A SaaS company is launching a new product based in a cloud environment. The new product will be provided as an API and should not be exposed to the internet. Which of the following should the company create to best meet this requirement?
A.
A transit gateway that connects the API to the customer's VPC
B.
Firewall rules allowing access to the API endpoint from the customer's VPC
C.
A VPC peering connection from the API VPC to the customer's VPC
D.
A private service endpoint exposing the API endpoint to the customer's VPC
Answer: D. A private service endpoint exposing the API endpoint to the customer's VPC
A private service endpoint allows the customer to access the SaaS provider’s API without ever traversing the public internet. In AWS, this is typically implemented with VPC PrivateLink, and other cloud providers have equivalent offerings. By using a private endpoint, only the customer’s VPC can route to the API, ensuring it is not exposed publicly.
upvoted 1 times
...
This section is not available anymore. Please use the main Exam Page.CNX-001 Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
SuntzuLegacy
1 month, 1 week ago