Topic 1 Question 4
An application runs on an Amazon EC2 instance in a VPC. The application processes logs that are stored in an Amazon S3 bucket. The EC2 instance needs to access the S3 bucket without connectivity to the internet. Which solution will provide private network connectivity to Amazon S3?
Create a gateway VPC endpoint to the S3 bucket.
Stream the logs to Amazon CloudWatch Logs. Export the logs to the S3 bucket.
Create an instance profile on Amazon EC2 to allow S3 access.
Create an Amazon API Gateway API with a private link to access the S3 endpoint.
ユーザの投票
コメント(17)
- 正解だと思う選択肢: A
VPC endpoint allows you to connect to AWS services using a private network instead of using the public Internet
👍 22D2w2022/10/10 - 正解だと思う選択肢: A
Keywords:
- EC2 in VPC
- EC2 instance needs to access the S3 bucket without connectivity to the internet
A: Correct - Gateway VPC endpoint can connect to S3 bucket privately without additional cost B: Incorrect - You can set up interface VPC endpoint for CloudWatch Logs for private network from EC2 to CloudWatch. But from CloudWatch to S3 bucket: Log data can take up to 12 hours to become available for export and the requirement only need EC2 to S3 C: Incorrect - Create an instance profile just grant access but not help EC2 connect to S3 privately D: Incorrect - API Gateway like the proxy which receive network from out site and it forward request to AWS Lambda, Amazon EC2, Elastic Load Balancing products such as Application Load Balancers or Classic Load Balancers, Amazon DynamoDB, Amazon Kinesis, or any publicly available HTTPS-based endpoint. But not S3
👍 9PhucVuu2023/04/03 - 正解だと思う選択肢: A
A gateway VPC endpoint is a connection between your VPC and an AWS service that enables private connectivity to the service. A gateway VPC endpoint for S3 allows the EC2 instance to access the S3 bucket without requiring internet connectivity.
👍 3SilentMilli2023/01/06
シャッフルモード