Explanation:

Running the Lambda in the VPC using private subnets ensures traffic uses VPC ENIs in private subnets. Referencing the Lambda security group in the Aurora security group grants precise inbound access on the DB port without exposing the cluster. This provides private connectivity with least operational overhead. Interface VPC endpoint for RDS is for control-plane API, not data-plane. Private DNS does not establish routing or permissions. RDS Proxy adds overhead and is unnecessary for basic access.

Which actions enable private, least-ops connectivity from an AWS Lambda function to an Aurora PostgreSQL cluster in the same VPC? (Choose 2)

Other

RRitesh

Last updated: May 10, 2026 at 04:26

Create an interface VPC endpoint for Amazon RDS

0.0%

Run the Lambda in the VPC using private subnets

50.0%

Enable private DNS on the Aurora endpoint

Reference the Lambda security group in the Aurora security group on the DB port

50.0%

AWS Certified Data Engineer - Associate

Get started today

Get started today

Comments (0)

Which actions enable private, least-ops connectivity from an AWS Lambda function to an Aurora PostgreSQL cluster in the same VPC? (Choose 2)