Answer-first summary for fast verification
Answer: Create a VPC gateway endpoint for Amazon S3. Route network traffic to the VPC gateway endpoint.
Option B is CORRECT because creating a VPC gateway endpoint for Amazon S3 allows the AWS Lambda function to access Amazon S3 directly over the AWS private network, eliminating the need for internet access. A gateway endpoint is highly cost-effective as it does not incur data transfer charges for access to S3 and ensures secure, private communication between the Lambda function and Amazon S3 without leaving the AWS network. This setup is ideal for resolving timeout issues when accessing S3 from a VPC-enabled Lambda function in a secure and cost-effective manner.
Author: Ritesh Yadav
Ultimate access to all questions.
Question 9/58
A company uses an AWS Lambda function to transfer files from a legacy SFTP environment to Amazon S3 buckets. The Lambda function is VPC enabled to ensure that all communications between the Lambda function and other AWS services that are in the same VPC environment will occur over a secure network.
The Lambda function is able to connect to the SFTP environment successfully. However, when the Lambda function attempts to upload files to the S3 buckets, the Lambda function returns timeout errors. A data engineer must resolve the timeout issues in a secure way.
Which solution will meet these requirements in the MOST cost-effective way?
A
Create a NAT gateway in the public subnet of the VPC. Route network traffic to the NAT gateway.
B
Create a VPC gateway endpoint for Amazon S3. Route network traffic to the VPC gateway endpoint.
C
Create a VPC interface endpoint for Amazon S3. Route network traffic to the VPC interface endpoint.
D
Use a VPC internet gateway to connect to the internet. Route network traffic to the VPC internet gateway.
No comments yet.