Answer-first summary for fast verification
Answer: Configure VPC endpoints for DynamoDB that will provide required internal access without using public internet
Configure VPC endpoints for DynamoDB that will provide required internal access without using public internet When you create a VPC endpoint for DynamoDB, any requests to a DynamoDB endpoint within the Region (for example, dynamodb.us-west-2.amazonaws.com) are routed to a private DynamoDB endpoint within the Amazon network. You don't need to modify your applications running on EC2 instances in your VPC. The endpoint name remains the same, but the route to DynamoDB stays entirely within the Amazon network, and does not access the public internet. You use endpoint policies to control access to DynamoDB. Traffic between your VPC and the AWS service does not leave the Amazon network.
Author: LeetQuiz Editorial Team
Ultimate access to all questions.
No comments yet.
A CRM application is currently deployed on Amazon EC2 instances, while the database tier is managed using DynamoDB. Recently, customers have expressed concerns about the privacy and security of data transmitted over the public internet.
As an AWS Certified Developer Associate, what would be the most suitable solution to enable secure communication between the EC2 instances and DynamoDB without relying on the public internet?
A
The firm can use a virtual private network (VPN) to route all DynamoDB network traffic through their own corporate network infrastructure
B
Create a NAT Gateway to provide the necessary communication channel between EC2 instances and DynamoDB
C
Configure VPC endpoints for DynamoDB that will provide required internal access without using public internet
D
Create an Internet Gateway to provide the necessary communication channel between EC2 instances and DynamoDB