AWS Certified Solutions Architect – Associate (SAA-C03) — Question 757

A company’s ecommerce website has unpredictable traffic and uses AWS Lambda functions to directly access a private Amazon RDS for PostgreSQL DB instance. The company wants to maintain predictable database performance and ensure that the Lambda invocations do not overload the database with too many connections.

What should a solutions architect do to meet these requirements?

Answer options

• A. Point the client driver at an RDS custom endpoint. Deploy the Lambda functions inside a VPC.
• B. Point the client driver at an RDS proxy endpoint. Deploy the Lambda functions inside a VPC.
• C. Point the client driver at an RDS custom endpoint. Deploy the Lambda functions outside a VPC.
• D. Point the client driver at an RDS proxy endpoint. Deploy the Lambda functions outside a VPC.

Correct answer: B

Explanation

Using Amazon RDS Proxy allows for efficient pooling and sharing of database connections, which prevents AWS Lambda from overwhelming the private Amazon RDS database during traffic spikes. Because both the RDS instance and the RDS Proxy require secure network access within the private network, the Lambda functions must be deployed inside a VPC. Other options using custom endpoints or deploying outside a VPC do not solve the connection pooling issue or fail to establish secure connectivity to the private database.