Which solution will meet these requirements?

By:
On:
In: SAA-C02
Tagged:
With: 0 Comments
A company is expanding a secure, on-premises network to AWS. The on-premises network has no direct internet access. The company is setting up am AWSDirect Connect connection between the on-premises network and AWS. An application that runs in the on-premises network needs to use the AWS software development kits (SDKs).A solutions architect must design a solution that supports this connectivity. However, the solution cannot incur additional cost beyond the cost of the DirectConnect connection.

Which solution will meet these requirements?

Create a public virtual interface (VIF). Route the AWS traffic over the public VIF.

Create a VPC and a NAT gateway. Route the AWS traffic from on premises to the NAT gateway.

Create a VPC and an Amazon S3 interface endpoint. Route the AWS traffic from on premises to the S3 interface endpoint.

Create a VPC peering connection between the on-premises network and Direct Connect. Route the AWS traffic over the peering connection.

Explanations:

A public virtual interface (VIF) allows direct routing of AWS traffic over the Direct Connect connection without additional costs. This meets the requirements of using the AWS SDKs securely without incurring extra charges.

Using a NAT gateway would incur additional costs, as NAT gateways are billed separately. This does not meet the cost constraint specified in the requirements.

Although an S3 interface endpoint could allow access to S3, it would incur additional costs for data processed through the endpoint. It also only covers S3 access, not other AWS SDK services.

VPC peering is only possible between two VPCs and does not apply to an on-premises network connection. This option is not applicable for routing on-premises traffic over Direct Connect.

Leave a Reply

Your email address will not be published. Required fields are marked *

18 − three =