AWS - Architecture Best Practices
In a multi-tier AWS architecture, which subnet configuration is most appropriate for the data storage layer to ensure security and isolation?
In a multi-tier AWS architecture, which subnet configuration is most appropriate for the data storage layer to ensure security and isolation?
easy📝 Conceptual Q3 of 15
Step-by-Step Solution
Solution:
Step 1: Identify the role of the data storage layer
The database tier stores sensitive data and requires protection from direct internet exposure.Step 2: Choose subnet type for security
Private subnets do not have direct internet access, reducing attack surface.Step 3: Evaluate other options
Public subnets expose resources to the internet, which is not secure for databases.Final Answer:
Private subnet with no direct internet access -> Option BQuick Check:
Database tier should be isolated in private subnet [OK]
Quick Trick: Database tier goes in private subnet without internet access [OK]
Common Mistakes:
- Placing database in public subnet
- Using NAT gateway for database subnet
- Assuming public subnet is secure for databases
Master "Architecture Best Practices" in AWS
Want More Practice?
15+ quiz questions · All difficulty levels · Free
Free Signup - Practice All QuestionsMore AWS Quizzes