Which combination of steps should a solutions architect take to meet these requirements?

By:
In: SAA-C02
Tagged:
With: 1 Comment
A company hosts an application on AWS.The application uses AWS Lambda functions and stores data in Amazon DynamoDB tables.The Lambda functions are connected to a VPC that does not have internet access.The traffic to access DynamoDB must not travel across the internet.The application must have write access to only specific DynamoDB tables.

Which combination of steps should a solutions architect take to meet these requirements?

(Choose two.)

Attach a VPC endpoint policy for DynamoDB to allow write access to only the specific DynamoDB tables.

Attach a security group to the interface VPC endpoint to allow write access to only the specific DynamoDB tables.

Create a resource-based IAM policy to grant write access to only the specific DynamoDB tables. Attach the policy to the DynamoDB tables.

Create a gateway VPC endpoint for DynamoDB that is associated with the Lambda VPC. Ensure that the Lambda execution role can access the gateway VPC endpoint.

Create an interface VPC endpoint for DynamoDB that is associated with the Lambda VPC. Ensure that the Lambda execution role can access the interface VPC endpoint.

2025-10-02

1 Comment

  1. Billy
    Author

    I plot that the answer is:
    Attach a VPC endpoint policy for DynamoDB to allow write access to only the specific DynamoDB tables.

Leave a Reply

Your email address will not be published. Required fields are marked *

five × one =