AWS Certified Advanced Networking - Specialty

Get started today

Ultimate access to all questions.

Quick Answer

Answer-first summary for fast verification

Answer: Deploy the EC2 instances in the private subnets. Create an S3 interface endpoint in the VPC. Modify the application configuration to use the S3 endpoint-specific DNS hostname.

To meet the requirements of minimizing data transfer costs and ensuring that the EC2 instances are not directly accessible from the internet, the best solution involves deploying the EC2 instances in the private subnets and using an S3 interface endpoint. This setup allows the EC2 instances to securely access Amazon S3 without traversing the internet, thus minimizing data transfer costs. An S3 interface endpoint provides a private connection between the VPC and Amazon S3, ensuring that data transfer between the EC2 instances and S3 does not incur internet data transfer charges. Additionally, deploying the EC2 instances in private subnets ensures they are not directly accessible from the internet, enhancing security. Therefore, the correct solution is to deploy the EC2 instances in the private subnets and create an S3 interface endpoint in the VPC, modifying the application configuration to use the S3 endpoint-specific DNS hostname.

Author: LeetQuiz Editorial Team

Quick Answer

Answer-first summary for fast verification

Answer: Deploy the EC2 instances in the private subnets. Create an S3 interface endpoint in the VPC. Modify the application configuration to use the S3 endpoint-specific DNS hostname.

Author: LeetQuiz Editorial Team

Comments (0)

No comments yet.

A company is deploying a two-tier web application in a new VPC within a single AWS Region. The VPC includes an internet gateway and four subnets: two public subnets with default routes to the internet gateway and two private subnets sharing a route table without a default route. The application will run on Amazon EC2 instances behind an external Application Load Balancer, with the EC2 instances requiring no direct internet access. The application will use an Amazon S3 bucket in the same Region for data storage, performing S3 GET and PUT API operations from the EC2 instances. A network engineer must design a VPC architecture that minimizes data transfer costs.

Which solution meets these requirements?

Exam-Like

Deploy the EC2 instances in the public subnets. Create an S3 interface endpoint in the VPC. Modify the application configuration to use the S3 endpoint-specific DNS hostname.

0.0%

Deploy the EC2 instances in the private subnets. Create a NAT gateway in the VPC. Create default routes in the private subnets to the NAT gateway. Connect to Amazon S3 by using the NAT gateway.

0.0%

Deploy the EC2 instances in the private subnets. Create an S3 gateway endpoint in the VPSpecify die route table of the private subnets during endpoint creation to create routes to Amazon S3.

Deploy the EC2 instances in the private subnets. Create an S3 interface endpoint in the VPC. Modify the application configuration to use the S3 endpoint-specific DNS hostname.

100.0%