ExamTopics Logo
Mail Us[email protected]
Menu
Amazon Discussions
exam questions

Exam AWS Certified Solutions Architect - Associate SAA-C02 All Questions

View all questions & answers for the AWS Certified Solutions Architect - Associate SAA-C02 exam
Go to Exam

Exam AWS Certified Solutions Architect - Associate SAA-C02 topic 1 question 117 discussion

Exam question from Amazon's AWS Certified Solutions Architect - Associate SAA-C02
Question #: 117
Topic #: 1
[All AWS Certified Solutions Architect - Associate SAA-C02 Questions]

A company's application hosted on Amazon EC2 instances needs to access an Amazon S3 bucket. Due to data sensitivity, traffic cannot traverse the internet.
How should a solutions architect configure access?

  • A. Create a private hosted zone using Amazon Route 53.
  • B. Configure a VPC gateway endpoint for Amazon S3 in the VPC.
  • C. Configure AWS PrivateLink between the EC2 instance and the S3 bucket.
  • D. Set up a site-to-site VPN connection between the VPC and the S3 bucket.
Show Suggested Answer Hide Answer
Suggested Answer: B 🗳️
by Nilesh_NSW at March 11, 2021, 7:53 p.m.
Disclaimers:
  • - ExamTopics website is not related to, affiliated with, endorsed or authorized by Amazon.
  • - Trademarks, certification & product names are used for reference only and belong to Amazon.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Ekay
Highly Voted 3 years, 8 months ago
B is the correct answer. AWS S3 and DynamoDB are are the only AWS services which use VPC gateway endpoints.
upvoted 34 times
...
goooood
Highly Voted 3 years, 7 months ago
B it's on my exam today
upvoted 11 times
...
naveenagurjara
Most Recent 2 years, 11 months ago
Selected Answer: B
You cannot directly use or access PrivateLink. You have to you use VPC endpoint that uses PrivateLink. Damn AWS should not have mentioned about pvt link ever at all...
upvoted 4 times
ChiefArch
2 years, 9 months ago
Agree, just makes things confusing
upvoted 1 times
...
...
reve666
3 years ago
Selected Answer: B
B is the correct answer.
upvoted 2 times
...
done7
3 years, 3 months ago
Selected Answer: B
B is the correct answer. AWS S3 and DynamoDB are are the only AWS services which use VPC gateway endpoints.
upvoted 3 times
...
SanjeevPuri
3 years, 3 months ago
To remove the confusion between B and C , read the wording of the question, it asks what we need to do for EC2 instances ( in VPC ). Answer is B.
upvoted 2 times
...
envest
3 years, 4 months ago
https://aws.amazon.com/premiumsupport/knowledge-center/ec2-instance-access-s3-bucket/#:~:text=Private%20EC2%20instance%20with%20connectivity%20to%20Amazon%20S3%20using%20a%20Gateway%20VPC%20endpoint.
upvoted 1 times
...
FF11
3 years, 5 months ago
Selected Answer: C
C is correct.
upvoted 1 times
...
Neel1781
3 years, 6 months ago
I think C is the safer answer, privatelink will give a private connection to S3 https://aws.amazon.com/blogs/aws/aws-privatelink-for-amazon-s3-now-available/
upvoted 1 times
...
agnd1
3 years, 7 months ago
PrivateLink = the technology GW Endpoint = the entry point https://docs.aws.amazon.com/vpc/latest/privatelink/endpoint-services-overview.html
upvoted 3 times
...
tony__
3 years, 7 months ago
B - VPC Gateway is correct. PrivateLink is meant to expose services within VPC
upvoted 5 times
...
vutana
3 years, 7 months ago
It's B. C also seems correct because a Gateway VPC endpoint is a indeed a part of AWS PrivateLink, as you can see in the path of this url: https://docs.aws.amazon.com/vpc/latest/privatelink/vpce-gateway.html However, a Gateway VPC endpoint is created in the VPC, it is not attached to an EC2 instance. So it can't be C.
upvoted 3 times
...
woke
3 years, 7 months ago
B. Configure a VPC gateway endpoint for Amazon S3 in the VPC.
upvoted 3 times
...
nickname20212021
3 years, 7 months ago
Passed the exam on 26th June, this question was on my test.
upvoted 3 times
...
EricGuo
3 years, 7 months ago
B the gateway endpoint is for this. https://docs.aws.amazon.com/vpc/latest/privatelink/vpce-gateway.html
upvoted 3 times
...
Ravinder2021
3 years, 7 months ago
Hello all, Please check this link. It mentions that the scenario mentioned in the question is achieved by both however, to use VPC Gateway we still need a PrivateLink. So answer C seems to be more close. https://docs.aws.amazon.com/vpc/latest/userguide/endpoint-services-overview.html
upvoted 1 times
...
Ash_c02
3 years, 7 months ago
Guys, why can this not be C? Isnt C more proper in that its saying configure the connection whereas B is only saying, build a gateway endpoint, in order to complete this connection you would need to associate this endpoint with a route table entry.
upvoted 1 times
...
Load full discussion...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel