Topic 1 Question 562
2 つ選択A solutions architect needs to ensure that API calls to Amazon DynamoDB from Amazon EC2 instances in a VPC do not travel across the internet.
Which combination of steps should the solutions architect take to meet this requirement?
Create a route table entry for the endpoint.
Create a gateway endpoint for DynamoDB.
Create an interface endpoint for Amazon EC2.
Create an elastic network interface for the endpoint in each of the subnets of the VPC.
Create a security group entry in the endpoint's security group to provide access.
ユーザの投票
コメント(17)
- 正解だと思う選択肢: AB👍 8ukivanlamlpi2023/08/10
- 正解だと思う選択肢: BE
The reasons are:
A gateway endpoint for DynamoDB enables private connectivity between DynamoDB and the VPC. This allows EC2 instances to access DynamoDB APIs without traversing the internet. A security group entry is needed to allow the EC2 instances access to the DynamoDB endpoint over the VPC. An interface endpoint is used for services like S3 and Systems Manager, not DynamoDB. Route table entries route traffic within a VPC but do not affect external connectivity. Elastic network interfaces are not needed for gateway endpoints.
👍 7Guru4Cloud2023/08/21 - 正解だと思う選択肢: AB
You can access Amazon DynamoDB from your VPC using gateway VPC endpoints. After you create the gateway endpoint, you can add it as a target in your route table for traffic destined from your VPC to DynamoDB.
👍 4avkya2023/08/12
シャッフルモード