CNX-001 · Question #69
CNX-001 Question #69: Real Exam Question with Answer & Explanation
The correct answer is D: A private service endpoint exposing the API endpoint to the customer's VPC. AWS PrivateLink (a private service endpoint) lets you expose your API over an interface endpoint directly into each customer's VPC without ever traversing the public internet, ensuring the service remains fully private.
Question
A SaaS company is launching a new product based in a cloud environment. The new product will be provided as an API and should not be exposed to the internet. Which of the following should the company create to best meet this requirement?
Options
- AA transit gateway that connects the API to the customer's VPC
- BFirewall rules allowing access to the API endpoint from the customer's VPC
- CA VPC peering connection from the API VPC to the customer's VPC
- DA private service endpoint exposing the API endpoint to the customer's VPC
Explanation
AWS PrivateLink (a private service endpoint) lets you expose your API over an interface endpoint directly into each customer's VPC without ever traversing the public internet, ensuring the service remains fully private.
Topics
Community Discussion
No community discussion yet for this question.