Answer-first summary for fast verification
Answer: By creating the Lambda function with VPC1 access and using a single security group SG1 for both the Lambda function and the database, allowing TCP traffic on Port 3306.
The correct answer is A. To securely access the Aurora database from the Lambda function, both need to be in the same VPC with appropriate security group configurations. Attaching the same security group SG1 to both the Lambda function and the database and configuring the security group for inbound and outbound TCP traffic on Port 3306 ensures secure communication between the two services. Option B is incorrect as creating a new VPC and peering it with VPC1 is unnecessary and overly complex. Option C is incorrect because the inbound rule should be on the database security group, not on SG1. Option D is not suitable since it involves an unnecessary data transfer to S3 and does not use a relational database directly.
Author: LeetQuiz Editorial Team
Ultimate access to all questions.
No comments yet.
How can a development team deploy an AWS Lambda function to securely access a relational Amazon Aurora database within a private subnet of VPC1?
A
By creating the Lambda function with VPC1 access and using a single security group SG1 for both the Lambda function and the database, allowing TCP traffic on Port 3306.
B
By launching the Lambda function in a new VPC2 with a public subnet and establishing a peering connection to VPC1.
C
By configuring the Lambda function in VPC1 with security group SG1 and assigning a different security group SG2 to the database, setting an inbound rule in SG1 for Port 3306.
D
By exporting Aurora database data to Amazon S3 and creating a Lambda function in VPC1 to query the data from S3.