AWS Certified Solutions Architect – Associate (SAA-C03) — Question 293

A company’s facility has badge readers at every entrance throughout the building. When badges are scanned, the readers send a message over HTTPS to indicate who attempted to access that particular entrance.

A solutions architect must design a system to process these messages from the sensors. The solution must be highly available, and the results must be made available for the company’s security team to analyze.

Which system architecture should the solutions architect recommend?

Answer options

• A. Launch an Amazon EC2 instance to serve as the HTTPS endpoint and to process the messages. Configure the EC2 instance to save the results to an Amazon S3 bucket.
• B. Create an HTTPS endpoint in Amazon API Gateway. Configure the API Gateway endpoint to invoke an AWS Lambda function to process the messages and save the results to an Amazon DynamoDB table.
• C. Use Amazon Route 53 to direct incoming sensor messages to an AWS Lambda function. Configure the Lambda function to process the messages and save the results to an Amazon DynamoDB table.
• D. Create a gateway VPC endpoint for Amazon S3. Configure a Site-to-Site VPN connection from the facility network to the VPC so that sensor data can be written directly to an S3 bucket by way of the VPC endpoint.

Correct answer: B

Explanation

Option B is correct because Amazon API Gateway provides a highly available, managed HTTPS endpoint that integrates natively with AWS Lambda for serverless processing, saving the results to Amazon DynamoDB for easy analysis. Option A is incorrect because a single Amazon EC2 instance represents a single point of failure and is not highly available. Option C is incorrect because Amazon Route 53 cannot directly route HTTP/HTTPS traffic to trigger an AWS Lambda function without an intermediary like API Gateway or an Application Load Balancer.