AWS Certified Solutions Architect - Professional

Get started today

Ultimate access to all questions.

Quick Answer

Answer-first summary for fast verification

Answer: Establish an AWS CodeArtifact domain and repository, connect it to the public:pypi repository, configure the Python client to utilize the CodeArtifact repository, and create a VPC endpoint for CodeArtifact.

The correct answer is D. Setting up an AWS CodeArtifact domain and repository, and adding an external connection for public:pypi meets the requirement of accessing the PyPI repository while keeping SageMaker instances isolated from the internet. This approach allows you to manage and update Python packages securely within your VPC by using AWS CodeArtifact as an intermediary. By configuring the Python client to use the CodeArtifact repository and creating a VPC endpoint for CodeArtifact, you ensure that the instances remain isolated from the internet, satisfying both the security and functionality requirements.

Author: LeetQuiz Editorial Team

Quick Answer

Answer-first summary for fast verification

Author: LeetQuiz Editorial Team

Comments (0)

No comments yet.

A team of data scientists is utilizing Amazon SageMaker instances and SageMaker APIs within a VPC that is completely isolated from the internet to train their machine learning models. The datasets required for training these models are stored in an Amazon S3 bucket, which is accessible through interface VPC endpoints. Occasionally, the data scientists need to update their Python packages using the Python Package Index (PyPI) repository. A solutions architect is tasked with ensuring access to PyPI while maintaining the isolation of the SageMaker instances from the internet. What solution should the architect implement to fulfill these requirements?

Exam-Like

Last updated: February 25, 2026 at 14:03

Create an AWS CodeCommit repository for each required package, synchronize it with the PyPI repository, and establish a VPC endpoint for CodeCommit.

22.2%

Set up a NAT gateway within the VPC, configure VPC routes to permit internet access solely through a network ACL that restricts access to the PyPI repository endpoint.

33.3%

Deploy a NAT instance in the VPC, configure VPC routes for internet access, and set up SageMaker notebook instance firewall rules to allow access exclusively to the PyPI repository endpoint.

11.1%

Establish an AWS CodeArtifact domain and repository, connect it to the public:pypi repository, configure the Python client to utilize the CodeArtifact repository, and create a VPC endpoint for CodeArtifact.