AWS Certified Advanced Networking - Specialty
Get started today
Ultimate access to all questions.
What steps should the network engineer take to centralize and manage interface VPC endpoints for private communication with AWS services, ensuring that all Amazon Route 53 zones and interface endpoints are managed within a shared services AWS account, while leveraging AWS Transit Gateway for inter-VPC connectivity in a hub-and-spoke model, and enabling AWS resources to access AWS Key Management Service (AWS KMS) without routing traffic over the public internet?
What steps should the network engineer take to centralize and manage interface VPC endpoints for private communication with AWS services, ensuring that all Amazon Route 53 zones and interface endpoints are managed within a shared services AWS account, while leveraging AWS Transit Gateway for inter-VPC connectivity in a hub-and-spoke model, and enabling AWS resources to access AWS Key Management Service (AWS KMS) without routing traffic over the public internet?
Exam-Like
A
In the shared services account, create an interface endpoint for AWS KMS. Modify the interface endpoint by disabling the private DNS name. Create a private hosted zone in the shared services account with an alias record that points to the interface endpoint. Associate the private hosted zone with the spoke VPCs in each AWS account.
100.0%
Comments
Loading comments...