AWS Certified Database – Specialty — Question 237

A company uses multiple AWS accounts in AWS Organizations to separate development teams that work on different applications. Each AWS account contains multiple applications that run in the default VPC with interface endpoints. The applications need access to the same underlying data in an Amazon Aurora PostgreSQL DB cluster in one of the AWS accounts.

Which solution will meet these requirements in the MOST operationally efficient way?

Answer options

• A. Use AWS Resource Access Manager (AWS RAM) to share the subnet that contains the database. Create an Amazon RDS Proxy endpoint for the other applications to access.
• B. Use VPC peering to connect the VPCs of the other AWS accounts to the subnet that contains the database.
• C. Create an Amazon S3 bucket that stores database backups. Configure replication to S3 buckets in the other accounts. Restore the backups in the other AWS accounts.
• D. Create an interface VPC endpoint for the Amazon RDS API. Attach an endpoint policy that grants the other AWS accounts access to the database.

Correct answer: A

Explanation

The correct answer is A because using AWS Resource Access Manager (AWS RAM) to share the subnet with an Amazon RDS Proxy endpoint allows seamless and efficient access to the database from multiple AWS accounts without the need for complex networking configurations. Option B, VPC peering, introduces additional management overhead, while option C involves unnecessary data replication and restoration processes, and option D does not directly provide access to the database without additional configurations.