SAP-C02 Exam Dumps - AWS Certified Solutions Architect - Professional

B: Archiving inactive user uploads toGlacier Deep Archiveoffers the lowest storage cost.

E: Since the users are in Europe only, usingPrice Class 200reduces CloudFront delivery cost without affecting performance.

A (expiration) deletes data — not suitable.

C is invalid (App Runner does not support Spot).

D might save little unless read traffic is high.

The correct answer is A.

A. This solution meets the requirements because it allows the company to create different usage plans for each customer, with different request quotas and time periods. The usage plans can be associated with API keys, which can be distributed to the users of each customer. The API Gateway REST API can invoke the Lambda function using a proxy integration, which passes the request data to the function as input and returns the function output as the response.This solution is scalable, secure, and cost-effective12

B. This solution is incorrect because API Gateway HTTP APIs do not support usage plans or API keys.These features are only available for REST APIs3

C. This solution is incorrect because it does not provide a way to enforce request quotas for each customer. Lambda function aliases can be used to create different versions of the function, but they do not have any quota mechanism.Moreover, this solution exposes the Lambda function URLs directly to the customers, which is not secure or recommended4

D. This solution is incorrect because it does not provide a way to differentiate between customers or users. AWS WAF rate-based rules can be used to limit requests based on IP addresses, but they do not support any other criteria such as user agents or headers.Moreover, this solution adds unnecessary complexity and cost by using an ALB and a VPC56

Comprehensive and Detailed Explanation:

Option C is the most comprehensive and aligns with AWS best practices for cost optimization without compromising availability or performance:

AWS Compute Optimizer provides recommendations to rightsize EC2 instances, EBS volumes, and Lambda functions based on utilization metrics. By opting in, the company can receive tailored suggestions for optimizing resource configurations.

AWS Trusted Advisor offers cost optimization checks, including identifying idle or underutilized resources, which can be rightsized or terminated to reduce costs.

Implementing recommendations from Compute Optimizer and Trusted Advisor ensures that resources are appropriately sized, leading to cost savings without affecting performance.

Auto Scaling groups help maintain application availability and allow automatic scaling of EC2 instances based on demand, ensuring that compute capacity aligns with workload requirements.

Compute Savings Plans provide flexible pricing for EC2, AWS Lambda, and AWS Fargate usage, offering significant savings over On-Demand pricing in exchange for a commitment to a consistent amount of usage.

This approach ensures cost optimization while maintaining the necessary compute capacity and availability for production workloads.

This solution will meet the requirement with the least operational overhead because it directly denies the creation of the security group inbound rule with 0.0.0.0/0 as the source, which is the exact requirement. Additionally, it does not require any additional steps or resources such as invoking a Lambda function or adding a Config rule.

An SCP (Service Control Policy) is a policy that you can use to set fine-grained permissions for your AWS accounts within your organization. You can use SCPs to set permissions for the root user of an account and to delegate permissions to IAM users and roles in the accounts. You can use SCPs to set permissions that allow or deny access to specific services, actions, and resources.

To implement this solution, you would need to create an SCP that denies the ec2:AuthorizeSecurityGroupIngress action when the value of the aws:SourceIp condition key is 0.0.0.0/0. This SCP would then be applied to the NonProd OU. This would ensure that any security group inbound rule that includes 0.0.0.0/0 as the source will be denied, thus meeting the requirement.

https://aws.amazon.com/storagegateway/file/

https://docs.aws.amazon.com/fsx/latest/WindowsGuide/migrate-files-to-fsx-datasync.html

https://docs.aws.amazon.com/systems-manager/latest/userguide/prereqs-operating-systems.html#prereqs-os-windows-server

To attribute AWS costs to specific applications or teams and enable detailed cost analysis and forecasting, the solution architect should recommend the following actions: A. Activating user-defined cost allocation tags for resources associated with each application and team allows for detailed tracking of costs by these identifiers. C. Creating a cost category for each application within AWS Billing and Cost Management enables the organization to group costs according to application, facilitating detailed reporting and analysis. F. Enabling Cost Explorer is essential for analyzing and visualizing AWS spending over time. It provides the capability to view historical costs and forecast future expenses, supporting the company's requirement for cost comparison and forecasting.

AWS Billing and Cost Management Documentation: Covers the activation of cost allocation tags, creation of cost categories, and the use of Cost Explorer for cost management.

AWS Tagging Strategies: Provides best practices for implementing tagging strategies that support cost allocation and reporting.

AWS Cost Explorer Documentation: Details how to use Cost Explorer to analyze and forecast AWS costs.

https://aws.amazon.com/kinesis/data-firehose/faqs/