ExamTopics Logo
Mail Us[email protected]
Menu
Amazon Discussions
exam questions

Exam AWS Certified Advanced Networking - Specialty ANS-C01 All Questions

View all questions & answers for the AWS Certified Advanced Networking - Specialty ANS-C01 exam
Go to Exam

Exam AWS Certified Advanced Networking - Specialty ANS-C01 topic 1 question 54 discussion

Exam question from Amazon's AWS Certified Advanced Networking - Specialty ANS-C01
Question #: 54
Topic #: 1
[All AWS Certified Advanced Networking - Specialty ANS-C01 Questions]

A company plans to deploy a two-tier web application to a new VPC in a single AWS Region. The company has configured the VPC with an internet gateway and four subnets. Two of the subnets are public and have default routes that point to the internet gateway. Two of the subnets are private and share a route table that does not have a default route.
The application will run on a set of Amazon EC2 instances that will be deployed behind an external Application Load Balancer. The EC2 instances must not be directly accessible from the internet. The application will use an Amazon S3 bucket in the same Region to store data. The application will invoke S3 GET API operations and S3 PUT API operations from the EC2 instances. A network engineer must design a VPC architecture that minimizes data transfer cost.
Which solution will meet these requirements?

  • A. Deploy the EC2 instances in the public subnets. Create an S3 interface endpoint in the VPC. Modify the application configuration to use the S3 endpoint-specific DNS hostname.
  • B. Deploy the EC2 instances in the private subnets. Create a NAT gateway in the VPC. Create default routes in the private subnets to the NAT gateway. Connect to Amazon S3 by using the NAT gateway.
  • C. Deploy the EC2 instances in the private subnets. Create an S3 gateway endpoint in the VPSpecify die route table of the private subnets during endpoint creation to create routes to Amazon S3.
  • D. Deploy the EC2 instances in the private subnets. Create an S3 interface endpoint in the VPC. Modify the application configuration to use the S3 endpoint-specific DNS hostname.
Show Suggested Answer Hide Answer
Suggested Answer: C 🗳️
by zaazanuna at March 19, 2023, 4:43 p.m.
Disclaimers:
  • - ExamTopics website is not related to, affiliated with, endorsed or authorized by Amazon.
  • - Trademarks, certification & product names are used for reference only and belong to Amazon.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
attal
Highly Voted 1 year, 8 months ago
Selected Answer: C
C is correct. Recurring questions about gateway VPC endpoints (https://repost.aws/knowledge-center/vpc-reduce-nat-gateway-transfer-costs)
upvoted 11 times
ShinLi
1 year, 2 months ago
Cost: Gateway endpoints for S3 are offered at no cost and the routes are managed through route tables. Interface endpoints are priced at $0.01/per AZ/per hour. Cost depends on the Region, check current pricing. Data transferred through the interface endpoint is charged at $0.01/per GB (depending on Region).
upvoted 1 times
...
...
zaazanuna
Highly Voted 1 year, 9 months ago
C - correct. Option C is the optimal solution as it involves deploying the EC2 instances in the private subnets, which provides additional security benefits. Additionally, creating an S3 gateway endpoint in the VPC will enable the EC2 instances to communicate with Amazon S3 directly, without incurring data transfer costs. This is because the S3 gateway endpoint uses Amazon's private network to transfer data between the VPC and S3, which is not charged for data transfer. Furthermore, specifying the route table of the private subnets during endpoint creation will create routes to Amazon S3, which is required for the EC2 instances to communicate with S3.
upvoted 6 times
...
woorkim
Most Recent 2 months, 2 weeks ago
its c!
upvoted 1 times
...
Raphaello
9 months ago
Selected Answer: C
C is the correct answer. EC2 in private subnet, accessing S3 via gateway endpoint that has no additional cost.
upvoted 2 times
...
jinu
10 months ago
if go for D. Reason being that you need your EC2 instances to remain in a private subnet and based on https://docs.aws.amazon.com/AmazonS3/latest/userguide/privatelink-interface-endpoints.html, the feature for interface endpoint is that it Uses private IP addresses from your VPC to access Amazon S3
upvoted 1 times
...
Marfee400704
11 months ago
I think that it's correct answer is C according to SPOTO products.
upvoted 1 times
...
marfee
11 months, 1 week ago
I think that it's correcty answer is C.
upvoted 1 times
...
Arad
1 year, 2 months ago
Selected Answer: C
C is the right answer.
upvoted 1 times
...
Manh
1 year, 5 months ago
Selected Answer: B
The solution that minimizes data transfer cost is to deploy the EC2 instances in the private subnets and create an S3 interface endpoint in the VPC. The S3 interface endpoint will allow the EC2 instances to access Amazon S3 without having to go through the internet gateway, which will minimize data transfer cost. The application configuration will need to be modified to use the S3 endpoint-specific DNS hostname.
upvoted 1 times
...
takecoffe
1 year, 7 months ago
Selected Answer: C
C is the correct. s3 gateway endpoint
upvoted 1 times
...
tcp22
1 year, 8 months ago
C for sure
upvoted 3 times
...
rhinozD
1 year, 8 months ago
Selected Answer: A
C - no doubt.
upvoted 3 times
...
study_aws1
1 year, 9 months ago
C - Correct
upvoted 5 times
...
helloworldabc
1 year, 9 months ago
CCCCCCCCCCCCCCC
upvoted 4 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago