Cyber Monday 2024! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions

Amazon Exam ANS-C01 Topic 4 Question 24 Discussion

Actual exam question for Amazon's ANS-C01 exam
Question #: 24
Topic #: 4
[All ANS-C01 Questions]

A company has workloads that run in a VPC. The workloads access Amazon S3 by using an S3 gateway endpoint. The company also has on-premises workloads that need to access Amazon

S3 privately over a VPN connection. The company has established the VPN connection to the VPC.

Which solution will provide connectivity to Amazon S3 from the VPC workloads and the on-premises workloads in the MOST operationally efficient way?

Show Suggested Answer Hide Answer
Suggested Answer: C

The correct solution is to use an S3 interface endpoint and an on-premises DNS resolver. An S3 interface endpoint allows you to access Amazon S3 using private IP addresses within your VPC. An on-premises DNS resolver can be configured to forward the DNS queries for the S3 domain names to the S3 interface endpoint, so that the on-premises workloads can access Amazon S3 privately over the VPN connection. This solution is operationally efficient, as it does not require any additional infrastructure or changes to the existing workloads. The VPC workloads can continue to use the S3 gateway endpoint, which provides lower latency and higher throughput than the S3 interface endpoint.


Contribute your Thoughts:

Rochell
5 months ago
I still think option A is the simplest and most operationally efficient choice. It minimizes disruptions and is straightforward to implement.
upvoted 0 times
...
Sommer
6 months ago
I see your point, Option C does seem secure. But wouldn't it involve more setup and maintenance?
upvoted 0 times
...
Merrilee
6 months ago
I prefer option C. Using an S3 interface endpoint and configuring the on-premises DNS resolver seems like a secure way to access Amazon S3.
upvoted 0 times
...
Rochell
6 months ago
But with option B, we would need to redeploy everything. That might cause disruptions.
upvoted 0 times
...
Sommer
7 months ago
I disagree. Option B seems more efficient to me. Deleting the S3 gateway endpoint and using the S3 interface endpoint could be a better approach.
upvoted 0 times
...
Rochell
7 months ago
I think option A is the best solution. It seems like a simple and efficient way to connect both VPC and on-premises workloads to Amazon S3.
upvoted 0 times
...
Coleen
8 months ago
That's true. Option D could be a more secure choice.
upvoted 0 times
...
Carmela
8 months ago
But wouldn't setting up AWS Direct Connect be more secure for on-premises workloads?
upvoted 0 times
...
Coleen
8 months ago
Because deploying a proxy fleet of EC2 instances behind an ALB seems efficient.
upvoted 0 times
...
Carmela
8 months ago
Why do you say that?
upvoted 0 times
Chuck
7 months ago
Option D might be too complicated for our setup
upvoted 0 times
...
Patti
8 months ago
I think option D is the way to go
upvoted 0 times
...
Dorothy
8 months ago
I'm not sure, maybe option C could work as well
upvoted 0 times
...
Lashanda
8 months ago
Option B seems like the most straightforward approach
upvoted 0 times
...
Douglass
8 months ago
I disagree, I believe option B is more efficient
upvoted 0 times
...
Alishia
8 months ago
I think the best solution is option A
upvoted 0 times
...
...
Coleen
8 months ago
I think option A is the best solution.
upvoted 0 times
...

Save Cancel
az-700  pass4success  az-104  200-301  200-201  cissp  350-401  350-201  350-501  350-601  350-801  350-901  az-720  az-305  pl-300  

Warning: Cannot modify header information - headers already sent by (output started at /pass.php:70) in /pass.php on line 77