Explanation:
The correct answer is C. To ensure that the network traffic for file transfers takes a private route without being sent over the internet, you should move the EC2 instances to private subnets and create a VPC endpoint for Amazon S3. This ensures that all communications between the EC2 instances and Amazon S3 occur through the private network, without exposing the traffic to the internet.
Ultimate access to all questions.
No comments yet.
A medical records company uses EC2 instances in public subnets to process data stored on Amazon S3, accessing it over the internet. A requirement for private network traffic for file transfers has arisen. What network architecture change should be recommended?
A
Implement a NAT gateway and adjust the route table for traffic to Amazon S3.
B
Modify the security group to allow only traffic to the S3 prefix list.
C
Relocate EC2 instances to private subnets and establish a VPC endpoint for Amazon S3.
D
Eliminate the internet gateway, establish a Direct Connect connection, and route traffic to Amazon S3 via Direct Connect.