Topic 1 Question 184
A company has an AWS account used for software engineering. The AWS account has access to the company’s on-premises data center through a pair of AWS Direct Connect connections. All non-VPC traffic routes to the virtual private gateway.
A development team recently created an AWS Lambda function through the console. The development team needs to allow the function to access a database that runs in a private subnet in the company’s data center.
Which solution will meet these requirements?
Configure the Lambda function to run in the VPC with the appropriate security group.
Set up a VPN connection from AWS to the data center. Route the traffic from the Lambda function through the VPN.
Update the route tables in the VPC to allow the Lambda function to access the on-premises data center through Direct Connect.
Create an Elastic IP address. Configure the Lambda function to send traffic through the Elastic IP address without an elastic network interface.
ユーザの投票
コメント(17)
- 正解だと思う選択肢: A
To configure a VPC for an existing function:
- Open the Functions page of the Lambda console.
- Choose a function.
- Choose Configuration and then choose VPC.
- Under VPC, choose Edit.
- Choose a VPC, subnets, and security groups. <-- That's why I believe the answer is A.
Note: If your function needs internet access, use network address translation (NAT). Connecting a function to a public subnet doesn't give it internet access or a public IP address.
👍 8Gil802022/12/01 - 正解だと思う選択肢: A
it is A. C is not correct at all as in the question it metions that the VPC already has connectivity with on-premises
👍 8javitech832022/12/07 A = Answer.
Note that " All non-VPC traffic routes to the virtual gateway" meaning if traffic not meant for the VPC, it routes to on-prem (C answer invalid). For the Lambda function to access the on-prem database you have to configure the Lambda function in the VPC and use appropriate SG outbound.
Phew! did some research on this, was a bit confused with C.
👍 5Mindvision2023/01/02
シャッフルモード