AWS Certified SysOps Administrator – Associate (SOA-C03) — Question 57

A company deploys AWS infrastructure in a VPC that has an internet gateway. The VPC has public subnets and private subnets. An Amazon RDS for MySQL DB instance is deployed in a private subnet. An AWS Lambda function uses the same private subnet and connects to the DB instance to query data.
A developer modifies the Lambda function to require the function to publish messages to an Amazon Simple Queue Service (Amazon SQS) queue. After these changes, the Lambda function times out when it tries to publish messages to the SQS queue.
Which solutions will resolve this issue? (Choose two.)

Answer options

• A. Reconfigure the Lambda function so that the function is not connected to the VPC.
• B. Deploy an RDS proxy. Configure the Lambda function to connect to the DB instance through the proxy.
• C. Deploy a NAT gateway. Update the private subnet's route table to route all traffic to the NAT gateway.
• D. Create an interface endpoint for Amazon SQS in the VPC.
• E. Create a gateway endpoint for Amazon SQS in the VPC.

Correct answer: C, D

Explanation

The correct answers are C and D. Option C resolves the timeout issue by allowing the Lambda function in the private subnet to access the internet for SQS communication through the NAT gateway. Option D provides a direct connection to SQS from the VPC, which is necessary for the Lambda function to successfully send messages. Options A and B do not address the issue correctly, as A removes necessary VPC connectivity and B does not directly solve the SQS access problem.