A company requires the use of a third-party software-as-a-service (SaaS) application that operates within an AWS VPC and is accessed via API calls. The company's VPC must connect to this SaaS application privately, without internet exposure, and adhere to the principle of least privilege for security. What is the appropriate solution to establish this secure, private connection?

Exam-Like

Establish an AWS PrivateLink interface VPC endpoint connected to the SaaS application's endpoint service, with a security group configured to restrict access, which is then associated with the endpoint.

66.7%

Set up an AWS Site-to-Site VPN between the company's VPC and the SaaS application's VPC, with network ACLs configured to restrict access through the VPN tunnels.

0.0%

Configure a VPC peering connection between the company's VPC and the SaaS application's VPC, updating the route tables to include the necessary routes for the peering connection.

16.7%

Create an AWS PrivateLink endpoint service and request the SaaS provider to establish an interface VPC endpoint for this service, granting access permissions to the SaaS provider's specific AWS account.

16.7%

AWS Certified Solutions Architect - Professional

Get started today

Comments