DBS-C01 Deployment and Migration • Complete Question Bank
Complete DBS-C01 Deployment and Migration question bank — all 0 questions with answers and detailed explanations.
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"dms:CreateEndpoint",
"dms:ModifyEndpoint",
"dms:DescribeEndpoints"
],
"Resource": "*"
},
{
"Effect": "Allow",
"Action": [
"rds:DescribeDBInstances",
"rds:ModifyDBInstance"
],
"Resource": "arn:aws:rds:us-east-1:123456789012:db:target-db"
}
]
}Refer to the exhibit.
-- AWS DMS Migration Task JSON excerpt:
{
"MigrationType": "full-load",
"TableMappings": {
"rules": [
{
"rule-type": "selection",
"rule-id": "1",
"rule-name": "1",
"object-locator": {
"schema-name": "%",
"table-name": "%"
},
"rule-action": "include"
}
]
},
"TargetTablePrepMode": "DROP_AND_CREATE"
}Drag steps to the numbered slots on the right, or tap a step then tap a slot.
Drag steps to the numbered slots on the right, or tap a step then tap a slot.
Drag a concept onto its matching description — or click a concept then click the description.
3306
5432
1521
1433
3306
Drag a concept onto its matching description — or click a concept then click the description.
Virtual firewall controlling inbound/outbound traffic at instance level
Use IAM users/roles to authenticate to RDS/Aurora
Protects data stored on disk using KMS keys
Encrypts data in transit between client and database
Managed service to create and control encryption keys
Refer to the exhibit.
IAM Policy JSON:
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"rds:CreateDBInstance",
"rds:ModifyDBInstance",
"rds:DeleteDBInstance"
],
"Resource": "arn:aws:rds:us-east-1:123456789012:db:prod-*"
},
{
"Effect": "Deny",
"Action": "rds:DeleteDBInstance",
"Resource": "arn:aws:rds:us-east-1:123456789012:db:prod-critical"
}
]
}Refer to the exhibit.
CloudFormation snippet:
Resources:
MyRDSInstance:
Type: AWS::RDS::DBInstance
Properties:
DBInstanceClass: db.r5.large
Engine: mysql
MasterUsername: admin
MasterUserPassword: !Ref 'DBPassword'
DBSubnetGroupName: !Ref 'MyDBSubnetGroup'
VPCSecurityGroups:
- !Ref 'MySecurityGroup'
MultiAZ: true
StorageType: gp2
AllocatedStorage: 100
BackupRetentionPeriod: 30
DeletionProtection: trueRefer to the exhibit.
```json
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": "rds:CreateDBInstance",
"Resource": "arn:aws:rds:us-east-1:123456789012:db:new-*"
},
{
"Effect": "Deny",
"Action": "rds:CreateDBInstance",
"Resource": "*",
"Condition": {
"StringEquals": {
"rds:DatabaseEngine": "oracle-se2"
}
}
}
]
}
```Refer to the exhibit.
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"dms:CreateReplicationTask",
"dms:StartReplicationTask",
"dms:DescribeReplicationTasks"
],
"Resource": "*"
},
{
"Effect": "Allow",
"Action": [
"rds:DescribeDBInstances",
"rds:ModifyDBInstance"
],
"Resource": "*"
}
]
}Refer to the exhibit.
```
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"dms:CreateReplicationTask",
"dms:StartReplicationTask",
"dms:DescribeReplicationTasks"
],
"Resource": "*"
},
{
"Effect": "Allow",
"Action": [
"rds:DescribeDBInstances",
"rds:ModifyDBInstance"
],
"Resource": "arn:aws:rds:us-east-1:123456789012:db:targetdb"
}
]
}
```{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": "rds:CreateDBInstance",
"Resource": "*"
},
{
"Effect": "Allow",
"Action": "rds:DescribeDBInstances",
"Resource": "*"
}
]
}{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"dms:CreateReplicationTask",
"dms:StartReplicationTask"
],
"Resource": "arn:aws:dms:us-east-1:123456789012:replication-task:*"
},
{
"Effect": "Allow",
"Action": [
"rds:DescribeDBInstances"
],
"Resource": "*"
}
]
}Refer to the exhibit.
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"dms:CreateReplicationTask",
"dms:StartReplicationTask"
],
"Resource": "arn:aws:dms:us-east-1:123456789012:replication-task:*"
},
{
"Effect": "Allow",
"Action": [
"ec2:CreateNetworkInterface",
"ec2:DescribeVpcs",
"ec2:DescribeSubnets"
],
"Resource": "*"
}
]
}Refer to the exhibit.
```
aws rds create-db-instance-read-replica \
--db-instance-identifier my-read-replica \
--source-db-instance-identifier my-source-db \
--db-instance-class db.r5.large \
--region us-west-2
```
The source DB instance is in us-east-1. The command fails with an error.Refer to the exhibit.
```json
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"dms:CreateReplicationTask",
"dms:StartReplicationTask"
],
"Resource": "*"
},
{
"Effect": "Allow",
"Action": [
"rds:DescribeDBInstances"
],
"Resource": "*"
}
]
}
```
An IAM policy is attached to a user to allow migration tasks. When the user tries to create a DMS replication task, they get an authorization error.Refer to the exhibit.
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"rds:CreateDBInstance",
"rds:ModifyDBInstance",
"rds:DeleteDBInstance"
],
"Resource": "*"
},
{
"Effect": "Deny",
"Action": "rds:DeleteDBInstance",
"Resource": "arn:aws:rds:us-east-1:123456789012:db:prod-*"
}
]
}Refer to the exhibit.
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": "dms:CreateReplicationTask",
"Resource": "*",
"Condition": {
"StringEquals": {
"dms:DatabaseEngine": "oracle"
}
}
}
]
}Refer to the exhibit.
```
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"rds:CreateDBInstance",
"rds:DescribeDBInstances",
"rds:DeleteDBInstance"
],
"Resource": "*"
},
{
"Effect": "Deny",
"Action": "rds:ModifyDBInstance",
"Resource": "arn:aws:rds:us-east-1:123456789012:db:prod-*"
}
]
}
```Refer to the exhibit.
```
# CloudFormation snippet
Resources:
MyDBInstance:
Type: AWS::RDS::DBInstance
Properties:
Engine: MySQL
DBInstanceClass: db.t3.medium
AllocatedStorage: 100
MultiAZ: true
DBSubnetGroupName: !Ref MyDBSubnetGroup
VPCSecurityGroups:
- !Ref MySecurityGroup
StorageType: gp2
BackupRetentionPeriod: 7
PreferredBackupWindow: "02:00-03:00"
PreferredMaintenanceWindow: "Sun:05:00-Sun:06:00"
```Refer to the exhibit.
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"rds:CreateDBInstance",
"rds:CreateDBSnapshot",
"rds:RestoreDBInstanceFromDBSnapshot"
],
"Resource": "*"
},
{
"Effect": "Allow",
"Action": "dms:CreateReplicationTask",
"Resource": "*"
}
]
}Refer to the exhibit. 2023-09-15 14:32:10 UTC - ERROR: [DBInstanceIdentifier: my-db-instance] [ErrorCode: StorageFull] [Message: The storage for the DB instance has reached its maximum allocated size. To prevent downtime, increase the allocated storage or enable storage autoscaling.]
Refer to the exhibit.
CloudFormation template snippet:
Resources:
MyRDSInstance:
Type: AWS::RDS::DBInstance
Properties:
DBInstanceClass: db.t3.medium
Engine: MySQL
MultiAZ: true
DBSubnetGroupName: !Ref MyDBSubnetGroup
VPCSecurityGroups:
- !Ref MyDBSecurityGroup
StorageType: gp2
AllocatedStorage: 100
BackupRetentionPeriod: 7
DeletionProtection: true
MyDBSecurityGroup:
Type: AWS::EC2::SecurityGroup
Properties:
GroupDescription: Security group for RDS
VpcId: !Ref MyVPC
SecurityGroupIngress:
- IpProtocol: tcp
FromPort: 3306
ToPort: 3306
CidrIp: 10.0.0.0/16
MyDBSubnetGroup:
Type: AWS::RDS::DBSubnetGroup
Properties:
DBSubnetGroupDescription: Subnet group for RDS
SubnetIds:
- subnet-12345678
- subnet-87654321
MyEC2Instance:
Type: AWS::EC2::Instance
Properties:
InstanceType: t2.micro
ImageId: ami-0abcdef1234567890
SecurityGroupIds:
- !Ref MyEC2SecurityGroup
SubnetId: subnet-12345678
MyEC2SecurityGroup:
Type: AWS::EC2::SecurityGroup
Properties:
GroupDescription: Security group for EC2
VpcId: !Ref MyVPC
SecurityGroupIngress:
- IpProtocol: tcp
FromPort: 3306
ToPort: 3306
CidrIp: 0.0.0.0/0
- IpProtocol: tcp
FromPort: 22
ToPort: 22
CidrIp: 0.0.0.0/0Refer to the exhibit.
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": "rds:CreateDBInstance",
"Resource": "arn:aws:rds:us-east-1:123456789012:db:my-database"
},
{
"Effect": "Allow",
"Action": "rds:CreateDBSubnetGroup",
"Resource": "*"
},
{
"Effect": "Deny",
"Action": "rds:ModifyDBInstance",
"Resource": "*"
}
]
}Refer to the exhibit.
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Principal": {
"Service": "ec2.amazonaws.com"
},
"Action": "rds:CreateDBInstance",
"Resource": "*"
}
]
}Refer to the exhibit.
aws rds create-db-instance \
--db-instance-identifier mydb \
--db-instance-class db.t3.micro \
--engine mysql \
--master-username admin \
--master-user-password password123 \
--allocated-storage 20 \
--vpc-security-group-ids sg-12345678Refer to the exhibit.
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"rds:CreateDBInstance",
"rds:DeleteDBInstance",
"rds:ModifyDBInstance",
"rds:DescribeDBInstances"
],
"Resource": "*"
},
{
"Effect": "Deny",
"Action": "rds:DeleteDBInstance",
"Resource": "arn:aws:rds:us-east-1:123456789012:db:prod-*"
}
]
}Refer to the exhibit.
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": ["dms:CreateReplicationTask", "dms:StartReplicationTask"],
"Resource": "*",
"Condition": {
"StringEquals": {
"aws:RequestedRegion": "us-east-1"
}
}
}
]
}