AWS Certified Solutions Architect – Associate (SAA-C02) — Question 452

A company has hired a solutions architect to design a reliable architecture for its application. The application consists of one Amazon RDS DB instance and two manually provisioned Amazon EC2 instances that run web servers. The EC2 instances are located in a single Availability Zone.
An employee recently deleted the DB instance, and the application was unavailable for 24 hours as a result. The company is concerned with the overall reliability of its environment.
What should the solutions architect do to maximize reliability of the application's infrastructure?

Answer options

• A. Delete one EC2 instance and enable termination protection on the other EC2 instance. Update the DB instance to be Multi-AZ, and enable deletion protection.
• B. Update the DB instance to be Multi-AZ, and enable deletion protection. Place the EC2 instances behind an Application Load Balancer, and run them in an EC2 Auto Scaling group across multiple Availability Zones.
• C. Create an additional DB instance along with an Amazon API Gateway and an AWS Lambda function. Configure the application to invoke the Lambda function through API Gateway. Have the Lambda function write the data to the two DB instances.
• D. Place the EC2 instances in an EC2 Auto Scaling group that has multiple subnets located in multiple Availability Zones. Use Spot Instances instead of On- Demand Instances. Set up Amazon CloudWatch alarms to monitor the health of the instances. Update the DB instance to be Multi-AZ, and enable deletion protection.

Correct answer: B

Explanation

Option B is correct because enabling deletion protection on the RDS instance prevents accidental deletion, while a Multi-AZ deployment ensures high availability for the database. Additionally, placing the EC2 instances in an Auto Scaling group across multiple Availability Zones behind an Application Load Balancer eliminates single points of failure for the web tier. The other options are incorrect because they either reduce compute capacity (Option A), introduce unnecessary architecture complexity with Lambda (Option C), or rely on Spot Instances which can be terminated abruptly and hurt reliability (Option D).