nerdexam
Amazon

DVA-C02 · Question #530

A developer needs to configure an AWS Lambda function to make HTTP POST requests to an internal application. The application is in the same AWS account that hosts the function. The internal applicatio

The correct answer is B. Attach the Lambda function to the VPC and to the private subnet.. Attaching a Lambda function to a VPC and the specific private subnet grants it network-level access to resources within that subnet, including EC2 instances.

Submitted by lucia.co· Mar 5, 2026Development with AWS Services

Question

A developer needs to configure an AWS Lambda function to make HTTP POST requests to an internal application. The application is in the same AWS account that hosts the function. The internal application runs on Amazon EC2 instances in a private subnet within a VPC. Which solution will meet these requirements?

Options

  • AConfigure a VPC endpoint to connect to the private subnet. Attach the endpoint to the Lambda
  • BAttach the Lambda function to the VPC and to the private subnet.
  • CConfigure a VPN connection between the Lambda function and the private subnet. Attach the
  • DConfigure the VPC route table to include the Lambda function's IP address.

How the community answered

(25 responses)
  • A
    4% (1)
  • B
    88% (22)
  • C
    8% (2)

Why each option

Attaching a Lambda function to a VPC and the specific private subnet grants it network-level access to resources within that subnet, including EC2 instances.

AConfigure a VPC endpoint to connect to the private subnet. Attach the endpoint to the Lambda

VPC endpoints provide private connectivity to AWS-managed services (like S3 or DynamoDB), not to EC2 instances running in a private subnet.

BAttach the Lambda function to the VPC and to the private subnet.Correct

When a Lambda function is configured with VPC settings, AWS creates elastic network interfaces (ENIs) in the specified subnets. By attaching the function to the same VPC and private subnet as the EC2 instances, Lambda can reach those instances using their private IP addresses, enabling direct HTTP POST requests without traversing the public internet.

CConfigure a VPN connection between the Lambda function and the private subnet. Attach the

A VPN connection is used to link on-premises networks or separate VPCs; it is not a valid mechanism for connecting a Lambda function directly to a subnet within the same account and VPC.

DConfigure the VPC route table to include the Lambda function's IP address.

Lambda functions do not have static, predictable IP addresses that can be added to a VPC route table as a routing destination; this approach is architecturally invalid.

Concept tested: Configuring Lambda VPC access to private subnet resources

Source: https://docs.aws.amazon.com/lambda/latest/dg/configuration-vpc.html

Community Discussion

No community discussion yet for this question.

Full DVA-C02 Practice