Amazon Exam ANS-C01 Topic 5 Question 33 Discussion

Actual exam question for Amazon's ANS-C01 exam

Question #: 33
Topic #: 5

A company has a VPC in the AWS Cloud. The company recently acquired a competitor that also has a VPC in the AWS Cloud. A network engineer discovers an IP address overlap between the two VPCs. Both VPCs require access to an AWS Marketplace partner service.

Which solution will ensure interoperability among the VPC hosted services and the AWS Marketplace partner service?

AConfigure VPC peering with static routing between the VPCs. Configure an AWS Site-to-Site VPN connection with static routing to the partner service.

BConfigure a NAT gateway in the VPCs. Configure default routes in each VPC to point to the local NAT gateway. Attach each NAT gateway to a transit gateway. Configure an AWS Site-to-Site VPN connection with static routing to the partner service.

CConfigure AWS PrivateLink to facilitate connectivity between the VPCs and the partner service. Use the DNS name that is created with the associated interface endpoints to route traffic between the VPCs and the partner service.

DConfigure a NAT instance in the VPCs. Configure default routes in each VPC to point to the local NAT instance. Configure an interface endpoint in each VPC to connect to the partner service. Use the DNS name that is created with the associated interface endpoints to route traffic between the VPCs and the partner service.

Show Suggested Answer

Suggested Answer: B, C

To use AWS PrivateLink, you need to create interface type VPC endpoints for the services that you want to access privately from your VPC1. These endpoints appear as elastic network interfaces (ENIs) with private IPs in your subnets2. To enable DNS resolution for these endpoints, you need to set the enableDnsSupport attribute to True for your VPC, and enable DNS support for each endpoint3. You also need to ensure that the VPC endpoint policy allows communication between your VPC and the service4. You do not need to create any route table entries or Route 53 hosted zones for the endpoints, as they are not required for PrivateLink5.

AWS PrivateLink FAQs -- Amazon Web Services 2: AWS PrivateLink and service endpoint - Amazon EC2 Overview and Networking Introduction for Telecom Companies 3: VPC Endpoints: Secure and Direct Access to AWS Services 4: AWS PrivateLink and service endpoint - Amazon EC2 Overview and Networking Introduction for Telecom Companies 5: AWS Private Link vs VPC Endpoint - Stack Overflow

by Ozell at Aug 02, 2024, 07:18 AM

Limited Time Offer

25%

23 days ago

I think the best solution is to configure VPC peering with static routing between the VPCs.

upvoted 0 times

...