Learn why NAT Gateway placement in public subnets across all AZs is the AWS-recommended pattern for private subnet internet access, and understand the hidden cost implications of high availability decisions.
A photo processing startup faces duplicate email notifications due to SQS standard queue behavior triggering Lambda multiple times. This drill explores visibility timeout tuning, queue type selection, and deletion timing strategies to achieve exactly-once processing with minimal operational overhead.
When migrating a transactional database with sensitive data, the best exam decision is a managed database that reduces ops while meeting baseline security via encryption at rest.
When traffic spikes on unpredictable days, dynamic scaling is the cost-effective choice because it reacts to real demand instead of guessing schedules or requiring manual ops.
Enable bucket default encryption for future writes, then use S3 Inventory + S3 Batch Operations to re-encrypt millions of existing objects in-place with minimal effort.
When workload grows on RDS for PostgreSQL but you can’t add new infrastructure, the most cost-effective path is typically vertical scaling plus committing with Reserved Instances.
Migrate a legacy SFTP workflow to AWS with Amazon S3 storage while keeping on-prem Microsoft AD authentication. The lowest-ops path is AWS Transfer Family using Directory Service AD Connector for identity federation.
A rewritten SAA-C03 scenario exploring how IAM conditional policies enforce geographic and network-based access control for EC2 instance termination using aws:SourceIp condition keys.