setup is complete, remove the DB instance from the secondary Region.
Use AWS Database Migration Service (AWS DMS) to continuously replicate data to an Aurora cluster in the secondary Region. Remove the DB instance from the secondary Region.
❌ Set up an Aurora global database for the DB cluster. Specify a minimum of one DB instance in the secondary Region.

✨ 关键词：Aurora MySQL DB cluster、secondary AWS Region

4️⃣ ❌ -> 2️⃣ ✅

💡 解析：现在已经有了一个 Aurora MySQL DB 集群，现在因为灾备需要将数据复制到另一个区域中。
只使用 Aurora global database 就能解决问题了：Amazon Aurora 全球数据库

Amazon Aurora Global Database 针对全球分布式应用程序而设计，允许单个 Amazon Aurora 数据库跨越多个 AWS 区域。它在不影响数据库性能的情况下复制您的数据，在每个区域中实现低延迟的快速本地读取，并且在发生区域级的中断时提供灾难恢复能力。

2️⃣ 和 4️⃣ 的区别在于，2️⃣ 将 DB 实例从第二个区域中移除，而 4️⃣ 则在其他区域指定了一个最小的 DB 实例。
首先看下 Aurora global database DB cluster 的概念：Using Amazon Aurora Global Database

In the following diagram, you can find an example Aurora global database that spans two AWS Regions.

它可以在一个区域中部署主集群，然后在其他地方自动部署只读集群。
而衍生出的一个概念就是 headless cluster：Achieve cost-effective multi-Region resiliency with Amazon Aurora Global Database headless clusters

Headless Secondary Amazon Aurora 数据库集群是指没有数据库实例的集群。这种配置可以降低 Aurora 全局数据库的费用。在 Aurora 数据库集群中，计算和存储是分离的。没有数据库实例，就不收取计算费用。您可以在二级区域中为 Aurora 集群添加实例，以便向您的用户和应用程序提供。

没有实例的第二区域的数据库集群，显然它是本题的考点。

👨‍👨‍👦‍👦 社区讨论：I originally went for D but now I think B is correct. D isactive-active cluster so whereas B isactive-passive (headless cluster) so it is cheaper than D.
https://aws.amazon.com/blogs/database/achieve-cost-effective-multi-region-resiliency-with-amazon-aurora-global-database-headless-clusters/

二、SQS message size limit

A company has a Java application that uses Amazon Simple Queue Service (Amazon SQS) to parse messages. The application cannot parse messages that are larger than 256 KB in size. The company wants to implement a solution to give the application the ability to parse messages as large as 50 MB.
Which solution will meet these requirements with the FEWEST changes to the code?

✅ Use the Amazon SQS Extended Client Library for Java to host messages that are larger than 256 KB in Amazon S3.
Use Amazon EventBridge to post large messages from the application instead of Amazon SQS.
Change the limit in Amazon SQS to handle messages that are larger than 256 KB.
Store messages that are larger than 256 KB in Amazon ElasticFile System (Amazon EFS). Configure Amazon SQS to reference this location in the messages.

✨ 关键词：SQS、256 KB

1️⃣ ✅

💡 解析：连接到 SQS 的 Java 应用无法消费超过 256 KB 的消息。
SQS 本身不支持超过 256 KB 大小的消息：Configuring queue parameters using the Amazon SQS console

8. For Maximum message size, enter a value. The range is 1 KB to 256 KB. The default value is 256 KB.

使用 Amazon SQS Extended Client Library for Java 后可以处理超过 2 GB 大小的消息：Managing large Amazon SQS messages using Java and Amazon S3

You can use the Amazon SQS Extended Client Library for Java and Amazon Simple Storage Service (Amazon S3) to manage large Amazon Simple Queue Service (Amazon SQS) messages. This is especially useful for consuming large message payloads, from 256 KB and up to 2 GB. The library saves the message payload to an Amazon S3 bucket and sends a message containing a reference of the stored Amazon S3 object to an Amazon SQS queue.

👨‍👨‍👦‍👦 社区讨论：A. Use the Amazon SQS Extended Client Library for Java to host messages that are larger than 256 KB in Amazon S3.
Amazon SQS hasa limit of 256 KB for the size of messages.To handle messages larger than 256 KB, the Amazon SQS Extended Client Library for Java can be used.This libraryallows messages larger than 256 KB to be stored in Amazon S3 and providesa way to retrieve and process them. Using this solution, the application code can remain largely unchanged while still being able to process messages up to 50 MB in size.

三、Saving plans

A company has an application that is running on Amazon EC2 instances. A solutions architect has standardized the company on a particular instance family and various instance sizes based on the current needs of the company.
The company wants to maximize cost savings for the application over the next 3 years. The company needs to be able to change the instance family and sizes in the next 6 months based on application popularity and usage.
Which solution will meet these requirements MOST cost-effectively?

✅ Compute Savings Plan
❌ EC2 Instance Savings Plan
Zonal Reserved Instances
Standard Reserved Instances

✨ 关键词：maximize cost savings

2️⃣ ❌ -> 1️⃣ ✅

💡 解析：有固定的 EC2 架构，且需要最大化降低费用。
不使用 Reserved Instances 是因为它不能更改实例类型：Amazon EC2 的预留实例概览

使用预留实例时，您将承诺使用特定的实例配置。

而节省计划还分 Compute Savings Plan 和 EC2 Instance Savings Plan 两种：Savings Plans

Compute Savings Plans：Compute Savings Plans 的灵活性最高，最高可帮助您节省 66% 的费用。这些计划会自动应用于 EC2 实例用量，不分实例系列、大小、可用区、区域、操作系统或租期，并且还适用于 Fargate 和 Lambda 的使用。
例如，注册 Compute Savings Plans 后，您可以随时从 C4 实例更改为 M5 实例，将工作负载从欧洲（爱尔兰）区域转移到欧洲（伦敦）区域，或者将工作负载从 EC2 迁移到 Fargate 或 Lambda，并继续自动支付 Savings Plans 价格。

EC2 Instance Savings Plans：EC2 Instance Savings Plans 可提供最低的价格，最高可提供 72% 的折扣，以换取在单个区域内使用单个实例系列的承诺（例如在弗吉尼亚北部区域使用 M5 实例）。这会自动降低您在该区域的选定实例系列成本，不分可用区、实例大小、操作系统或租期。借助 EC2 Instance Savings Plans，您可以灵活地在该区域的一个实例系列中更改实例的使用情况。
例如，您可以从运行 Windows 的 c5.xlarge 实例迁移到运行 Linux 的 c5.2xlarge 实例，并自动享受 Savings Plan 价格。

社区支持 EC2 Instance Savings Plans 虽然省的更多，不支持实例类型家族的转换，因此选 1️⃣。

顺便过一下各类型的 EC2 实例：Amazon EC2 实例类型

M 系列（通用型实例）

C 系列（计算优化型实例）

R 系列（内存优化型实例）

👨‍👨‍👦‍👦 社区讨论：Read Carefully guys ,They need to be able to change FAMILY ,and although EC2 Savings hasa higher discount , its clearly documented as not allowed >
EC2 Instance Savings Plans provide savings up to 72 percent off On-Demand, in exchange for a commitment to a specific instance family in a chosen AWS Region (forexample, M5 in Virginia).These plansautomaticallyapply to usage regardless of size (forexample, m5.xlarge, m5.2xlarge,etc.), OS (forexample, Windows, Linux,etc.),and tenancy (Host, Dedicated, Default) within the specified family in a Region.

四、Batch job

A company is migrating an old application to AWS. The application runs a batch job every hour and is CPU intensive. The batch job takes 15 minutes on average with an on-premises server. The server has 64 virtual CPU (vCPU) and 512 GiB of memory.
Which solution will run the batch job within 15 minutes with the LEAST operational overhead?

Use AWS Lambda with functional scaling.
Use Amazon Elastic Container Service (Amazon ECS) with AWS Fargate.
Use Amazon Lightsail with AWS Auto Scaling.
✅ Use AWS Batch on Amazon EC2.

✨ 关键词：batch job、takes 15 minutes on average

4️⃣ ✅

💡 解析：有平均运行 15 分钟、需要 64 核心 512 内存的批处理任务要迁移到 AWS。
Lambda 不能运行超过 15 分钟：Configure Lambda function timeout

Lambda runs your code for a set amount of time before timing out. Timeout is the maximum amount of time in seconds that a Lambda function can run. The default value for this setting is 3 seconds, but you can adjust this in increments of 1 second up to a maximum value of 900 seconds (15 minutes).

再看下 AWS Batch 是什么：什么是 AWS Batch？

借助 AWS Batch，您可以在 AWS Cloud上运行批处理计算工作负载。批量计算是开发人员、科学家和工程师用来访问大量计算资源的常见方法。
AWS Batch 可根据提交的批处理作业的卷和特定资源需求动态预置最佳的计算资源（如 CPU 或内存优化计算资源）数量和类型。借助 AWS Batch，您无需安装和管理批处理计算软件或服务器集群，从而使您能够集中精力分析结果和解决问题。AWS Batch 使用 Amazon ECS、Amazon EKS 和 AWS Fargate 计划、安排和执行您的批处理计算工作负载，并可选择使用竞价型实例。

毫无疑问它很适合这个场景。

👨‍👨‍👦‍👦 社区讨论：The amount of CPU and memory resources required by the batch job exceeds the capabilities of AWS Lambda and Amazon Lightsail with AWS Auto Scaling, which offer limited compute resources. AWS Fargate offers containerized application orchestration and scalable infrastructure, but may require additional operational overhead to configure and manage the environment. AWS Batch isa fully managed service that automatically provisions the required infrastructure for batch jobs, with options to use different instance typesand launch modes.
Therefore, the solution that will run the batch job within 15 minutes with the LEAST operational overhead is D. Use AWS Batch on Amazon EC2. AWS Batch can handle all the operational aspects of job scheduling, instance management,and scaling while using Amazon EC2 injavascript:void(0)stances with the right amount of CPU and memory resources to meet the job’s requirements.

五、FIFO queue

A company uses a payment processing system that requires messages for a particular payment ID to be received in the same order that they were sent. Otherwise, the payments might be processed incorrectly.
Which actions should a solutions architect take to meet this requirement? (Choose two.)

Write the messages to an Amazon DynamoDB table with the payment ID as the partition key.
✅ Write the messages to an Amazon Kinesis data stream with the payment ID as the partition key.
Write the messages to an Amazon ElastiCache for Memcached cluster with the payment ID as the key.
Write the messages to an Amazon Simple Queue Service (Amazon SQS) queue. Set the message attribute to use the payment ID.
✅ Write the messages to an Amazon Simple Queue Service (Amazon SQS) FIFO queue. Set the message group to use the payment ID.

✨ 关键词：received in the same order that they were sent

2️⃣ 5️⃣ ✅

💡 解析：需要按照发送顺序接收带有支付 ID 的消息。
5️⃣ 先进先出队列是一定正确的。
看下官方描述的对 2️⃣ Amazon Kinesis data stream 的使用场景：https://www.amazonaws.cn/en/kinesis/data-streams/faqs/

Q: When should I use Amazon Kinesis Data Streams, and when should I use Amazon SQS?
We recommend Amazon Kinesis Data Streams for use cases with requirements that are similar to the following:

Ordering of records. For example, you want to transfer log data from the application host to the processing/archival host while maintaining the order of log statements.

它适用于对顺序有要求的数据流，因此它是支持先进先出的。
社区里有人提到了 Amazon Kinesis Data Streams Terminology and concepts 这篇文章，但是我并没有在其中找到明确的写明 Amazon Kinesis data stream 遵循先进先出的相关信息。

👨‍👨‍👦‍👦 社区讨论：Option B is preferred over A because Amazon Kinesis Data Streams inherently maintain the order of records within a shard, which is crucial for the given requirement of preserving the order of messages for a particular payment ID. When you use the payment ID as the partition key,all messages for that payment ID will be sent to the same shard,ensuring that the order of messages is maintained.

选项 B 比选项 A 更可取，因为 Amazon Kinesis 数据流本质上保持了碎片内记录的顺序，这对于保存特定支付 ID 的消息顺序的给定要求是至关重要的。当您使用支付 ID 作为分区密钥时，该支付 ID 的所有消息将被发送到同一碎片，以确保保持消息的顺序。

On the other hand, Amazon DynamoDB isa NoSQL database service that provides fast and predictable performance with seamless scalability. While it can store data with partition keys, it does not guarantee the order of records within a partition, which isessential for the given use case. Hence, using Kinesis Data Streams is more suitable for this requirement.
As DynamoDB does not keep the order, I think BE is the correct answer here.

六、SNS FIFO

A company is building a game system that needs to send unique events to separate leaderboard, matchmaking, and authentication services concurrently. The company needs an AWS event-driven system that guarantees the order of the events.
Which solution will meet these requirements?

Amazon EventBridge event bus
✅ Amazon Simple Notification Service (Amazon SNS) FIFO topics
❌ Amazon Simple Notification Service (Amazon SNS) standard topics
Amazon Simple Queue Service (Amazon SQS) FIFO queues

✨ 关键词：guarantees the order of the events

3️⃣ ❌ -> 2️⃣ ✅

💡 解析：游戏公司需要按顺序发送一系列的事件。
由于消费者不同，这里更适合发布-订阅模型，因此选用 SNS，而 SNS 也是支持 FIFO（先进先出）模式的，因此选 2️⃣：Message ordering and deduplication strategies using Amazon SNS FIFO topics

👨‍👨‍👦‍👦 社区讨论：The answer is B la.SNS FIFO topics queue should be used combined with SQS FIFO queue in this case.The question asked for correct order to different event, so asking forSNS fan out here to send to individual SQS.
https://docs.aws.amazon.com/sns/latest/dg/fifo-example-use-case.html

七、SNS and SQS encryption

A hospital is designing a new application that gathers symptoms from patients. The hospital has decided to use Amazon Simple Queue Service (Amazon SQS) and Amazon Simple Notification Service (Amazon SNS) in the architecture.
A solutions architect is reviewing the infrastructure design. Data must be encrypted at rest and in transit. Only authorized personnel of the hospital should be able to access the data.
Which combination of steps should the solutions architect take to meet these requirements? (Choose two.)

Turn on server-side encryption on the SQS components. Update the default key policy to restrict key usage to a set of authorized principals.
✅ Turn on server-side encryption on the SNS components by using an AWS Key Management Service (AWS KMS) customer managed key. Apply a key policy to restrict key usage to a set of authorized principals.
❌ Turn on encryption on the SNS components. Update the default key policy to restrict key usage to a set of authorized principals. Set a condition in the topic policy to allow only encrypted connections over TLS.
✅ Turn on server-side encryption on the SQS components by using an AWS Key Management Service (AWS KMS) customer managed key. Apply a key policy to restrict key usage to a set of authorized principals. Set a condition in the queue policy to allow only encrypted connections over TLS.
Turn on server-side encryption on the SQS components by using an AWS Key Management Service (AWS KMS) customer managed key. Apply an IAM policy to restrict key usage to a set of authorized principals. Set a condition in the queue policy to allow only encrypted connections over TLS.

✨ 关键词：SQS、SNS、data must be encrypted at rest and in transit

3️⃣ 4️⃣ ❌ -> 2️⃣ 4️⃣ ✅

💡 解析：SNS 和 SQS 作为数据的传输过程需要加密。
SQS 和 SNS 都默认提供传输中加密，因此不需要再手动配置 HTTPS。
对于 SQS 队列的静态加密：Encryption at rest in Amazon SQS

Server-side encryption (SSE) lets you transmit sensitive data in encrypted queues. SSE protects the contents of messages in queues using SQS-managed encryption keys (SSE-SQS) or keys managed in the AWS Key Management Service (SSE-KMS).

和 S3 一样不仅可以使用 SQS 管理的密钥，还能使用 KMS 的。当然权限也需要使用 Key Policy。
而针对 SNS 的静态加密：Securing Amazon SNS data with server-side encryption

Server-side encryption (SSE) lets you store sensitive data in encrypted topics by protecting the contents of messages in Amazon SNS topics using keys managed in AWS Key Management Service (AWS KMS).
SSE encrypts messages as soon as Amazon SNS receives them. The messages are stored in encrypted form, and only decrypted when they are sent.

同样也是支持两种，而密钥的管理也采用 Key Policy。
回到题目，3️⃣ 对 SNS 的加密使用默认加密方式，然后更新密钥的策略允许其他人使用。
我并没找到详细的文章说明 SNS 管理的密钥不能共享给别人，但是我实操了下发现并没有 SSE 的选项了：

总之有 KMS 尽量就选 KMS 吧。
3️⃣ 重复设置 HTTPS 其实本身也错了。

👨‍👨‍👦‍👦 社区讨论：read this:
https://docs.aws.amazon.com/sns/latest/dg/sns-server-side-encryption.html
https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/sqs-server-side-encryption.html

八、AWS account password policy

A solutions architect wants all new users to have specific complexity requirements and mandatory rotation periods for IAM user passwords.
What should the solutions architect do to accomplish this?

✅ Set an overall password policy for the entire AWS account.
Set a password policy for each IAM user in the AWS account.
Use third-party vendor software to set password requirements.
❌ Attach an Amazon CloudWatch rule to the Create_newuser event to set the password with the appropriate requirements.

✨ 关键词：specific complexity requirements、mandatory rotation periods

4️⃣ ❌ -> 1️⃣ ✅

💡 解析：要让所有（新）用户的密码具有强制的复杂性和定期轮换要求。
Set an account password policy for IAM users

Rules for setting a password policy
IAM 密码策略不适用于 AWS 账户根用户密码或 IAM 用户访问密钥。如果密码过期，IAM 用户将无法登录 AWS 管理控制台，但可以继续使用其访问密钥。创建或更改密码策略时，大部分密码策略设置会在用户下次更改密码时执行。不过，有些设置会立即执行。例如：

当最小长度和字符类型要求发生变化时，这些设置会在用户下一次更改密码时强制执行。即使现有密码不符合更新后的密码策略，也不会强制用户更改现有密码。

设置密码失效期后，失效期将立即生效。例如，假设你设置的密码过期时间为 90 天。在这种情况下，现有密码超过 90 天的所有 IAM 用户的密码都会过期。这些用户下次登录时必须更改密码。

👨‍👨‍👦‍👦 社区讨论：You can set a custom password policy on your AWS account to specify complexity requirementsand mandatory rotation periods for your IAM users’ passwords. When you create or change a password policy, most of the password policy settingsare enforced the next time your users change their passwords. However, some of the settingsare enforced immediately.
https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_passwords_account-policy.html#:~:text=Setting%20an%20account-,password%20policy,-for%20IAM%20users

九、HA DB and stroage

A company wants to migrate an Oracle database to AWS. The database consists of a single table that contains millions of geographic information systems (GIS) images that are high resolution and are identified by a geographic code.
When a natural disaster occurs, tens of thousands of images get updated every few minutes. Each geographic code has a single image or row that is associated with it. The company wants a solution that is highly available and scalable during such events.
Which solution meets these requirements MOST cost-effectively?

Store the images and geographic codes in a database table. Use Oracle running on an Amazon RDS Multi-AZ DB instance.
✅ Store the images in Amazon S3 buckets. Use Amazon DynamoDB with the geographic code as the key and the image S3 URL as the value.
❌ Store the images and geographic codes in an Amazon DynamoDB table. Configure DynamoDB Accelerator (DAX) during times of high load.
Store the images in Amazon S3 buckets. Store geographic codes and image S3 URLs in a database table. Use Oracle running on an Amazon RDS Multi-AZ DB instance.

✨ 关键词：high resolution images

3️⃣ ❌ -> 2️⃣ ✅

💡 解析：数分钟内会有万级的图片上传，需要插入表中。
这里需要注意的是 DynamoDB 有单条数据大小限制：Data types

String - The length of a String is constrained by the maximum item size of 400 KB.

Binary - The length of a Binary is constrained by the maximum item size of 400 KB.

这和题目中的高分辨率图像存储需求冲突，因此需要使用到 S3。

👨‍👨‍👦‍👦 社区讨论：Amazon prefers people to move from Oracle to its own services like DynamoDB and S3.

十、Dedicated Hosts and Instances

A company is planning to migrate a commercial off-the-shelf application from its on-premises data center to AWS. The software has a software licensing model using sockets and cores with predictable capacity and uptime requirements. The company wants to use its existing licenses, which were purchased earlier this year.
Which Amazon EC2 pricing option is the MOST cost-effective?

✅ Dedicated Reserved Hosts
Dedicated On-Demand Hosts
❌ Dedicated Reserved Instances
Dedicated On-Demand Instances

✨ 关键词：software licensing model using sockets and cores with predictable capacity and uptime requirements

3️⃣ ❌ -> 1️⃣ ✅

💡 解析：软件授权限制核心数和时长。
独立服务器 + 预留实例最具性价比。
Amazon EC2 专用主机 (Dedicated Hosts) 专门用于支持现有软件许可证和改善合规性的硬件

借助 Amazon EC2 专用主机，您可以在 Amazon EC2 上使用 Microsoft 和 Oracle 等供应商提供的合格软件许可证，从而既能享受使用自己的许可证带来的灵活性与经济性，又能享受 AWS 带来的简便性与弹性。Amazon EC2 专用主机是完全专门供您使用的物理服务器，有助于您满足企业合规性要求。

Amazon EC2 专用实例 (Dedicated Instances)

专用实例是在单一客户专用硬件上的 VPC 中运行的 Amazon EC2 实例。您的专用实例在主机硬件级别与属于其他 AWS 账户的实例进行物理隔离。专用实例可与来自同一 AWS 账户中属于非专用实例的其他实例共享硬件。

专用主机强调对许可证合规性的配合；而专用实例更多强调物理级别与其他 AWS 账号隔离，可以确保更进一步的数据安全。

👨‍👨‍👦‍👦 社区讨论：“predictable capacityand uptime requirements” means “Reserved"
"socketsand cores” means “dedicated host”

十一、POSIX-compliant stroage

A company runs an application on Amazon EC2 Linux instances across multiple Availability Zones. The application needs a storage layer that is highly available and Portable Operating System Interface (POSIX)-compliant. The storage layer must provide maximum data durability and must be shareable across the EC2 instances. The data in the storage layer will be accessed frequently for the first 30 days and will be accessed infrequently after that time.
Which solution will meet these requirements MOST cost-effectively?

❌ Use the Amazon S3 Standard storage class. Create an S3 Lifecycle policy to move infrequently accessed data to S3 Glacier.
Use the Amazon S3 Standard storage class. Create an S3 Lifecycle policy to move infrequently accessed data to S3 Standard-Infrequent Access (S3 Standard-IA).
✅ Use the Amazon ElasticFile System (Amazon EFS) Standard storage class. Create a lifecycle management policy to move infrequently accessed data to EFS Standard-Infrequent Access (EFS Standard-IA).
Use the Amazon ElasticFile System (Amazon EFS) One Zone storage class. Create a lifecycle management policy to move infrequently accessed data to EFS One Zone-Infrequent Access (EFS One Zone-IA).

✨ 关键词：POSIX、be accessed frequently for the first 30 days and will be accessed infrequently after that time

1️⃣ ❌ -> 3️⃣ ✅

💡 解析：该应用程序需要一个高度可用性和便携式操作系统接口（POSIX）兼容的存储层。同时数据只在前 30 天访问频繁，之后偶尔访问。
重点在于如何兼容 POSIX 协议：可移植操作系统接口

可移植操作系统接口（英语：Portable Operating System Interface，缩写为POSIX）是IEEE为要在各种UNIX操作系统上运行软件。

看下 EFS 的文档：创建和管理EFS资源

Amazon EFS 提供POSIX符合要求的弹性共享文件存储。您创建的文件系统支持来自多个 Amazon EC2 实例的并发读写权限。也可以从文件系统的创建地的所有可用区访问 AWS 区域该文件系统。

由于 4️⃣ 使用了单区存储与高可用需求冲突，因此选 3️⃣ 。

👨‍👨‍👦‍👦 社区讨论：Multi AZ = both EFS and S3 support
Storage classes = both EFS and S3 support
POSIX file system access = only Amazon EFS supports