Which solution will meet these requirements?

A company that runs applications on AWS recently subscribed to a new software-as-a-service (SaaS) data vendor.The vendor provides the data by way of aREST API that the vendor hosts in its AWS environment.The vendor offers multiple options for connectivity to the API and is working with the company to find the best way to connect.The company’s AWS account does not allow outbound internet access from its AWS environment.The vendor’s services run on AWS in the same Region as the company’s applications.A solutions architect must implement connectivity to the vendor’s API so that the API is highly available in the company’s VPC.

Which solution will meet these requirements?

Connect to the vendor’s public API address for the data service

Connect to the vendor by way of a VPC peering connection between the vendor’s VPC and the company’s VPC

Connect to the vendor by way of a VPC endpoint service that uses AWS PrivateLink

Connect to a public bastion host that the vendor provides. Tunnel the API traffic

Explanations:

The company’s AWS environment does not allow outbound internet access. Connecting to a public API address would require internet access, which is not allowed.

VPC peering allows connectivity between VPCs but is not suitable for connecting to a third-party SaaS provider’s API, especially if that provider does not offer peering as an option.

AWS PrivateLink provides a highly available and secure way to connect to the vendor’s API privately within the AWS network, without needing internet access.

Using a bastion host adds unnecessary complexity and does not provide high availability or optimal security for API access, especially in a production environment.

Learn & move to cloud

Which solution will meet these requirements?

Explanations:

Leave a Reply Cancel reply