AWS Certified Solutions Architect - Professional

Get started today

Ultimate access to all questions.

Quick Answer

Answer-first summary for fast verification

Answer: Set up an AWS Client VPN endpoint associated with a VPC subnet, configure a Client VPN self-service portal, and guide developers to connect using the Client VPN client.

The correct answer is A. This option involves setting up an AWS Client VPN endpoint, which can provide secure, scalable access for developers working from various locations, including from home. The VPN connection can be associated with a subnet in the VPC, ensuring that all data is stored within the VPC as required. Setting up a self-service portal makes it easy for developers to connect using the Client VPN client. Options B and C involve more complex setups that are not necessarily designed for individual developer access. Option D, while providing access through a bastion host, introduces a potential security risk and requires additional knowledge of SSH, making it less ideal compared to the Client VPN solution.

Author: LeetQuiz Editorial Team

Quick Answer

Answer-first summary for fast verification

Answer: Set up an AWS Client VPN endpoint associated with a VPC subnet, configure a Client VPN self-service portal, and guide developers to connect using the Client VPN client.

Author: LeetQuiz Editorial Team

Comments (0)

No comments yet.

A company is developing an application on AWS that sends logs to an Amazon OpenSearch Service cluster for analysis, with all data required to be within a VPC. The company has developers working remotely from home and others in three distinct office locations who need direct access from their local machines to analyze and visualize these logs. What solution best addresses these requirements?

Exam-Like

Set up an AWS Client VPN endpoint associated with a VPC subnet, configure a Client VPN self-service portal, and guide developers to connect using the Client VPN client.

62.5%

Establish a transit gateway connected to the VPC, create an AWS Site-to-Site VPN with an attachment to the transit gateway, and instruct developers to use an OpenVPN client for connection.

25.0%

Deploy a transit gateway linked to the VPC, arrange an AWS Direct Connect connection with a public VIF set up on the Direct Connect connection, associate the public VIF with the transit gateway, and advise developers to connect via the Direct Connect connection.

12.5%

Deploy a bastion host in a public subnet of the VPC, set up the bastion host security group to permit SSH access from the company's CIDR ranges, and direct developers to connect using SSH.