来源:Amazon AWS Certified Solutions Architect - Associate SAA-C03 Exam
20 题 (No.451 ~ No.470) 只记录了 4 道首次碰到的、错误的或有疑问的题目,仅供自己复习使用。
如果侵权请联系删除。
一、Budgets create
A company uses AWS Organizations. The company wants to operate some of its AWS accounts with different budgets. The company wants to receive alerts and automatically prevent provisioning of additional resources on AWS accounts when the allocated budget threshold is met during a specific period.
Which combination of solutions will meet these requirements? (Choose three.)
- ❌ Use AWS Budgets to create a budget. Set the budget amount under the Cost and Usage Reports section of the required AWS accounts.
- ✅ Use AWS Budgets to create a budget. Set the budget amount under the Billing dashboards of the required AWS accounts.
- Create an IAM user for AWS Budgets to run budget actions with the required permissions.
- ✅ Create an IAM role for AWS Budgets to run budget actions with the required permissions.
- Add an alert to notify the company when each account meets its budget threshold. Add a budget action that selects the IAM identity created with the appropriate config rule to prevent provisioning of additional resources.
- ✅ Add an alert to notify the company when each account meets its budget threshold. Add a budget action that selects the IAM identity created with the appropriate service control policy (SCP) to prevent provisioning of additional resources.
✨ 关键词:
1️⃣ 4️⃣ 6️⃣ ❌ -> 2️⃣ 4️⃣ 6️⃣ ✅
💡 解析:AWS 的预算在
账单控制台 - 预算和规划 - 预算处创建:
👨👨👦👦 社区讨论:“Create an AWS Budget: Go to the AWS Billing Dashboard”
https://awslabs.github.io/scale-out-computing-on-aws/workshops/TKO-Scale-Out-Computing/modules/071-budgets/
二、AWS Transfer Family
A company that uses AWS is building an application to transfer data to a product manufacturer. The company has its own identity provider (IdP). The company wants the IdP to authenticate application users while the users use the application to transfer data. The company must use Applicability Statement 2 (AS2) protocol.
Which solution will meet these requirements?
- Use AWS DataSync to transfer the data. Create an AWS Lambda function for IdP authentication.
- Use Amazon AppFlow flows to transfer the data. Create an Amazon Elastic Container Service (Amazon ECS) task for IdP authentication.
- ✅ Use AWS Transfer Family to transfer the data. Create an AWS Lambda function for IdP authentication.
- ❌ Use AWS Storage Gateway to transfer the data. Create an Amazon Cognito identity pool for IdP authentication.
✨ 关键词:
4️⃣ ❌ -> 3️⃣ ✅
💡 解析:公司希望 IdP 在用户使用应用程序传输数据时对应用程序用户进行身份验证。相当于要将 IdP 功能置放在数据传输的应用程序中。
AWS Transfer Family 是一种安全的传输服务,使您能够将文件传入和传出 AWS 存储服务。Transfer Family 是该 AWS Cloud 平台的一部分。 AWS Transfer Family 为通过SFTP、、AS2、FTPS以及FTP直接传入和传出 Amazon S3 或 Amazon 的文件提供完全托管的支持EFS。 过维护现有的客户端身份验证、访问和防火墙配置,您可以无缝迁移、自动化和监控文件传输工作流程,因此您的客户、合作伙伴和内部团队或其应用程序不会发生任何变化。
要对用户进行身份验证,您可以使用现有的身份提供商 AWS Transfer Family。您可以使用功能集成您的身份提供商,该 AWS Lambda 功能对您的用户进行身份验证和授权,使其能够访问 Amazon S3 或 Amazon Elastic File System (Ama EFS zon)。
👨👨👦👦 社区讨论:Option C stands out stronger because AWS Transfer Family securely scales your recurring business-to-business file transfers to AWS Storage services using SFTP, FTPS, FTP, and AS2 protocols.
And AWS Lambda can be used to authenticate users with the company’s IdP.
三、Lambda
An IoT company is releasing a mattress that has sensors to collect data about a user’s sleep. The sensors will send data to an Amazon S3 bucket. The sensors collect approximately 2 MB of data every night for each mattress. The company must process and summarize the data for each mattress. The results need to be available as soon as possible. Data processing will require 1 GB of memory and will finish within 30 seconds.
Which solution will meet these requirements MOST cost-effectively?
- Use AWS Glue with a Scala job
- Use Amazon EMR with an Apache Spark script
- ✅ Use AWS Lambda with a Python script
- ❌ Use AWS Glue with a PySpark job
✨ 关键词:
4️⃣ ❌ -> 3️⃣ ✅
💡 解析:这里由于 EMR 和 Glue 都会留存数据,不够便宜因此不选。
是一门多范式的编程语言,设计初衷是要集成面向对象编程和函数式编程的各种特性。
Apache Spark 是一种用于大数据工作负载的分布式开源处理系统。
Spark支持很多语言的调用,包括了Java、Scala、Python等,其中用Python语言编写的Spark API就是PySpark。
👨👨👦👦 社区讨论:That’s the point here, technically all the options are good and will work, but since we are on a small amount of data Lambda will be the cheapest one, usually Glue or EMR will be kept for a big amount of data.
Here is a topic where people did a comparison in comments:
https://www.reddit.com/r/aws/comments/9umxv1/aws
四、Multi-Attach
A company is developing an application to support customer demands. The company wants to deploy the application on multiple Amazon EC2 Nitro-based instances within the same Availability Zone. The company also wants to give the application the ability to write to multiple block storage volumes in multiple EC2 Nitro-based instances simultaneously to achieve higher application availability.
- Use General Purpose SSD (gp3) EBS volumes with Amazon Elastic Block Store (Amazon EBS) Multi-Attach
- Use Throughput Optimized HDD (st1) EBS volumes with Amazon Elastic Block Store (Amazon EBS) Multi-Attach
- ✅ Use Provisioned IOPS SSD (io2) EBS volumes with Amazon Elastic Block Store (Amazon EBS) Multi-Attach
- Use General Purpose SSD (gp2) EBS volumes with Amazon Elastic Block Store (Amazon EBS) Multi-Attach
✨ 关键词:
3️⃣ ✅
💡 解析:使用多重挂载将 EBS 卷挂载到多个 EC2 实例
通过 Amazon EBS 多重挂载,您可以将单个预置 IOPS SSD(io1 或 io2)卷挂载到位于同一可用区中的多个实例。您可以将多个启用多重挂载的卷附加到一个实例或一组实例。卷附加到的每个实例都对共享卷拥有完全读取和写入权限。通过多重挂载,您可以更轻松地在管理并发写入操作的应用程序中实现更高的应用程序可用性。
👨👨👦👦 社区讨论:Multi-Attach is supported exclusively on Provisioned IOPS SSD (io1 and io2) volumes.