Cyber Monday 2024! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions

Amazon Exam ANS-C01 Topic 1 Question 31 Discussion

Actual exam question for Amazon's ANS-C01 exam
Question #: 31
Topic #: 1
[All ANS-C01 Questions]

A company has workloads that run in a VPC. The workloads access Amazon S3 by using an S3 gateway endpoint. The company also has on-premises workloads that need to access Amazon

S3 privately over a VPN connection. The company has established the VPN connection to the VPC.

Which solution will provide connectivity to Amazon S3 from the VPC workloads and the on-premises workloads in the MOST operationally efficient way?

Show Suggested Answer Hide Answer
Suggested Answer: C

The correct solution is to use an S3 interface endpoint and an on-premises DNS resolver. An S3 interface endpoint allows you to access Amazon S3 using private IP addresses within your VPC. An on-premises DNS resolver can be configured to forward the DNS queries for the S3 domain names to the S3 interface endpoint, so that the on-premises workloads can access Amazon S3 privately over the VPN connection. This solution is operationally efficient, as it does not require any additional infrastructure or changes to the existing workloads. The VPC workloads can continue to use the S3 gateway endpoint, which provides lower latency and higher throughput than the S3 interface endpoint.


Contribute your Thoughts:

Raymon
4 months ago
Option B eliminates the need for the S3 gateway endpoint, making it more streamlined.
upvoted 0 times
...
Glory
4 months ago
Option C is the way to go, but I've got a question - does the on-premises DNS resolver come with a free magic 8-ball to predict the future? Seems like a risky move if you ask me.
upvoted 0 times
Tamar
3 months ago
Agreed, simplicity is key when it comes to networking solutions.
upvoted 0 times
...
Rosio
4 months ago
Maybe they should consider a more straightforward approach to avoid any potential issues.
upvoted 0 times
...
Barney
4 months ago
Yeah, it does seem like a solid solution. But I agree, relying on a DNS resolver for private IP addresses does sound a bit risky.
upvoted 0 times
...
Niesha
4 months ago
Option C sounds good, using the S3 interface endpoint for on-premises workloads and the S3 gateway endpoint for VPC workloads.
upvoted 0 times
...
...
Desmond
5 months ago
Why do you think option B is better?
upvoted 0 times
...
Raymon
5 months ago
I disagree, I believe option B is more efficient.
upvoted 0 times
...
Edna
5 months ago
I'm going to have to go with Option D. Setting up the AWS Direct Connect connection just seems like the most reliable and secure way to handle this scenario.
upvoted 0 times
...
Jody
5 months ago
This is a tricky one, but I think Option B is the way to go. Having the proxy fleet gives you more control and flexibility, even if it adds a bit of complexity.
upvoted 0 times
Tiera
3 months ago
Option B does seem like the most operationally efficient solution. It's worth considering the added complexity for the control it provides.
upvoted 0 times
...
Coral
3 months ago
I agree, having the S3 interface endpoint for both on-premises and VPC workloads seems efficient.
upvoted 0 times
...
Sheridan
3 months ago
Option B sounds like a good choice. The proxy fleet behind an ALB seems like a solid setup.
upvoted 0 times
...
Rima
3 months ago
Option B does seem like a good balance between security and operational efficiency. It's worth considering for this scenario.
upvoted 0 times
...
Marget
4 months ago
I agree, having the S3 interface endpoint along with the proxy fleet can provide a secure and efficient way to access Amazon S3.
upvoted 0 times
...
Adelina
4 months ago
Option B sounds like a good choice. The proxy fleet behind an ALB seems like a solid setup.
upvoted 0 times
...
...
Dan
5 months ago
I like the idea of using the S3 interface endpoint, but I'm not sure I trust the on-premises DNS resolver to handle the resolution correctly. Sounds like a potential point of failure to me.
upvoted 0 times
Malcom
4 months ago
User 2
upvoted 0 times
...
Jess
4 months ago
User 1
upvoted 0 times
...
...
Desmond
5 months ago
I think option A is the best solution.
upvoted 0 times
...
Johnathon
5 months ago
Option C seems the most straightforward. Using the S3 interface endpoint for both VPC and on-premises workloads makes the most sense, and avoiding the proxy fleet keeps things simple.
upvoted 0 times
Janna
4 months ago
It's important to keep things simple and efficient when setting up connectivity to Amazon S3.
upvoted 0 times
...
Pura
5 months ago
Avoiding the proxy fleet also reduces complexity in the configuration.
upvoted 0 times
...
Jennifer
5 months ago
Using the S3 interface endpoint for both VPC and on-premises workloads simplifies the setup.
upvoted 0 times
...
Verdell
5 months ago
I agree, option C does seem like the most straightforward solution.
upvoted 0 times
...
...

Save Cancel
az-700  pass4success  az-104  200-301  200-201  cissp  350-401  350-201  350-501  350-601  350-801  350-901  az-720  az-305  pl-300  

Warning: Cannot modify header information - headers already sent by (output started at /pass.php:70) in /pass.php on line 77