Topic 1 Question 348
A company is developing a serverless application by using AWS Lambda functions. One of the Lambda functions needs to access an Amazon RDS DB instance. The DB instance is in a private subnet inside a VPC.
The company creates a role that includes the necessary permissions to access the DB instance. The company then assigns the role to the Lambda function. A developer must take additional action to give the Lambda function access to the DB instance.
What should the developer do to meet these requirements?
Assign a public IP address to the DB instance. Modify the security group of the DB instance to allow inbound traffic from the IP address of the Lambda function.
Set up an AWS Direct Connect connection between the Lambda function and the DB instance.
Configure an Amazon CloudFront distribution to create a secure connection between the Lambda function and the DB instance.
Configure the Lambda function to connect to the private subnets in the VPC. Add security group rules to allow traffic to the DB instance from the Lambda function.
ユーザの投票
コメント(2)
- 正解だと思う選択肢: D
D is the correct answer.
👍 565703c12024/05/24 - 正解だと思う選択肢: D
If your Lambda wants to access resources available only within the VPC, you must attach the Lambda to that VPC (or to some other VPC peered with it).
As soon as you attach your Lambda to a VPC subnet, AWS Lambda will create an ENI inside the subnet, and that ENI will be assigned with a private IP address from the IP address range of that subnet. Thereafter through that ENI, your Lambda can access anything available within that VPC (or in its peered VPCs).
👍 1preachr2024/10/03
シャッフルモード