A company requires that all access from on-premises applications to AWS services go over its AWS Direct Connect connection rather than the public internet.
How would a SysOps Administrator implement this requirement?
Implement an IAM policy that uses the aws:sourceConnection condition to allow access from the AWS Direct Connect connection ID only
Set up a public virtual interface on the AWS Direct Connect connection
Configure AWS Shield to protect the AWS Management Console from being accessed by IP addresses other than those within the data center ranges
Update all the VPC network ACLs to allow access from the data center IP ranges