AWS Certified Associate SOA-C02 Reddit Questions

To ensure that all traffic, including rejected traffic, is logged in VPC Flow Logs, you need to create a new flow log with a filter setting to capture all traffic.

Create a New Flow Log:

Open the VPC console.

Select the VPC for which you want to create the flow log.

Choose "Create flow log."

In the filter setting, select "All" to capture all traffic (accepted and rejected).

Flow Log Configuration:

Ensure that the destination for the flow logs (e.g., CloudWatch Logs or S3) is properly configured.

Specify the appropriate IAM role to allow VPC Flow Logs to publish logs to the destination.

References:

VPC Flow Logs

Creating a Flow Log

To alleviate performance degradation on a heavily queried Amazon Aurora DB cluster:

A: Create an Aurora Replica node and implement an Auto Scaling policy based on CPU utilization. Ensure all reporting requests use the read-only connection string to redirect read queries to the replica. This setup alleviates the load on the primary DB instance by balancing read traffic, which can significantly improve stability during periods of high demand. Aurora Replicas are ideal for scaling read operations and can improve the performance of the primary instance by offloading read requests. More details on Aurora Replicas and their benefits can be found in the AWS documentation on Aurora Replicas Amazon Aurora Replicas.

"Network Load Balancer is optimized to handle sudden and volatile traffic patterns while using a single static IP address per Availability Zone."

For an application that must scale to millions of requests per second and requires a single static IP address for each Availability Zone, a Network Load Balancer (NLB) is the most suitable option. NLBs are designed for high-performance, low-latency networking, and they support static IP addresses for each Availability Zone, making it ideal for volatile traffic patterns. Option D is the correct choice. AWS provides extensive documentation on NLB capabilities and configurations that suit these requirements AWS Network Load Balancer.

For routing based on the user's geographic location to comply with data residency requirements, the best solution is to use Amazon Route 53 geolocation routing policy. This policy allows you to configure DNS responses based on the geographic location of the user, ensuring that requests are directed to specific AWS Regions that align with the company’s data residency requirements. Option C is correct. The AWS Route 53 documentation provides details on implementing geolocation routing policies Amazon Route 53 Geolocation Routing.