BlackFriday 2024! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Amazon Exam ANS-C01 Topic 4 Question 22 Discussion

Actual exam question for Amazon's ANS-C01 exam
Question #: 22
Topic #: 4
[All ANS-C01 Questions]

A company has workloads that run in a VPC. The workloads access Amazon S3 by using an S3 gateway endpoint. The company also has on-premises workloads that need to access Amazon

S3 privately over a VPN connection. The company has established the VPN connection to the VPC.

Which solution will provide connectivity to Amazon S3 from the VPC workloads and the on-premises workloads in the MOST operationally efficient way?

Show Suggested Answer Hide Answer
Suggested Answer: C

The correct solution is to use an S3 interface endpoint and an on-premises DNS resolver. An S3 interface endpoint allows you to access Amazon S3 using private IP addresses within your VPC. An on-premises DNS resolver can be configured to forward the DNS queries for the S3 domain names to the S3 interface endpoint, so that the on-premises workloads can access Amazon S3 privately over the VPN connection. This solution is operationally efficient, as it does not require any additional infrastructure or changes to the existing workloads. The VPC workloads can continue to use the S3 gateway endpoint, which provides lower latency and higher throughput than the S3 interface endpoint.


by Laurel at Mar 17, 2024, 01:20 AM

Limited Time Offer

25%

Off

Get Premium ANS-C01 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Joni
4 months ago
I personally prefer option C. Setting up an S3 interface endpoint seems like a simpler solution for on-premises workloads.
upvoted 0 times
...
Lauran
4 months ago
Option B could work too, but I think having the S3 gateway endpoint is more straightforward.
upvoted 0 times
...
Catina
5 months ago
But what about option B? It also involves using an ALB and an S3 interface endpoint.
upvoted 0 times
...
Aimee
5 months ago
I agree. Using an ALB with a proxy fleet seems like a good solution.
upvoted 0 times
...
Luke
5 months ago
I think option A is the most operationally efficient way.
upvoted 0 times
...
Francine
5 months ago
I see the benefit of using S3 interface endpoint, but I prefer option D with Direct Connect.
upvoted 0 times
...
Marlon
6 months ago
I feel option B might be better, with S3 interface endpoint.
upvoted 0 times
...
Jeannetta
6 months ago
I agree with Jamal, using an ALB for proxy sounds good.
upvoted 0 times
...
Jamal
6 months ago
I think option A seems efficient.
upvoted 0 times
...
Alesia
7 months ago
Ha, a proxy fleet? That sounds like a lot of work! Plus, don't we have to worry about the performance and scalability of that approach? I'm with Vincenza and Scarlet - option C just seems like the cleanest and most straightforward solution.
upvoted 0 times
...
Francine
7 months ago
I'm not convinced that option C is the way to go. Isn't there a risk of potential performance issues with the DNS resolution process? I'm kind of drawn to option B, where we use a proxy fleet to handle the connectivity between the on-premises workloads and S3.
upvoted 0 times
...
Scarlet
7 months ago
I agree, option C does seem like the most efficient solution. Using the S3 interface endpoint for both the VPC workloads and the on-premises workloads is a nice way to keep things consistent and minimize complexity.
upvoted 0 times
...
Vincenza
7 months ago
Hmm, this is an interesting question. I'm not sure which solution would be the most operationally efficient, but I'm leaning towards option C. The idea of using an S3 interface endpoint and configuring the on-premises DNS resolver to resolve the S3 DNS names seems like a pretty straightforward approach.
upvoted 0 times
Merilyn
6 months ago
Yeah, I think I'm convinced. Option D appears to be the most operationally efficient way to handle connectivity for both sets of workloads accessing Amazon S3.
upvoted 0 times
...
Kirk
7 months ago
I agree, option D seems to offer a straightforward and secure solution for connecting both the VPC and on-premises workloads to Amazon S3.
upvoted 0 times
...
Yesenia
7 months ago
Option D does sound intriguing. Routing S3 traffic over a public VIF via Direct Connect could potentially offer a reliable and efficient way to access Amazon S3.
upvoted 0 times
...
Samira
7 months ago
Actually, option D might be worth considering too. Setting up an AWS Direct Connect connection and a public VIF for routing S3 traffic could streamline connectivity.
upvoted 0 times
...
Alayna
7 months ago
I see your point, but I still think option C is the way to go. Configuring the on-premises DNS resolver to resolve S3 DNS names to private IP addresses seems like a solid plan.
upvoted 0 times
...
Corinne
7 months ago
Yeah, that could be a good option. But option B also seems interesting. Creating an S3 interface endpoint and using an ALB as the proxy server for both VPC and on-premises workloads.
upvoted 0 times
...
Bobbye
7 months ago
I think option A could also work well. Setting up a proxy fleet of EC2 instances in the VPC behind an ALB seems like it could provide efficient connectivity.
upvoted 0 times
...
...

Save Cancel