ANS-C01 Question #253: Real Exam Question with Answer & Explanation

Question

A company is developing an API-based application on AWS for its process workflow requirements. The API will be invoked by clients in the company's on-premises data centers. The company has set up an AWS Direct Connect connection between on premises and AWS. A network engineer decides to implement the API as a private REST API in Amazon API Gateway. The network engineer wants to ensure that clients can reach the API endpoint through private communication. Which solution can the network engineer use to invoke the API without any additional infrastructure setup?

Options

• ACreate an interface VPC endpoint for API Gateway with private DNS names enabled. Access the
• BCreate an interface VPC endpoint for API Gateway with private DNS names enabled. Access the
• CCreate an interface VPC endpoint for API Gateway. Associate the endpoint with the private REST
• DCreate an interface VPC endpoint for API Gateway with private DNS names enabled. Access the

Explanation

To enable on-premises clients to securely invoke a private Amazon API Gateway REST API over a Direct Connect connection, an interface VPC endpoint with private DNS names enabled must be created.

Common mistakes.

• A. This choice is incomplete, but assumes it is similar to D without fully specifying the access method or implication, thus not fully addressing the problem.
• B. This choice is incomplete, but assumes it is similar to D without fully specifying the access method or implication, thus not fully addressing the problem.
• C. While creating an interface VPC endpoint is correct, not enabling private DNS names would require clients to use endpoint-specific DNS names or manual DNS configuration, which is not as seamless as using the private DNS feature.

Concept tested. Private API Gateway with VPC Endpoints

Reference. https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-private-api-integrate-vpc-endpoint.html

No community discussion yet for this question.