exam questions

Exam AWS Certified Solutions Architect - Associate SAA-C03 All Questions

View all questions & answers for the AWS Certified Solutions Architect - Associate SAA-C03 exam

Exam AWS Certified Solutions Architect - Associate SAA-C03 topic 1 question 810 discussion

A company collects and processes data from a vendor. The vendor stores its data in an Amazon RDS for MySQL database in the vendor's own AWS account. The company’s VPC does not have an internet gateway, an AWS Direct Connect connection, or an AWS Site-to-Site VPN connection. The company needs to access the data that is in the vendor database.

Which solution will meet this requirement?

  • A. Instruct the vendor to sign up for the AWS Hosted Connection Direct Connect Program. Use VPC peering to connect the company's VPC and the vendor's VPC.
  • B. Configure a client VPN connection between the company's VPC and the vendor's VPC. Use VPC peering to connect the company's VPC and the vendor's VPC.
  • C. Instruct the vendor to create a Network Load Balancer (NLB). Place the NLB in front of the Amazon RDS for MySQL database. Use AWS PrivateLink to integrate the company's VPC and the vendor's VPC.
  • D. Use AWS Transit Gateway to integrate the company's VPC and the vendor's VPC. Use VPC peering to connect the company’s VPC and the vendor's VPC.
Show Suggested Answer Hide Answer
Suggested Answer: C 🗳️

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Ucy
Highly Voted 8 months ago
Pour yourself a cold beer, when you get to this question, its been a very long run
upvoted 14 times
...
LeonSauveterre
Most Recent 3 months ago
Selected Answer: C
PrivateLink: AWS PrivateLink enables secure and private access to resources (like RDS) across accounts and VPCs using interface endpoints. It avoids exposing the database to the internet. NLB: A Network Load Balancer acts as the integration point for PrivateLink. The vendor's NLB will route traffic to the RDS database. VPC Without Internet Gateway: PrivateLink works even if the company's VPC does not have an internet gateway because communication occurs over private AWS infrastructure. Option A, B, and D all mention VPC Peering, but it doesn't enable direct access to RDS without additional routing or security configurations.
upvoted 3 times
...
Scheldon
9 months, 3 weeks ago
Selected Answer: C
AnswerC AWS PrivateLink enables you to connect to some AWS services, services hosted by other AWS accounts (referred to as endpoint services), and supported AWS Marketplace partner services, via private IP addresses in your VPC. The interface endpoints are created directly inside of your VPC, using elastic network interfaces and IP addresses in your VPC’s subnets. That means that VPC Security Groups can be used to manage access to the endpoints. https://docs.aws.amazon.com/whitepapers/latest/aws-vpc-connectivity-options/aws-privatelink.html
upvoted 2 times
...
Nm55569
10 months ago
Selected Answer: C
https://aws.amazon.com/blogs/database/access-amazon-rds-across-vpcs-using-aws-privatelink-and-network-load-balancer/
upvoted 2 times
...
TwinSpark
10 months, 2 weeks ago
I think i go for C, because if you exclude Dirct connect, VPN and GW so only C is available. but create an NLB zo do not want provision a transit GW sounds weird to me
upvoted 1 times
...
sandordini
11 months, 1 week ago
Selected Answer: C
Private link: Does not require VPC linking: NO Internet Gateway, NO NAT GAteway, No Route table Needs NLB on Service VPC, and ENI on the Customer VPC
upvoted 4 times
...
rondelldell
1 year ago
D You can peer both intra-Region and inter-Region transit gateways, and route traffic between them, which includes IPv4 and IPv6 traffic. To do this, create a peering attachment on your transit gateway, and specify a transit gateway. The peer transit gateway can be in your account or a different AWS account. After you create a peering attachment request, the owner of the peer transit gateway (also referred to as the accepter transit gateway) must accept the request. To route traffic between the transit gateways, add a static route to the transit gateway route table that points to the transit gateway peering attachment. https://docs.aws.amazon.com/vpc/latest/tgw/tgw-peering.html
upvoted 2 times
...
xBUGx
1 year ago
D does not involve internet. But TGW is unnecessary. A is more simple and clear.
upvoted 1 times
...
Sivaeas
1 year ago
Selected Answer: C
AWS PrivateLink: AWS PrivateLink enables you to privately access services hosted on AWS in a highly available and scalable manner. With PrivateLink, you can access the vendor's RDS for MySQL instance securely without exposing it to the public internet. The vendor can create a VPC endpoint for RDS within their own VPC, which acts as an entry point for accessing the RDS instance. This endpoint can then be shared with the company. The company can create a VPC endpoint service in their VPC and accept the endpoint connection request from the vendor. This allows the company's resources to communicate with the RDS instance securely through PrivateLink.
upvoted 3 times
...
lenotc
1 year ago
Selected Answer: C
C is correct: https://aws.amazon.com/blogs/networking-and-content-delivery/how-to-securely-publish-internet-applications-at-scale-using-application-load-balancer-and-aws-privatelink/
upvoted 1 times
...
1dd
1 year ago
Selected Answer: C
Plz commit the previous comment, A involve- Direct connect B involve - peering required same region D involve - uses internet gateway
upvoted 3 times
...
1dd
1 year ago
Selected Answer: A
No internet gateway XD No Direct connect XC No Peering XB
upvoted 1 times
...
asdfcdsxdfc
1 year ago
Shouldn't it be D?
upvoted 3 times
Sergantus
4 months, 2 weeks ago
VPC peering merges two VPCs and exposes all the services across both VPCs, which is more than less desirable
upvoted 1 times
...
rondelldell
1 year ago
YES D transit gateway is like router - u can connect VPCs AND OnPrem. VPCs can be in anuther account or region or org
upvoted 1 times
...
1dd
1 year ago
I think it required use of internet gateway .
upvoted 1 times
Jacky_S
9 months ago
No, it did not https://docs.aws.amazon.com/vpc/latest/tgw/tgw-transit-gateways.html
upvoted 1 times
...
...
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
Loading ...
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago