AWS Certified Solutions Architect – Professional — Question 361

An organization is planning to host a web application in the AWS VPC. The organization does not want to host a database in the public cloud due to statutory requirements.
How can the organization setup in this scenario?

Answer options

• A. The organization should plan the app server on the public subnet and database in the organization's data center and connect them with the VPN gateway.
• B. The organization should plan the app server on the public subnet and use RDS with the private subnet for a secure data operation.
• C. The organization should use the public subnet for the app server and use RDS with a storage gateway to access as well as sync the data securely from the local data center.
• D. The organization should plan the app server on the public subnet and database in a private subnet so it will not be in the public cloud.

Correct answer: A

Explanation

Since statutory requirements prohibit hosting the database in the public cloud, any option using AWS RDS or private VPC subnets is invalid because those resources still reside within AWS. Hosting the database in the on-premises data center and linking it to the AWS-hosted application server via a VPN gateway satisfies the regulatory constraint while enabling secure communication.