ExamGecko
Question list
Search
Search

List of questions

Search

Related questions











Question 748 - SAA-C03 discussion

Report
Export

A company deploys Amazon EC2 instances that run in a VPC. The EC2 instances load source data into Amazon S3 buckets so that the data can be processed in the future. According to compliance laws, the data must not be transmitted over the public internet. Servers in the company's on-premises data center will consume the output from an application that runs on the LC2 instances.

Which solution will meet these requirements?

A.
Deploy an interface VPC endpoint for Amazon EC2. Create an AWS Site-to-Site VPN connection between the company and the VPC.
Answers
A.
Deploy an interface VPC endpoint for Amazon EC2. Create an AWS Site-to-Site VPN connection between the company and the VPC.
B.
Deploys gateway VPC endpoint for Amazon S3 Set up an AWS Direct Connect connection between the on-premises network and the VPC.
Answers
B.
Deploys gateway VPC endpoint for Amazon S3 Set up an AWS Direct Connect connection between the on-premises network and the VPC.
C.
Set up on AWS Transit Gateway connection from the VPC to the S3 buckets. Create an AWS Site-to-Site VPN connection between the company and the VPC.
Answers
C.
Set up on AWS Transit Gateway connection from the VPC to the S3 buckets. Create an AWS Site-to-Site VPN connection between the company and the VPC.
D.
Set up proxy EC2 instances that have routes to NAT gateways. Configure the proxy EC2 instances lo fetch S3 data and feed the application instances.
Answers
D.
Set up proxy EC2 instances that have routes to NAT gateways. Configure the proxy EC2 instances lo fetch S3 data and feed the application instances.
Suggested answer: B

Explanation:

Understanding the Requirement: EC2 instances need to upload data to S3 without using the public internet, and on-premises servers need to consume this data.

Analysis of Options:

Interface VPC Endpoint for EC2: Not relevant for accessing S3.

Gateway VPC Endpoint for S3 and Direct Connect: Provides private connectivity from EC2 instances to S3 and from on-premises to AWS, ensuring compliance with the requirement to avoid public internet.

Transit Gateway and Site-to-Site VPN: Adds unnecessary complexity and does not provide the same level of performance as Direct Connect.

Proxy EC2 Instances with NAT Gateways: Increases complexity and costs compared to a direct connection using VPC endpoints and Direct Connect.

Best Solution:

Gateway VPC Endpoint for S3 and Direct Connect: This solution ensures secure, private data transfer both within AWS and between on-premises and AWS, meeting the compliance requirements effectively.

Amazon VPC Endpoints for S3

AWS Direct Connect

asked 16/09/2024
Marie Joyce Candice Dancel
42 questions
User
Your answer:
0 comments
Sorted by

Leave a comment first