A company is building its website on AWS in a single VPC. The VPC has public subnets and private subnets in two Availabi
Posted: Mon Mar 27, 2023 1:38 pm
A company is building its website on AWS in a single VPC. The VPC has public subnets and private subnets in two Availability Zones. The website has static content such as images. The company is using Amazon S3 to store the content.
The company has deployed a fleet of Amazon EC2 instances as web servers in a private subnet. The EC2 instances are in an Auto Scaling group behind an Application Load Balancer. The EC2 instances will serve traffic, and they must pull content from an S3 bucket to render the webpages. The company is using AWS Direct Connect with a public VIF for on-premises connectivity to the S3 bucket.
A network engineer notices that traffic between the EC2 instances and Amazon S3 is routing through a NAT gateway. As traffic increases, the company's costs are increasing. The network engineer needs to change the connectivity to reduce the NAT gateway costs that result from the traffic between the EC2 instances and Amazon S3.
Which solution will meet these requirements?
A. Create a Direct Connect private VIF. Migrate the traffic from the public VIF to the private VIF.
B. Create an AWS Site-to-Site VPN tunnel over the existing public VIF.
C. Implement interface VPC endpoints for Amazon S3. Update the VPC route table.
D. Implement gateway VPC endpoints for Amazon S3. Update the VPC route table.
The company has deployed a fleet of Amazon EC2 instances as web servers in a private subnet. The EC2 instances are in an Auto Scaling group behind an Application Load Balancer. The EC2 instances will serve traffic, and they must pull content from an S3 bucket to render the webpages. The company is using AWS Direct Connect with a public VIF for on-premises connectivity to the S3 bucket.
A network engineer notices that traffic between the EC2 instances and Amazon S3 is routing through a NAT gateway. As traffic increases, the company's costs are increasing. The network engineer needs to change the connectivity to reduce the NAT gateway costs that result from the traffic between the EC2 instances and Amazon S3.
Which solution will meet these requirements?
A. Create a Direct Connect private VIF. Migrate the traffic from the public VIF to the private VIF.
B. Create an AWS Site-to-Site VPN tunnel over the existing public VIF.
C. Implement interface VPC endpoints for Amazon S3. Update the VPC route table.
D. Implement gateway VPC endpoints for Amazon S3. Update the VPC route table.