Amazon Exam ANS-C01 Topic 5 Question 33 Discussion

Actual exam question for Amazon's ANS-C01 exam

Question #: 33
Topic #: 5

A company's VPC has Amazon EC2 instances that are communicating with AWS services over the public internet. The company needs to change the connectivity so that the communication

does not occur over the public intemet.

The company deploys AWS PrivateLink endpoints in the VPC. After the deployment of the PrivateLink endpoints, the EC2 instances can no longer communicate at all with the required AWS

services.

Which combination of steps should a network engineer take to restore communication with the AWS services? (Select TWO.)

AIn the VPC route table, add a route that has the PrivateLink endpoints as the destination.

BEnsure that the enableDnsSupport attribute is set to True for the VPC. Ensure that each VPC endpoint has DNS support enabled.

CEnsure that the VPC endpoint policy allows communication.

DCreate an Amazon Route 53 public hosted zone for all services.

ECreate an Amazon Route 53 private hosted zone that includes a custom name for each service.

Show Suggested Answer

Suggested Answer: B, C

To use AWS PrivateLink, you need to create interface type VPC endpoints for the services that you want to access privately from your VPC1. These endpoints appear as elastic network interfaces (ENIs) with private IPs in your subnets2. To enable DNS resolution for these endpoints, you need to set the enableDnsSupport attribute to True for your VPC, and enable DNS support for each endpoint3. You also need to ensure that the VPC endpoint policy allows communication between your VPC and the service4. You do not need to create any route table entries or Route 53 hosted zones for the endpoints, as they are not required for PrivateLink5.

AWS PrivateLink FAQs -- Amazon Web Services 2: AWS PrivateLink and service endpoint - Amazon EC2 Overview and Networking Introduction for Telecom Companies 3: VPC Endpoints: Secure and Direct Access to AWS Services 4: AWS PrivateLink and service endpoint - Amazon EC2 Overview and Networking Introduction for Telecom Companies 5: AWS Private Link vs VPC Endpoint - Stack Overflow

by Ozell at Aug 02, 2024, 07:18 AM

Limited Time Offer

25%

Off

Get Premium ANS-C01 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Taryn

1 months ago

Ah, the joys of AWS networking. Gotta love it! Okay, let's see... Add a route in the VPC table, make sure the DNS is set up right, and check that VPC endpoint policy. Easy peasy, right? Just don't forget to bring your problem-solving hat!

upvoted 0 times

...

Nieves

1 months ago

Haha, yeah, that public hosted zone option is like trying to sneak through the front door when you've got a secret tunnel out back. Not the way to go, my friend!

upvoted 0 times

...

2 months ago

Hmm, I think the key here is to ensure the PrivateLink endpoints have proper DNS support and the VPC endpoint policy is configured correctly. That should do the trick.

upvoted 0 times