DVA-C02 · Question #530
DVA-C02 Question #530: Real Exam Question with Answer & Explanation
The correct answer is B: Attach the Lambda function to the VPC and to the private subnet.. Attaching a Lambda function to a VPC and the specific private subnet grants it network-level access to resources within that subnet, including EC2 instances.
Question
A developer needs to configure an AWS Lambda function to make HTTP POST requests to an internal application. The application is in the same AWS account that hosts the function. The internal application runs on Amazon EC2 instances in a private subnet within a VPC. Which solution will meet these requirements?
Options
- AConfigure a VPC endpoint to connect to the private subnet. Attach the endpoint to the Lambda
- BAttach the Lambda function to the VPC and to the private subnet.
- CConfigure a VPN connection between the Lambda function and the private subnet. Attach the
- DConfigure the VPC route table to include the Lambda function's IP address.
Explanation
Attaching a Lambda function to a VPC and the specific private subnet grants it network-level access to resources within that subnet, including EC2 instances.
Common mistakes.
- A. VPC endpoints provide private connectivity to AWS-managed services (like S3 or DynamoDB), not to EC2 instances running in a private subnet.
- C. A VPN connection is used to link on-premises networks or separate VPCs; it is not a valid mechanism for connecting a Lambda function directly to a subnet within the same account and VPC.
- D. Lambda functions do not have static, predictable IP addresses that can be added to a VPC route table as a routing destination; this approach is architecturally invalid.
Concept tested. Configuring Lambda VPC access to private subnet resources
Reference. https://docs.aws.amazon.com/lambda/latest/dg/configuration-vpc.html
Community Discussion
No community discussion yet for this question.