AWS Certified Solutions Architect – Professional — Question 505

MapMySite is setting up a web application in the AWS VPC. The organization has decided to use an AWS RDS instead of using its own DB instance for HA and
DR requirements.
The organization also wants to secure RDS access.
How should the web application be setup with RDS?

Answer options

• A. Create a VPC with one public and one private subnet. Launch an application instance in the public subnet while RDS is launched in the private subnet.
• B. Setup a public and two private subnets in different AZs within a VPC and create a subnet group. Launch RDS with that subnet group.
• C. Create a network interface and attach two subnets to it. Attach that network interface with RDS while launching a DB instance.
• D. Create two separate VPCs and launch a Web app in one VPC and RDS in a separate VPC and connect them with VPC peering.

Correct answer: B

Explanation

To meet high availability (HA) and disaster recovery (DR) requirements for AWS RDS, the database must be deployed using a DB subnet group that spans at least two Availability Zones (AZs) in a VPC. Placing the RDS instances in private subnets ensures security, while the web servers in the public subnet can communicate with them securely. Other configurations either lack the multi-AZ requirement for HA (Option A), are technically invalid in AWS networking (Option C), or add unnecessary architectural complexity (Option D).