Q23 — AWS DOP-C02 Ch.1
Question 23 of 100 | ← Chapter 1
A company runs a web application across multiple Availability Zones. It uses an Application Load Balancer (ALB) for routing, Amazon Aurora for application data, and stores container images in Amazon Elastic Container Registry (Amazon ECR) in the same AWS account and Region. A developer engineer needs to establish a disaster recovery (DR) environment in another Region. The solution must meet an RTO of 8 hours and an RPO of 2 hours. The company requires more than 2 hours to build container images from source in the Dockerfiles.
- A. Copy the CloudFormation template and Dockerfiles to an Amazon S3 bucket in the DR Region. Use AWS Backup to configure automated Aurora cross-Region hourly snapshots. If a disaster occurs, build the latest container image and upload it to the ECR repository in the DR Region. Launch a new CloudFormation stack using the latest Aurora snapshot and the ECR image, then update the application DNS record to point to the new ALB.
- B. Copy the CloudFormation template to an Amazon S3 bucket in the DR Region. Configure Aurora automated backups with cross-Region replication. Configure ECR cross-Region replication. If a disaster occurs, launch a new CloudFormation stack in the DR Region using the latest Aurora snapshot and the locally replicated ECR image, then update the application DNS record to point to the new ALB. ✓
- C. Copy the CloudFormation template to an Amazon S3 bucket in the DR Region. Use Amazon EventBridge Scheduler to invoke an AWS Lambda function hourly to take snapshots of the Aurora database and fetch the latest container image from the ECR repository. Copy the snapshots and image to the DR Region. If a disaster occurs, launch a new CloudFormation stack in the DR Region using the latest Aurora snapshot and the locally available ECR image.
- D. Copy the CloudFormation template to an Amazon S3 bucket in the DR Region. Deploy a second application CloudFormation stack in the DR Region. Reconfigure Aurora as a global database. When deploying new application versions, update both CloudFormation stacks. If a disaster occurs, update the application DNS record to point to the new ALB.
Correct Answer: B. Copy the CloudFormation template to an Amazon S3 bucket in the DR Region. Configure Aurora automated backups with cross-Region replication. Configure ECR cross-Region replication. If a disaster occurs, launch a new CloudFormation stack in the DR Region using the latest Aurora snapshot and the locally replicated ECR image, then update the application DNS record to point to the new ALB.
Explanation
To meet an RPO of 2 hours, data and artifacts must be continuously or frequently replicated to the DR Region *before* a disaster occurs — eliminating any post-failure build or copy delays. Option B satisfies this by enabling native, automated, cross-Region replication for both Aurora (backups) and ECR (images), ensuring the DR Region always has up-to-date, ready-to-use assets. Option A fails RPO because building images post-disaster exceeds 2 hours. Option C relies on Lambda and manual copying, introducing latency and failure points, and doesn’t guarantee image availability within RPO. Option D uses Aurora Global Database, which is designed for low-latency read replicas — not backup/recovery — and doesn’t address container image RPO requirements.