Instructed by Stephane Maarek 6 practice tests
SAMPLE QUESTION:
You have migrated an on-premise SQL Server database to an Amazon Relational Database Service (RDS) database attached to a VPC inside a private subnet. Also, the related Java application, hosted on-premise, has been moved to an Amazon Lambda function.
Which of the following should you implement to connect AWS Lambda function to its RDS instance?
- Use Lambda layers to connect to the internet and RDS separately
- Configure lambda to connect to the public subnet that will give internet access and use Security Group to access RDS inside the private subnet
- Use Environment variables to pass in the RDS connection string
- Configure Lambda to connect to VPC with private subnet and Security Group needed to access RDS
What’s your guess? Scroll below for the answer…
Correct: 4.
CORRECT OPTION
Configure Lambda to connect to VPC with private subnet and Security Group needed to access RDS – You can configure a Lambda function to connect to private subnets in a virtual private cloud (VPC) in your account. Use Amazon Virtual Private Cloud (Amazon VPC) to create a private network for resources such as databases, cache instances, or internal services. Connect your lambda function to the VPC to access private resources during execution. When you connect a function to a VPC, Lambda creates an elastic network interface for each combination of the security group and subnet in your function’s VPC configuration. This is the right way of giving RDS access to Lambda.
INCORRECT OPTIONS
Use Lambda layers to connect to the internet and RDS separately – You can configure your Lambda function to pull in additional code and content in the form of layers. A layer is a ZIP archive that contains libraries, a custom runtime, or other dependencies. Layers will not help in configuring access to RDS instance and hence is an incorrect choice.
Configure lambda to connect to the public subnet that will give internet access and use the Security Group to access RDS inside the private subnet – This is an incorrect statement. Connecting a Lambda function to a public subnet does not give it internet access or a public IP address. To grant internet access to your function, its associated VPC must have a NAT gateway (or NAT instance) in a public subnet.
Use Environment variables to pass in the RDS connection string – You can use environment variables to store secrets securely and adjust your function’s behavior without updating code. You can use environment variables to exchange data with RDS, but you will still need access to RDS, which is not possible with just environment variables.
Who this course is for:
- Anyone who wants to practice the DVA-C01 AWS Certified Developer exam before taking the real one!
Recommended Courses