ExamTopics Logo
Mail Us[email protected]
Menu
Amazon Discussions
exam questions

Exam AWS Certified Advanced Networking - Specialty ANS-C01 All Questions

View all questions & answers for the AWS Certified Advanced Networking - Specialty ANS-C01 exam
Go to Exam

Exam AWS Certified Advanced Networking - Specialty ANS-C01 topic 1 question 223 discussion

Exam question from Amazon's AWS Certified Advanced Networking - Specialty ANS-C01
Question #: 223
Topic #: 1
[All AWS Certified Advanced Networking - Specialty ANS-C01 Questions]

A company is developing an API-based application on AWS for its process workflow requirements. The API will be invoked by clients in the company’s on-premises data centers. The company has set up an AWS Direct Connect connection between on premises and AWS. A network engineer decides to implement the API as a private REST API in Amazon API Gateway. The network engineer wants to ensure that clients can reach the API endpoint through private communication.

Which solution can the network engineer use to invoke the API without any additional infrastructure setup?

  • A. Create an interface VPC endpoint for API Gateway with private DNS names enabled. Access the API by using the private DNS name of the endpoint.
  • B. Create an interface VPC endpoint for API Gateway with private DNS names enabled. Access the API by using an Amazon Route 53 alias of the endpoint.
  • C. Create an interface VPC endpoint for API Gateway. Associate the endpoint with the private REST API, Access the API by using an Amazon Route 53 alias of the endpoint.
  • D. Create an interface VPC endpoint for API Gateway with private DNS names enabled. Access the API by using the public DNS name of the endpoint.
Show Suggested Answer Hide Answer
Suggested Answer: D 🗳️
by 304faa7 at Nov. 19, 2024, 3:11 a.m.
Disclaimers:
  • - ExamTopics website is not related to, affiliated with, endorsed or authorized by Amazon.
  • - Trademarks, certification & product names are used for reference only and belong to Amazon.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
304faa7
Highly Voted 5 months ago
Selected Answer: D
D is the correct answer here as we don't want to setup additional infra(inbound endpoints) here as asked in the question. Only through inbound endpoints we will be able to use private DNS. Below is from AWS documentation : its a tricky question. Invoke a private API using AWS Direct Connect You can use AWS Direct Connect to establish a dedicated private connection from an on-premises network to Amazon VPC and access your private API endpoint over that connection by using public DNS names. You can also use private DNS names to access your private API from an on-premises network by setting up an Amazon Route 53 Resolver inbound endpoint and forwarding it all DNS queries of the private DNS from your remote network. For more information, see Forwarding inbound DNS queries to your VPCs in the Amazon Route 53 Developer Guide
upvoted 5 times
...
8be7437
Most Recent 1 week, 3 days ago
Selected Answer: D
mmmmmm but. is creating an alias "creating additional infrastructure setup?" I guess it is ok to let C out because there is no mentioning of R53, unless it is implicit with "through private communitation". This are very bad questions
upvoted 1 times
...
dspd
2 months, 3 weeks ago
Selected Answer: C
Answer C D - This option is incorrect because it suggests using the public DNS name of the endpoint, which contradicts the requirement for private communication. Additionally, like options A and B, it doesn't mention the necessary step of associating the endpoint with the private REST API.
upvoted 1 times
...
chrootxxx
4 months, 1 week ago
Selected Answer: D
https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-private-api-test-invoke-url.html Invoke a private API using AWS Direct Connect You can use AWS Direct Connect to establish a dedicated private connection from an on-premises network to Amazon VPC and access your private API endpoint over that connection by using public DNS names.
upvoted 1 times
...
304faa7
5 months, 1 week ago
D is the correct answer here as we don't want to setup additional infra(inbound endpoints) here as asked in the question. Only through inbound endpoints we will be able to use private DNS. Below is from AWS documentation : its a tricky question. Invoke a private API using AWS Direct Connect You can use AWS Direct Connect to establish a dedicated private connection from an on-premises network to Amazon VPC and access your private API endpoint over that connection by using public DNS names. You can also use private DNS names to access your private API from an on-premises network by setting up an Amazon Route 53 Resolver inbound endpoint and forwarding it all DNS queries of the private DNS from your remote network. For more information, see Forwarding inbound DNS queries to your VPCs in the Amazon Route 53 Developer Guide.
upvoted 3 times
...
Nel07
5 months, 1 week ago
Selected Answer: A
option A
upvoted 1 times
...
ArunRav
5 months, 1 week ago
Selected Answer: A
Using option A, engineer can invoke API end point connectivity using private communication and can avoid additional route 53 setup needed
upvoted 1 times
...
304faa7
5 months, 1 week ago
D is the correct answer ; https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-private-api-test-invoke-url.html#w78aac15c20c17c15c17
upvoted 2 times
ArunRav
5 months, 1 week ago
https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-private-api-test-invoke-url.html#w78aac15c20c17c15c15
upvoted 1 times
...
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago