SAA-C03 · Question #414
SAA-C03 Question #414: Real Exam Question with Answer & Explanation
The correct answer is C: Replace the NAT gateway with a gateway VPC endpoint.. A VPC gateway endpoint for Amazon S3 enables private connectivity to S3 without routing traffic through a NAT gateway or over the internet, eliminating NAT gateway costs. This solution is secure and redundant, as S3 endpoints are highly available by design.
Question
A company has an application that runs on Amazon EC2 instances within a private subnet in a VPC. The instances access data in an Amazon S3 bucket in the same AWS Region. The VPC contains a NAT gateway in a public subnet to access the S3 bucket. The company wants to reduce costs by replacing the NAT gateway without compromising security or redundancy. Which solution meets these requirements?
Options
- AReplace the NAT gateway with a NAT instance.
- BReplace the NAT gateway with an internet gateway.
- CReplace the NAT gateway with a gateway VPC endpoint.
- DReplace the NAT gateway with an AWS Direct Connect connection.
Explanation
A VPC gateway endpoint for Amazon S3 enables private connectivity to S3 without routing traffic through a NAT gateway or over the internet, eliminating NAT gateway costs. This solution is secure and redundant, as S3 endpoints are highly available by design.
Community Discussion
No community discussion yet for this question.