Exam SAA-C03 Topic 3 Question 611 Discussion

Actual exam question for Amazon's SAA-C03 exam
Question #: 611
Topic #: 3
A solutions architect needs to ensure that API calls to Amazon DynamoDB from Amazon EC2 instances in a VPC do not travel across the internet.
Which combination of steps should the solutions architect take to meet this requirement? (Choose two.)

Suggested Answer: B,E Vote an answer

B and E are the correct answers because they allow the solutions architect to ensure that API calls to Amazon DynamoDB from Amazon EC2 instances in a VPC do not travel across the internet. By creating a gateway endpoint for DynamoDB, the solutions architect can enable private connectivity between the VPC and DynamoDB. By creating a security group entry in the endpoint's security group to provide access, the solutions architect can control which EC2 instances can communicate with DynamoDB through the endpoint.
References:
Gateway Endpoints
Controlling Access to Services with VPC Endpoints

by archibaldkorley at May 22, 2024, 04:43 AM

Limited Time Offer

15%

Off

Get Premium SAA-C03 Questions as Interactive Self Test Engine or PDF

Comments

Chosen Answer:
This is a voting comment (?) , you can switch to a simple comment.
Switch to a voting comment New
Nick name: Submit Cancel
archibaldkorley
2024-05-22 04:43:19
A, E
Steps to Implement:
Create a Gateway Endpoint for DynamoDB:

Navigate to the VPC console.
Choose "Endpoints" and then "Create Endpoint."
Select "AWS services" and choose "com.amazonaws.[region].dynamodb."
Choose your VPC and the route tables to associate with the endpoint.
Update Route Tables:

In the route table associated with your VPC subnets, add a route with the destination as the DynamoDB service prefix (e.g., com.amazonaws.[region].dynamodb) and target as the gateway endpoint you created.
upvoted 1 times
archibaldkorley
2024-05-22 04:44:47
A,B
Steps to Implement:
Create a Gateway Endpoint for DynamoDB:

Navigate to the VPC console.
Choose "Endpoints" and then "Create Endpoint."
Select "AWS services" and choose "com.amazonaws.[region].dynamodb."
Choose your VPC and the route tables to associate with the endpoint.
Update Route Tables:

In the route table associated with your VPC subnets, add a route with the destination as the DynamoDB service prefix (e.g., com.amazonaws.[region].dynamodb) and target as the gateway endpoint you created.
upvoted 1 times
...
...
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
0
0
0
10