AWS Certified Advanced Networking - Specialty

Get started today

Ultimate access to all questions.

Quick Answer

Answer-first summary for fast verification

Answer: Create an interface VPC endpoint for API Gateway with private DNS names enabled. Access the API by using the private DNS name of the endpoint.

To ensure that clients can reach the API endpoint through private communication without any additional infrastructure setup, the network engineer should create an interface VPC endpoint for API Gateway with private DNS names enabled and access the API by using the private DNS name of the endpoint. This approach allows for private communication between the on-premises data centers and the API Gateway within the AWS environment, leveraging the AWS Direct Connect connection. Option A is correct because it directly uses the private DNS name provided by the VPC endpoint, ensuring that the communication remains within the private network. Option B is incorrect because using an Amazon Route 53 alias of the endpoint does not guarantee private communication; it could potentially route traffic through the public internet. Option C is incorrect because associating the endpoint with the private REST API and using an Amazon Route 53 alias does not ensure private communication. Option D is incorrect because using the public DNS name of the endpoint would route traffic through the public internet, which is not the desired outcome for private communication.

Author: LeetQuiz Editorial Team

Quick Answer

Answer-first summary for fast verification

Answer: Create an interface VPC endpoint for API Gateway with private DNS names enabled. Access the API by using the private DNS name of the endpoint.

Author: LeetQuiz Editorial Team

Comments (0)

No comments yet.

A company is building an API-based application on AWS to meet its process workflow needs. The API will be accessed by clients located in the company's on-premises data centers. The company has established an AWS Direct Connect connection between its on-premises environment and AWS. A network engineer plans to deploy the API as a private REST API in Amazon API Gateway and aims to ensure that clients can access the API endpoint using private communication.

What solution can the network engineer implement to allow clients to invoke the API without requiring any additional infrastructure setup?

Exam-Like

Create an interface VPC endpoint for API Gateway with private DNS names enabled. Access the API by using the private DNS name of the endpoint.

100.0%

Create an interface VPC endpoint for API Gateway with private DNS names enabled. Access the API by using an Amazon Route 53 alias of the endpoint.

0.0%

Create an interface VPC endpoint for API Gateway. Associate the endpoint with the private REST API, Access the API by using an Amazon Route 53 alias of the endpoint.

Create an interface VPC endpoint for API Gateway with private DNS names enabled. Access the API by using the public DNS name of the endpoint.