AWS Certified Developer – Associate (DVA-C02) — Question 523

A developer is deploying a new Node.js AWS Lambda function that is not connected to a VPC. The Lambda function needs to connect to and query an Amazon Aurora database that is not publicly accessible. The developer is expecting unpredictable surges in database traffic.

What should the developer do to give the Lambda function access to the database?

Answer options

• A. Configure the Lambda function to use an Amazon RDS proxy.
• B. Configure a NAT gateway. Attach the NAT gateway to the Lambda function.
• C. Enable public access on the Aurora database. Configure a security group on the database to allow outbound access for the database engine’s port.
• D. Enable VPC access for the Lambda function. Attach the Lambda function to a new security group that does not have rules.

Correct answer: A

Explanation

Amazon RDS Proxy manages database connection pools, allowing AWS Lambda functions to handle unpredictable traffic surges without exhausting database connection limits. It also allows Lambda functions to securely access private Amazon Aurora databases without requiring the Lambda function to be placed in a VPC or exposing the database publicly. Other options, such as opening public access or using an empty security group, do not address connection pooling or security requirements correctly.