Answer-first summary for fast verification
Answer: Configure the Lambda function to run in the same subnet that the DB instance uses., Attach the same security group to the Lambda function and the DB instance. Include a self-referencing rule that allows access through the database port.
Option C is CORRECT because configuring the Lambda function to run in the same VPC and subnet as the DB instance ensures that the function can connect privately. Running the Lambda function within the same network environment as the DB instance eliminates the need for public internet access and simplifies private connectivity setup. Option D is CORRECT because attaching the same security group to both the Lambda function and the DB instance allows secure communication without explicitly tying the database access only to Lambda. This approach ensures scalability, as other applications using the same security group can also connect to the database without additional changes. The self-referencing rule allows connections through the database port while minimizing operational overhead.
Author: Ritesh Yadav
Ultimate access to all questions.
Question 8/60
The developer needs to give the Lambda function the ability to connect to the DB instance privately without using the public internet.
Which combination of steps will meet this requirement with the LEAST operational overhead? (Select TWO.)
A
Turn on the public access setting for the DB instance.
B
Update the security group of the DB instance to allow only Lambda function invocations on the database port.
C
Configure the Lambda function to run in the same subnet that the DB instance uses.
D
Attach the same security group to the Lambda function and the DB instance. Include a self-referencing rule that allows access through the database port.
E
Update the network ACL of the private subnet to include a self-referencing rule that allows access through the database port.
No comments yet.