SAA-C03 · Question #435
SAA-C03 Question #435: Real Exam Question with Answer & Explanation
The correct answer is A: Implement a gateway VPC endpoint for Amazon S3 and an interface VPC endpoint for Amazon. Amazon S3 uses gateway VPC endpoints, which enable private, secure access to S3 without traversing the internet, compatible with IPv6. Amazon DynamoDB uses interface VPC endpoints (powered by AWS PrivateLink) for private connectivity within the VPC. Therefore, for secure private
Question
A company is designing an IPv6 application that is hosted on Amazon EC2 instances in a private subnet within a VPC. The application will store user-uploaded content in Amazon S3 buckets. The application will save each S3 object's URL link and metadata in Amazon DynamoDB. The company must not use public internet connections to transmit user-uploaded content or metadata. Which solution will meet these requirements?
Options
- AImplement a gateway VPC endpoint for Amazon S3 and an interface VPC endpoint for Amazon
- BImplement interface VPC endpoints for both Amazon S3 and Amazon DynamoDB.
- CImplement gateway VPC endpoints for both Amazon S3 and Amazon DynamoDB.
- DImplement a gateway VPC endpoint for Amazon DynamoDB and an interface VPC endpoint for
Explanation
Amazon S3 uses gateway VPC endpoints, which enable private, secure access to S3 without traversing the internet, compatible with IPv6. Amazon DynamoDB uses interface VPC endpoints (powered by AWS PrivateLink) for private connectivity within the VPC. Therefore, for secure private communication without public internet, the correct solution is to implement a gateway VPC endpoint for S3 and an interface VPC endpoint for DynamoDB. Option B is incorrect because S3 does not support interface endpoints; Option C is incorrect because DynamoDB does not support gateway endpoints. Option D reverses the correct
Community Discussion
No community discussion yet for this question.