Challenge - 5 Problems
RDS Mastery Badge
Get all challenges correct to earn this badge!
Test your skills under time pressure!
❓ Configuration
intermediate2:00remaining
Identify the correct AWS CLI command to launch a MySQL RDS instance
Which AWS CLI command will successfully launch a MySQL RDS instance named mydbinstance with 20GB storage in the us-east-1 region?
Attempts:
2 left
💡 Hint
Check the AWS CLI command syntax for creating an RDS instance and verify the engine and storage size.
✗ Incorrect
Option A uses the correct AWS CLI command 'create-db-instance' with the MySQL engine and 20GB storage. Option A uses a non-existent command 'launch-db-instance'. Option A uses the wrong engine 'postgres'. Option A uses insufficient storage (5GB) which is below the minimum for MySQL RDS.
❓ Architecture
intermediate2:00remaining
Choosing the best subnet configuration for a highly available RDS instance
You want to launch an RDS instance that remains available even if one Availability Zone fails. Which subnet configuration should you choose?
Attempts:
2 left
💡 Hint
Think about how AWS achieves high availability for RDS instances.
✗ Incorrect
Option C is correct because RDS uses a DB subnet group with subnets in multiple Availability Zones to enable Multi-AZ deployments for high availability. Options B and C use a single subnet or AZ, which is not highly available. Option C uses multiple subnets but in the same AZ, so it does not protect against AZ failure.
❓ security
advanced2:00remaining
Securing RDS instance access with least privilege
You want to restrict access to your RDS instance so only your application servers in a specific security group can connect. Which configuration achieves this?
Attempts:
2 left
💡 Hint
Consider the principle of least privilege and how security groups reference each other.
✗ Incorrect
Option A restricts access to only the application servers by referencing their security group, following least privilege. Option A allows access from anywhere, which is insecure. Option A incorrectly references the internet gateway, which is not a source IP. Option A allows access from the entire VPC, which is broader than needed.
❓ service_behavior
advanced2:00remaining
Understanding RDS Multi-AZ failover behavior
What happens to your RDS instance endpoint during a Multi-AZ failover event?
Attempts:
2 left
💡 Hint
Think about how AWS manages failover to minimize impact on applications.
✗ Incorrect
Option B is correct because AWS RDS automatically updates the DNS endpoint to point to the new primary instance during failover, minimizing downtime. Option B is incorrect because manual intervention is not required. Option B is wrong as the endpoint remains available after failover. Option B is incorrect because the DNS name remains the same and AWS manages IP changes transparently.
✅ Best Practice
expert2:00remaining
Optimizing cost and performance for a production RDS instance
You have a production RDS instance with steady traffic. You want to optimize for cost without sacrificing availability or performance. Which combination of configurations is best?
Attempts:
2 left
💡 Hint
Balance availability, instance type, and storage type for cost and performance.
✗ Incorrect
Option D balances cost and performance by using a cost-efficient ARM-based instance (m6g), Multi-AZ for availability, and gp3 storage with autoscaling for performance and cost control. Option D sacrifices availability and performance. Option D uses an expensive instance and storage without autoscaling, increasing cost. Option D sacrifices availability by using Single-AZ.