AWS Certified Solutions Architect - Associate
Get started today
Ultimate access to all questions.
Deep dive into the quiz with AI chat providers.
We prepare a focused prompt with your quiz and certificate details so each AI can offer a more tailored, in-depth explanation.
A company's facility has badge readers at every entrance throughout the building. When badges are scanned, the readers send a message over HTTPS to indicate who attempted to access that particular entrance.
A solutions architect must design a system to process these messages from the sensors. The solution must be highly available, and the results must be made available for the company's security team to analyze.
Which system architecture should the solutions architect recommend?
Other
Community
UAnonymous
A
Launch an Amazon EC2 instance to serve as the HTTPS endpoint and to process the messages. Configure the EC2 instance to save the results to an Amazon S3 bucket.
B
Create an HTTPS endpoint in Amazon API Gateway. Configure the API Gateway endpoint to invoke an AWS Lambda function to process the messages and save the results to an Amazon DynamoDB table.
C
Use Amazon Route 53 to direct incoming sensor messages to an AWS Lambda function. Configure the Lambda function to process the messages and save the results to an Amazon DynamoDB table.
D
Create a gateway VPC endpoint for Amazon S3. Configure a Site-to-Site VPN connection from the facility network to the VPC so that sensor data can be written directly to an S3 bucket by way of the VPC endpoint.
Explanation:
Explanation
Option B is the correct answer because it provides a highly available, serverless architecture that meets all requirements:
Why Option B is correct:
- High Availability: API Gateway and Lambda are fully managed AWS services with built-in high availability and automatic scaling.
- HTTPS Endpoint: API Gateway provides a secure HTTPS endpoint that can handle incoming messages from badge readers.
- Serverless Processing: Lambda functions automatically scale to handle varying loads without manual intervention.
- Data Storage: DynamoDB provides a highly available, scalable NoSQL database for storing access attempt data.
- Security: API Gateway provides authentication, authorization, and DDoS protection.
- Cost Optimization: Pay-per-use model with no idle capacity costs.
Why other options are incorrect:
Option A (EC2 instance):
- Single EC2 instance creates a single point of failure
- Requires manual scaling and management
- Not highly available by default
- More operational overhead
Option C (Route 53 to Lambda):
- Route 53 is a DNS service, not an HTTPS endpoint
- Cannot directly invoke Lambda functions from Route 53
- Missing the API Gateway layer for proper HTTPS handling
Option D (VPC endpoint + VPN):
- Complex networking setup
- Requires VPN connection management
- Badge readers would need to write directly to S3, which may not support HTTPS messaging
- No message processing logic before storage
- S3 is not ideal for real-time querying of access data
Key Architecture Benefits:
- API Gateway: Provides secure, scalable HTTPS endpoint with built-in security features
- Lambda: Serverless compute that automatically scales with demand
- DynamoDB: Highly available database suitable for time-series access data
- Event-driven: Real-time processing of badge access attempts
- Analytics Ready: Data in DynamoDB can be easily queried by security team
This serverless architecture ensures high availability, automatic scaling, and minimal operational overhead while meeting all security and processing requirements.
Comments
Loading comments...