SAP-C02 第 446 题
题目
A company uses AWS Organizations to manage its development environment. Each development team at the company has its own AWS account. Each account has a single VPC and CIDR blocks that do not overlap. The company has an Amazon Aurora DB cluster in a shared services account. All the development teams need to work with live data from the DB cluster. Which solution will provide the required connectivity to the DB cluster with the LEAST operational overhead?
中文翻译:
一家公司使用 AWS Organizations 来管理其开发环境。公司的每个开发团队都有自己的 AWS 账户。每个账户都有一个不重叠的 VPC 和 CIDR 块。该公司在共享服务账户中拥有一个 Amazon Aurora 数据库集群。所有开发团队都需要使用数据库集群中的实时数据。哪种解决方案能够以最少的运营开销提供与数据库集群所需的连接?
选项
A. Create an AWS Resource Access Manager (AWS RAM) resource share for the DB cluster. Share the DB cluster with all the development accounts.
中文翻译:
为数据库集群创建 AWS Resource Access Manager (AWS RAM) 资源共享。与所有开发帐户共享数据库集群。
B. Create a transit gateway in the shared services account. Create an AWS Resource Access Manager (AWS RAM) resource share for the transit gateway. Share the transit gateway with all the development accounts. Instruct the developers to accept the resource share. Configure networking.
中文翻译:
在共享服务帐户中创建中转网关。为中转网关创建 AWS Resource Access Manager (AWS RAM) 资源共享。与所有开发帐户共享中转网关。指示开发人员接受资源共享。配置网络。
C. Create an Application Load Balancer (ALB) that points to the IP address of the DB cluster. Create an AWS PrivateLink endpoint service that uses the ALB. Add permissions to allow each development account to connect to the endpoint service.
中文翻译:
创建指向数据库集群 IP 地址的应用程序负载均衡器 (ALB)。创建使用 ALB 的 AWS PrivateLink 终端节点服务。添加权限以允许每个开发帐户连接到端点服务。
D. Create an AWS Site-to-Site VPN connection in the shared services account. Configure networking. Use AWS Marketplace VPN software in each development account to connect to the Site-to-Site VPN connection.
中文翻译:
在共享服务账户中创建 AWS Site-to-Site VPN 连接。配置网络。在每个开发账户中使用 AWS Marketplace VPN 软件来连接到 Site-to-Site VPN 连接。
答案
B
解析
正确答案:B 解析: 本题应选择 B。 正确选项: B. 在共享服务帐户中创建中转网关。为中转网关创建 AWS Resource Access Manager (AWS RAM) 资源共享。与所有开发帐户共享中转网关。指示开发人员接受资源共享。配置网络。 选择理由: 该选项最直接地满足题干中的关键约束。做 SAP-C02 题目时,需要同时对照题干里的限定词,例如最高性能、最低运维开销、成本效益、可靠性、可扩展性、安全性、RTO/RPO、...