An company is using an Amazon S3 VPC endpoint. When the security group rules for a collection of instances were originally defined, access was limited to the IP addresses of the published JSON file's Amazon S3 API endpoints in the area. The program was functioning well until recently, when it began reporting an increasing number of timeouts while connecting to Amazon S3. The VPC does not have an internet gateway setup.
Which method requires the LEAST amount of work to resolve connection failures?
A. Create a Lambda function to update the security group based on AmazonIPSpaceChanged notifications.
B. Update the VPC routing to direct Amazon S3 prefix-list traffic to the VPC endpoint using the route table APIs.
C. Update the application server's outbound security group to use the prefix-list for Amazon S3 in the same region.
D. Create an additional VPC endpoint for Amazon S3 in the same route table to scale the concurrent connections to Amazon S3.
An company is using an Amazon S3 VPC endpoint. When the security group rules for a collection of instances were original
-
answerhappygod
- Site Admin
- Posts: 899604
- Joined: Mon Aug 02, 2021 8:13 am
An company is using an Amazon S3 VPC endpoint. When the security group rules for a collection of instances were original
Join a community of subject matter experts. Register for FREE to view solutions, replies, and use search function. Request answer by replying!