AWS Certified Database – Specialty — Question 166

A company is setting up a new Amazon RDS for SQL Server DB instance. The company wants to enable SQL Server auditing on the database.
Which combination of steps should a database specialist take to meet this requirement? (Choose two.)

Answer options

• A. Create a service-linked role for Amazon RDS that grants permissions for Amazon RDS to store audit logs on Amazon S3.
• B. Set up a parameter group to configure an IAM role and an Amazon S3 bucket for audit log storage. Associate the parameter group with the DB instance.
• C. Disable Multi-AZ on the DB instance, and then enable auditing. Enable Multi-AZ after auditing is enabled.
• D. Disable automated backup on the DB instance, and then enable auditing. Enable automated backup after auditing is enabled.
• E. Set up an options group to configure an IAM role and an Amazon S3 bucket for audit log storage. Associate the options group with the DB instance.

Correct answer: A, E

Explanation

The correct answers A and E are necessary steps for enabling SQL Server auditing on Amazon RDS. Option A involves creating a service-linked role that allows RDS to store logs, while option E involves setting up an options group for IAM role and S3 configuration. Options B, C, and D either do not address the requirements for auditing or involve unnecessary actions that could disrupt the database instance's operations.