AWS Certified Solutions Architect – Associate (SAA-C02) — Question 442

A company's facility has badge readers at every entrance throughout the building. When badges are scanned, the readers send a message over HTTPS to indicate who attempted to access that particular entrance.
A solutions architect must design a system to process these messages from the sensors. The solution must be highly available, and the results must be made available for the company's security team to analyze.
Which system architecture should the solutions architect recommend?

Answer options

• A. Launch an Amazon EC2 instance to serve as the HTTPS endpoint and to process the messages. Configure the EC2 instance to save the results to an Amazon S3 bucket.
• B. Create an HTTPS endpoint in Amazon API Gateway. Configure the API Gateway endpoint to invoke an AWS Lambda function to process the messages and save the results to an Amazon DynamoDB table.
• C. Use Amazon Route 53 to direct incoming sensor messages to an AWS Lambda function. Configure the Lambda function to process the messages and save the results to an Amazon DynamoDB table.
• D. Create a gateway VPC endpoint for Amazon S3. Configure a Site-to-Site VPN connection from the facility network to the VPC so that sensor data can be written directly to an S3 bucket by way of the VPC endpoint.

Correct answer: B

Explanation

Amazon API Gateway combined with AWS Lambda and Amazon DynamoDB provides a fully managed, serverless, and highly available architecture that automatically scales to handle incoming HTTPS requests from the badge readers. Option A is not highly available because it relies on a single EC2 instance, while Option C is incorrect because Route 53 cannot directly trigger a Lambda function from an HTTPS request without an intermediary like API Gateway. Option D is incorrect because it does not provide an HTTPS endpoint for message ingestion and lacks a processing layer before storage.