AWS Solutions Architect Associate > Migration & Transfer > Flashcards

Migration & Transfer Flashcards

Plan and execute migration strategies that minimize downtime and optimize resource transfer across AWS. (12 cards)

Study These Flashcards
10
Q

A company runs an application in an on-premises data center that collects environmental data from production machinery. The data consists of JSON files stored on network attached storage (NAS) and around 5 TB of data is collected each day. The company must upload this data to Amazon S3 where it can be processed by an analytics application. The data must be transferred securely.

Which solution offers the MOST reliable and time-efficient data transfer?

  1. AWS Database Migration Service over the Internet.
  2. Amazon S3 Transfer Acceleration over the Internet.
  3. AWS DataSync over AWS Direct Connect.
  4. Multiple AWS Snowcone devices.
A

3. AWS DataSync over AWS Direct Connect.

The most reliable and time-efficient solution that keeps the data secure is to use AWS DataSync and synchronize the data from the NAS device directly to Amazon S3. This should take place over an AWS Direct Connect connection to ensure reliability, speed, and security.

AWS DataSync can copy data between Network File System (NFS) shares, Server Message Block (SMB) shares, self-managed object storage, AWS Snowcone, Amazon Simple Storage Service (Amazon S3) buckets, Amazon Elastic File System (Amazon EFS) file systems, and Amazon FSx for Windows File Server file systems.

  • DMS is for migrating databases, not files.
  • The Internet does not offer the reliability, speed or performance that this company requires.
  • This is not a time-efficient approach as it can take time to ship these devices in both directions.

Reference:
AWS DataSync

Save time with our AWS cheat sheets.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

A surveying team is using a fleet of drones to collect images of construction sites. The surveying team’s laptops lack the inbuilt storage and compute capacity to transfer the images and process the data. While the team has Amazon EC2 instances for processing and Amazon S3 buckets for storage, network connectivity is intermittent and unreliable. The images need to be processed to evaluate the progress of each construction site.

What should a solutions architect recommend?

  1. Process and store the images using AWS Snowball Edge devices.
  2. During intermittent connectivity to EC2 instances, upload images to Amazon SQS.
  3. Configure Amazon Kinesis Data Firehose to create multiple delivery streams aimed separately at the S3 buckets for storage and the EC2 instances for processing the images.
  4. Cache the images locally on a hardware appliance pre-installed with AWS Storage Gateway to process the images when connectivity is restored.
A

1. Process and store the images using AWS Snowball Edge devices.

AWS physical Snowball Edge device will provide much more inbuilt compute and storage compared to the current team’s laptops. This negates the need to rely on a stable connection to process any images and solves the team’s problems easily and efficiently.

  • You would still need a reliable internet connection to upload any images to Amazon SQS.
  • You would still need a reliable internet connection to upload any images to the Amazon Kinesis Service.
  • You would still need reliable internet connection to upload any images to the Amazon Storage Gateway service.

Reference:
What is Snowball Edge?

Save time with our AWS cheat sheets.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

A healthcare organization operates multiple applications on virtual machines (VMs) in its on-premises data center. Due to increasing demand for its services, the data center can no longer scale quickly enough to meet business needs. The organization has decided to migrate its non-critical workloads to AWS using a lift-and-shift strategy to expedite the process.

Which combination of steps will meet these requirements?

(Select THREE.)

  1. Use AWS Application Migration Service to replicate the VMs to AWS. Install the AWS Replication Agent on each VM.
  2. Use AWS Server Migration Service (AWS SMS) to automate the migration of VMs to Amazon EC2 instances.
  3. Complete the initial data replication from the VMs to AWS. Launch test instances to perform acceptance tests for the workloads.
  4. Install the AWS Systems Manager Agent on the VMs to streamline operational management during migration.
  5. Stop all operations on the VMs. Perform a cutover by launching the migrated instances in AWS.
  6. Use AWS App Runner to containerize the workloads before migrating them to AWS.
A

1. Use AWS Application Migration Service to replicate the VMs to AWS. Install the AWS Replication Agent on each VM.
3. Complete the initial data replication from the VMs to AWS. Launch test instances to perform acceptance tests for the workloads.
5. Stop all operations on the VMs. Perform a cutover by launching the migrated instances in AWS.

AWS Application Migration Service enables lift-and-shift migrations by replicating VMs from the on-premises data center to AWS. Installing the Replication Agent is the first step to initiate data replication.

Testing the replicated workloads ensures the migrated VMs function as expected on AWS before the final cutover.

Stopping operations ensures a clean cutover process, allowing the organization to launch the migrated instances in AWS with minimal disruption to business operations.

  • AWS SMS has been deprecated in favor of AWS Application Migration Service, which provides a more streamlined and modern approach to lift-and-shift migrations.
  • While the Systems Manager Agent is useful for post-migration operations and management, it is not directly involved in the lift-and-shift migration process.
  • Containerizing workloads introduces additional complexity and does not align with the lift-and-shift strategy described in the scenario.

References:

Save time with our AWS cheat sheets.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

A logistics company needs to replicate ongoing data changes from an on-premises Microsoft SQL Server database to Amazon RDS for SQL Server. The volume of data to replicate varies throughout the day due to periodic spikes in activity. The company plans to use AWS Database Migration Service (AWS DMS) for this task. The solution must dynamically allocate capacity based on workload demand while keeping operational overhead low.

Which solution will meet these requirements?

  1. Configure AWS DMS Serverless to create a replication task that scales its capacity automatically based on workload demand.
  2. Deploy AWS DMS in an Amazon Elastic Kubernetes Service (Amazon EKS) cluster and use an autoscaler to adjust compute capacity during data spikes.
  3. Use Amazon EC2 Spot Instances to host the AWS DMS replication instance and manually scale up or down based on replication needs.
  4. Create an AWS DMS replication instance with provisioned capacity in a Multi-AZ deployment to improve availability and fault tolerance.
A

1. Configure AWS DMS Serverless to create a replication task that scales its capacity automatically based on workload demand.

AWS DMS Serverless dynamically adjusts replication capacity in response to data volume changes, providing cost efficiency and reducing manual management.

  • AWS DMS does not support deployment on Amazon EKS. Additionally, this solution introduces unnecessary complexity.
  • Manually scaling replication tasks increases operational overhead and Spot Instances could be interrupted, affecting replication stability.
  • While Multi-AZ deployment enhances availability, it does not dynamically adjust capacity to match workload demand.

Reference:
What is AWS Database Migration Service?

Save time with our AWS cheat sheets.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

A company manages several applications that run in different AWS accounts within an AWS Organizations setup. The company has outsourced the management of certain applications to external contractors. The contractors require secure access to the AWS Management Console and operating system access to Amazon Linux-based Amazon EC2 instances in private subnets for troubleshooting. The company must ensure all activities are logged and minimize the risk of unauthorized access.

Which solution will meet these requirements MOST securely?

  1. Deploy AWS Systems Manager Agent (SSM Agent) to all instances. Assign an instance profile to the instances with the required Systems Manager policies. Grant contractors access to the AWS Management Console by configuring permission sets in AWS IAM Identity Center. Use Systems Manager Session Manager for secure instance access without requiring open network ports.
  2. Configure a bastion host in a public subnet. Restrict SSH access to the bastion host by using security groups to allow connections only from the contractors’ IP address ranges. Provide contractors with IAM user credentials for Management Console access and SSH key pairs for accessing private instances via the bastion host.
  3. Use AWS Systems Manager Agent (SSM Agent) with an attached instance profile to manage EC2 access. Provide contractors with temporary local IAM user credentials in each AWS account for console access. Require contractors to use Systems Manager Session Manager for instance access.
  4. Set up AWS VPN or Direct Connect to create a private network connection to the contractors’ office. Allow access to the AWS Management Console by creating IAM user credentials in each AWS account. Use security groups to allow SSH access from the contractors’ office to the private EC2 instances.
A

1. Deploy AWS Systems Manager Agent (SSM Agent) to all instances. Assign an instance profile to the instances with the required Systems Manager policies. Grant contractors access to the AWS Management Console by configuring permission sets in AWS IAM Identity Center. Use Systems Manager Session Manager for secure instance access without requiring open network ports.

Systems Manager Session Manager provides secure, auditable access to instances without requiring SSH keys or open ports. IAM Identity Center enables centralized management of console access for contractors.

  • It increases operational overhead and requires managing SSH key pairs while leaving an exposed attack surface with the bastion host.
  • Creating local IAM users for console access increases the risk of credential management issues and does not align with centralized access management best practices.
  • Using VPN or Direct Connect introduces unnecessary complexity and cost. SSH access also increases the risk of mismanagement and security vulnerabilities.

References:

Save time with our AWS cheat sheets.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

A large MongoDB database running on-premises must be migrated to Amazon DynamoDB within the next few weeks. The database is too large to migrate over the company’s limited internet bandwidth so an alternative solution must be used.

What should a Solutions Architect recommend?

  1. Setup an AWS Direct Connect and migrate the database to Amazon DynamoDB using the AWS Database Migration Service (DMS)
  2. Use the Schema Conversion Tool (SCT) to extract and load the data to an AWS Snowball Edge device. Use the AWS Database Migration Service (DMS) to migrate the data to Amazon DynamoDB
  3. Enable compression on the MongoDB database and use the AWS Database Migration Service (DMS) to directly migrate the database to Amazon DynamoDB
  4. Use the AWS Database Migration Service (DMS) to extract and load the data to an AWS Snowball Edge device. Complete the migration to Amazon DynamoDB using AWS DMS in the AWS Cloud
A

2. Use the Schema Conversion Tool (SCT) to extract and load the data to an AWS Snowball Edge device. Use the AWS Database Migration Service (DMS) to migrate the data to Amazon DynamoDB

Larger data migrations with AWS DMS can include many terabytes of information. This process can be cumbersome due to network bandwidth limits or just the sheer amount of data. AWS DMS can use Snowball Edge and Amazon S3 to migrate large databases more quickly than by other methods.

  • When you’re using an Edge device, the data migration process has the following stages:
    1. You use the AWS Schema Conversion Tool (AWS SCT) to extract the data locally and move it to an Edge device.
    2. You ship the Edge device or devices back to AWS.
    3. After AWS receives your shipment, the Edge device automatically loads its data into an Amazon S3 bucket.
    4. AWS DMS takes the files and migrates the data to the target data store. If you are using change data capture (CDC), those updates are written to the Amazon S3 bucket and then applied to the target data store.
  • Direct Connect connections can take several weeks to implement.
  • It’s unlikely that compression is going to make the difference and the company want to avoid the internet link as stated in the scenario.
  • This is the wrong method, the Solutions Architect should use the SCT to extract and load to Snowball Edge and then AWS DMS in the AWS Cloud.

References:

Save time with our AWS cheat sheets.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

An organization has a large amount of data on Windows (SMB) file shares in their on-premises data center. The organization would like to move data into Amazon S3. They would like to automate the migration of data over their AWS Direct Connect link.

Which AWS service can assist them?

  1. AWS Database Migration Service (DMS)
  2. AWS CloudFormation
  3. AWS Snowball
  4. AWS DataSync
A

4. AWS DataSync

AWS DataSync can be used to move large amounts of data online between on-premises storage and Amazon S3 or Amazon Elastic File System (Amazon EFS). DataSync eliminates or automatically handles many of these tasks, including scripting copy jobs, scheduling and monitoring transfers, validating data, and optimizing network utilization. The source datastore can be Server Message Block (SMB) file servers.

  • AWS Database Migration Service (DMS) is used for migrating databases, not data on file shares.
  • AWS CloudFormation can be used for automating infrastructure provisioning. This is not the best use case for CloudFormation as DataSync is designed specifically for this scenario.
  • AWS Snowball is a hardware device that is used for migrating data into AWS. The organization plan to use their Direct Connect link for migrating data rather than sending it in via a physical device. Also, Snowball will not automate the migration.

Reference:
AWS DataSync FAQs

Save time with our AWS cheat sheets.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

A company has acquired another business and needs to migrate their 50TB of data into AWS within 1 month. They also require a secure, reliable and private connection to the AWS cloud.

How are these requirements best accomplished?

  1. Provision an AWS Direct Connect connection and migrate the data over the link
  2. Migrate data using AWS Snowball. Provision an AWS VPN initially and order a Direct Connect link
  3. Launch a Virtual Private Gateway (VPG) and migrate the data over the AWS VPN
  4. Provision an AWS VPN CloudHub connection and migrate the data over redundant links
A

2. Migrate data using AWS Snowball. Provision an AWS VPN initially and order a Direct Connect link

AWS Direct Connect provides a secure, reliable and private connection. However, lead times are often longer than 1 month so it cannot be used to migrate data within the timeframes. Therefore, it is better to use AWS Snowball to move the data and order a Direct Connect connection to satisfy the other requirement later on. In the meantime the organization can use an AWS VPN for secure, private access to their VPC.

  • “Provision an AWS Direct Connect connection and migrate the data over the link” is incorrect due to the lead time for installation.
  • A VPG is the AWS-side of an AWS VPN. A VPN does not provide a private connection and is not reliable as you can never guarantee the latency over the Internet
  • AWS VPN CloudHub is a service for connecting multiple sites into your VPC over VPN connections. It is not used for aggregating links and the limitations of Internet bandwidth from the company where the data is stored will still be an issue. It also uses the public Internet so is not a private or reliable connection.

References:

Save time with our AWS cheat sheets:

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

A Solutions Architect is designing a migration strategy for a company moving to the AWS Cloud. The company use a shared Microsoft filesystem that uses Distributed File System Namespaces (DFSN).

What will be the MOST suitable migration strategy for the filesystem?

  1. Use the AWS Server Migration Service to migrate to an Amazon S3 bucket
  2. Use the AWS Server Migration Service to migrate to Amazon FSx for Lustre
  3. Use AWS DataSync to migrate to an Amazon EFS filesystem
  4. Use AWS DataSync to migrate to Amazon FSx for Windows File Server
A

4. Use AWS DataSync to migrate to Amazon FSx for Windows File Server

The destination filesystem should be Amazon FSx for Windows File Server. This supports DFSN and is the most suitable storage solution for Microsoft filesystems. AWS DataSync supports migrating to the Amazon FSx and automates the process.

  • The server migration service is used to migrate virtual machines and FSx for Lustre does not support Windows filesystems.
  • You can migrate data to EFS using DataSync but it is the wrong destination for a Microsoft filesystem (Linux only).
  • The server migration service is used to migrate virtual machines and Amazon S3 is an object-based storage system and unsuitable for hosting a Microsoft filesystem.

References:

Save time with our AWS cheat sheets.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

Data from 45 TB of data is used for reporting by a company. The company wants to move this data from on premises into the AWS cloud. A custom application in the company’s data center runs a weekly data transformation job and the company plans to pause the application until the data transfer is complete and needs to begin the transfer process as soon as possible.
The data center bandwidth is saturated, and a solutions architect has been tasked to transfer the data and must configure the transformation job to continue to run in the AWS Cloud.

Which solution will meet these requirements with the LEAST operational overhead?

  1. The data can be moved using AWS DataSync. Using AWS Glue, create a custom transformation job.
  2. The data will be moved using an AWS Snowcone device. The transformation application should be deployed to the device.
  3. Order an AWS Snowball Edge Storage Optimized device. Copy the data to the device. and create a custom transformation job by using AWS Glue.
  4. Order an AWS Snowball Edge Storage Optimized device that includes Amazon EC2 compute. Transfer the data to the device. Launch a new EC2 instance to run the transformation application.
A

3. Order an AWS Snowball Edge Storage Optimized device. Copy the data to the device. and create a custom transformation job by using AWS Glue.

As the network is saturated, the solutions architect will have to use a physical solution, i.e. a member of the snow family to achieve this requirement quickly. As the data transformation job needs to be completed in the cloud, using AWS Glue will suit this requirement also. AWS Glue is a managed data transformation service.

  • As the network is saturated, AWS DataSync will not work as it is primarily an online data transfer service to transfer data between a data center and AWS.
  • You would not be able to deploy a transformation service locally to the Snowcone device as it is not optimized for compute operations.
  • Using an EC2 instance instead of a managed service like AWS Glue will include more operational overhead for the organization.

Reference:
AWS Glue

Save time with our AWS cheat sheets.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

A company have 500 TB of data in an on-premises file share that needs to be moved to Amazon S3 Glacier. The migration must not saturate the company’s low-bandwidth internet connection and the migration must be completed within a few weeks.

What is the MOST cost-effective solution?

  1. Create an AWS Direct Connect connection and migrate the data straight into Amazon Glacier
  2. Order 7 AWS Snowball appliances and select an S3 Glacier vault as the destination. Create a bucket policy to enforce a VPC endpoint
  3. Use AWS Global Accelerator to accelerate upload and optimize usage of the available bandwidth
  4. Order 7 AWS Snowball appliances and select an Amazon S3 bucket as the destination. Create a lifecycle policy to transition the S3 objects to Amazon S3 Glacier
A

4. Order 7 AWS Snowball appliances and select an Amazon S3 bucket as the destination. Create a lifecycle policy to transition the S3 objects to Amazon S3 Glacier

As the company’s internet link is low-bandwidth uploading directly to Amazon S3 (ready for transition to Glacier) would saturate the link. The best alternative is to use AWS Snowball appliances. The Snowball edge appliance can hold up to 80 TB of data so 7 devices would be required to migrate 500 TB of data.

Snowball moves data into AWS using a hardware device and the data is then copied into an Amazon S3 bucket of your choice. From there, lifecycle policies can transition the S3 objects to Amazon S3 Glacier.

  • You cannot set a Glacier vault as the destination, it must be an S3 bucket. You also can’t enforce a VPC endpoint using a bucket policy.
  • This is not the most cost-effective option and takes time to setup.
  • This service is not used for accelerating or optimizing the upload of data from on-premises networks.

Reference:
What is Snowball Edge?

Save time with our AWS cheat sheets.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

A healthcare company is migrating its patient record system to AWS. The company receives thousands of encrypted patient data files every day through FTP. An on-premises server processes the data files twice a day. However, the processing job takes hours to finish.

The company wants the AWS solution to process incoming data files as soon as they arrive with minimal changes to the FTP clients that send the files. The solution must delete the incoming data files after the files have been processed successfully. Processing for each file needs to take around 10 minutes.

Which solution will meet these requirements in the MOST operationally efficient way?

  1. Use AWS Transfer Family to create an SFTP server to store incoming files in Amazon S3 Glacier. Configure an Amazon EC2 instance to process the files. Use Amazon EventBridge rules to invoke the EC2 instance to process the files twice a day from S3 Glacier. Delete the objects after the job has processed the objects.
  2. Use AWS Transfer Family to create an SFTP server to store incoming files in Amazon S3 Standard. Use Amazon EC2 instances managed by an Auto Scaling group to process the files. Set an S3 event notification to trigger an AWS Lambda function that launches the EC2 instances when the files arrive. Delete the files after they are processed.
  3. Use an Amazon EC2 instance that runs an SFTP server to store incoming files in Amazon S3 Standard. Configure a job queue in AWS Batch. Use Amazon EventBridge rules to invoke the job to process the files twice a day. Delete the files after the job has processed the files.
  4. Use AWS Transfer Family to create an SFTP server to store incoming files in Amazon S3 Standard. Create an AWS Lambda function to process the files and to delete the files after they are processed. Use an S3 event notification to invoke the Lambda function when the files arrive.
A

4. Use AWS Transfer Family to create an SFTP server to store incoming files in Amazon S3 Standard. Create an AWS Lambda function to process the files and to delete the files after they are processed. Use an S3 event notification to invoke the Lambda function when the files arrive.

AWS Transfer Family provides fully managed support for file transfers directly into and out of Amazon S3 using SFTP. Storing incoming files in S3 Standard offers high durability, availability, and performance object storage for frequently accessed data.

AWS Lambda can respond immediately to S3 events, which allows processing of files as soon as they arrive. Lambda can also delete the files after processing. This meets all requirements and is operationally efficient, as it requires minimal management and has low costs.

  • This option involves using Amazon S3 Glacier, which is primarily used for long-term archival storage. Accessing data for processing could take longer and be more expensive than using S3 Standard. In addition, EC2 instances need to be managed and are less efficient for this scenario compared to AWS Lambda.
  • While this solution will work, it is less efficient operationally because managing EC2 instances and an Auto Scaling group is more complex and likely more expensive than simply using AWS Lambda for processing.
  • This option does not meet the requirement of processing incoming data files as soon as they arrive, as EventBridge rules would invoke the job only twice a day. It also involves managing an EC2 instance, which is less operationally efficient than the AWS Transfer Family and AWS Lambda option.

Reference:
AWS Transfer Family

Save time with our AWS cheat sheets.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
AWS Solutions Architect Associate
flashcards
Decks in class (11)
# Cards
Brainscape helps you reach your goals faster, through stronger study habits.
© 2026 Bold Learning Solutions. Terms and Conditions