Answer-first summary for fast verification
Answer: AWS PrivateLink for Bedrock
## Explanation **AWS PrivateLink for Bedrock** is the correct answer because: 1. **Private Connectivity**: AWS PrivateLink provides private connectivity between VPCs and AWS services without exposing traffic to the public internet. 2. **Security Requirements**: For financial institutions with strict security requirements, keeping traffic off the public internet is crucial for compliance and data protection. 3. **Bedrock Integration**: AWS PrivateLink specifically supports Amazon Bedrock, allowing secure, private access to Bedrock's foundation models from within a private VPC. 4. **How it works**: PrivateLink creates VPC endpoints that route traffic through the AWS network backbone rather than the public internet, ensuring data remains within AWS's secure network infrastructure. **Why other options are incorrect**: - **A. Amazon Cognito**: This is an identity and access management service for web and mobile applications, not for private network connectivity. - **C. IAM AssumeRole policies**: These are for managing permissions and access control, not for network-level private connectivity. - **D. Multi-region replication**: This is for data replication across AWS regions for disaster recovery, not for private network connectivity. **Key Takeaway**: When you need to connect to AWS services from a private VPC without internet exposure, AWS PrivateLink is the standard solution for creating private endpoints to AWS services.
Author: Ritesh Yadav
Ultimate access to all questions.
A financial institution needs to securely connect to Bedrock from their private VPC and ensure no traffic goes over the public internet. Which feature accomplishes this?
A
Amazon Cognito
B
AWS PrivateLink for Bedrock
C
IAM AssumeRole policies
D
Multi-region replication
No comments yet.