Amazon Web Services SOA-C02 Actual Questions

AWS Secrets Manager is the recommended and native solution for managing secrets such as RDS DB credentials, with built-in support for automatic password rotation.

From Secrets Manager RDS integration documentation:

Secrets Manager supports automatic rotation for Amazon RDS databases. You can configure rotation for the master user credentials using a predefined Lambda rotation function provided by AWS.

This is the least operational effort option:

No custom Lambda code required

Seamlessly integrates with RDS

Fully managed password rotation

To manage incomplete multipart uploads in an Amazon S3 bucket, creating an S3 Lifecycle rule to specifically address these uploads is the most effective method. The rule can be configured to automatically delete expired multipart upload parts, which helps in cleaning up unused data and reducing storage costs. Option A is correct as it directly addresses the requirement to manage incomplete uploads effectively. Reference on setting up S3 Lifecycle policies can be found here Amazon S3 Lifecycle.

When using Amazon S3 Object Lock configured in governance mode, deleting objects before their retention period ends requires specific permissions. To bypass these governance restrictions, the administrator must:

C: Assume a role that has the s3:BypassGovernanceRetention permission. This permission allows the role to override the governance mode restrictions.

D: Include the x-amz-bypass-governance-retention:true header in the delete request. This header is necessary to programmatically bypass the governance retention settings when making a delete request via the AWS CLI or SDK. These steps enable the deletion of objects under governance mode retention without waiting for the retention period to expire, addressing the need to remove unintended data uploads effectively. For further details, refer to the AWS documentation on S3 Object Lock Amazon S3 Object Lock.

For predictable, significant traffic increases during a specific time period every day:

EC2 Auto Scaling Group: Set up an Auto Scaling group for the EC2 instances running the web application. This group automatically adjusts the number of instances based on policies defined.

Scheduled Scaling Policy: Use a scheduled scaling policy to pre-emptively increase the number of instances before the expected increase in traffic each day. Scheduled scaling allows you to specify the scaling actions to occur at specific times, based on known or expected demand patterns.

Attach to ALB: Ensure the Auto Scaling group is attached to the Application Load Balancer, which will distribute incoming traffic across the dynamically adjusted pool of EC2 instances.

This approach ensures that the application scales up resources ahead of the expected load, maintaining performance and user experience without manual intervention.