New Year Sale 2026! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Amazon ANS-C01 Exam - Topic 3 Question 50 Discussion

Actual exam question for Amazon's ANS-C01 exam
Question #: 50
Topic #: 3
[All ANS-C01 Questions]

A company has workloads that run in a VPC. The workloads access Amazon S3 by using an S3 gateway endpoint. The company also has on-premises workloads that need to access Amazon

S3 privately over a VPN connection. The company has established the VPN connection to the VPC.

Which solution will provide connectivity to Amazon S3 from the VPC workloads and the on-premises workloads in the MOST operationally efficient way?

Show Suggested Answer Hide Answer
Suggested Answer: C

The correct solution is to use an S3 interface endpoint and an on-premises DNS resolver. An S3 interface endpoint allows you to access Amazon S3 using private IP addresses within your VPC. An on-premises DNS resolver can be configured to forward the DNS queries for the S3 domain names to the S3 interface endpoint, so that the on-premises workloads can access Amazon S3 privately over the VPN connection. This solution is operationally efficient, as it does not require any additional infrastructure or changes to the existing workloads. The VPC workloads can continue to use the S3 gateway endpoint, which provides lower latency and higher throughput than the S3 interface endpoint.


by Nobuko at Apr 30, 2025, 02:07 PM

Limited Time Offer

25%

Off

Get Premium ANS-C01 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Garry
2 months ago
C keeps it simple while still addressing both workloads.
upvoted 0 times
...
Marguerita
2 months ago
Surprised that A is even an option, seems overly complicated!
upvoted 0 times
...
Louisa
2 months ago
Option C seems like the best choice for efficiency.
upvoted 0 times
...
Lorrie
3 months ago
B would require too many changes, not ideal.
upvoted 0 times
...
Shawnta
3 months ago
I disagree, I think D is more straightforward.
upvoted 0 times
...
Craig
3 months ago
I’m leaning towards option D since it mentions Direct Connect, which seems like a solid solution for on-premises access, but I’m not entirely sure about the public VIF part.
upvoted 0 times
...
Ronnie
3 months ago
I practiced a similar question where we had to decide between gateway and interface endpoints. I feel like option A might be overcomplicating things with the proxy fleet.
upvoted 0 times
...
Kenny
4 months ago
I think option C sounds familiar because it mentions using a DNS resolver, but I’m a bit confused about how that would work with the gateway endpoint for VPC workloads.
upvoted 0 times
...
Dustin
4 months ago
I remember studying about VPC endpoints and how they can help with private connectivity to S3, but I'm not sure if the interface endpoint is the best choice here.
upvoted 0 times
...
Emiko
4 months ago
I'm leaning towards Option C. Using the S3 interface endpoint for the on-premises workloads and keeping the S3 gateway endpoint for the VPC workloads seems like a good balance.
upvoted 0 times
...
Carry
4 months ago
Option B seems promising, but I'm not sure if deleting the existing S3 gateway endpoint is the best approach. I'll need to weigh the pros and cons of each option.
upvoted 0 times
...
Mira
4 months ago
Okay, I think I've got a strategy here. The key is to find the most operationally efficient solution that provides connectivity for both the VPC and on-premises workloads.
upvoted 0 times
...
Tora
5 months ago
Hmm, I'm a bit confused by the different endpoint types and how they interact with the on-premises workloads. I'll need to review the details more closely.
upvoted 0 times
...
Pura
5 months ago
This looks like a tricky question. I'll need to carefully consider the different options and their implications.
upvoted 0 times
...
Lucia
9 months ago
I think option C could be a good alternative, using the S3 interface endpoint.
upvoted 0 times
...
Alfreda
9 months ago
Ah, the age-old debate of gateway vs. interface endpoints. Option B is like trying to fix a leaky faucet with duct tape. Option C is the plumber's solution - clean and effective.
upvoted 0 times
Helaine
8 months ago
Definitely, using the S3 interface endpoint with on-premises DNS resolver is the way to go.
upvoted 0 times
...
Marsha
8 months ago
I agree, Option C with the S3 interface endpoint seems like the best approach.
upvoted 0 times
...
Miriam
8 months ago
Option B seems like a temporary fix, not a long-term solution.
upvoted 0 times
...
...
Glory
9 months ago
Proxy servers? Load balancers? What is this, the 90s? Option C is the way to go, my dudes. Keep it simple, keep it secure.
upvoted 0 times
...
Florencia
9 months ago
Wait, we're using AWS Direct Connect now? That's a bit overkill, don't you think? I'd go with option C - the S3 interface endpoint setup seems like the most efficient solution.
upvoted 0 times
Elena
8 months ago
Yeah, the S3 interface endpoint setup in option C sounds like the best choice for efficiency.
upvoted 0 times
...
Isreal
8 months ago
I agree, setting up AWS Direct Connect seems like too much for this scenario.
upvoted 0 times
...
...
Janessa
9 months ago
Ah, the classic proxy server approach. Option A could work, but I feel like the overhead of the proxy fleet might be overkill here. Option C is more streamlined in my opinion.
upvoted 0 times
Lemuel
8 months ago
Let's go with Option C then, it seems like the best choice for our setup.
upvoted 0 times
...
Kati
8 months ago
Option C does seem like a cleaner approach to handle the connectivity.
upvoted 0 times
...
Suzi
9 months ago
Yeah, I think Option C is a simpler and more efficient solution.
upvoted 0 times
...
Dong
9 months ago
I agree, Option A seems like it might be a bit too much to manage.
upvoted 0 times
...
...
Danilo
9 months ago
I like the simplicity of option C. Using the S3 interface endpoint for on-premises and the existing S3 gateway for the VPC workloads is a clean and straightforward approach.
upvoted 0 times
Alita
8 months ago
Definitely, using the S3 interface endpoint for on-premises and the S3 gateway for VPC workloads is a smart solution.
upvoted 0 times
...
Arminda
8 months ago
I agree, it keeps things simple and efficient.
upvoted 0 times
...
Hillary
9 months ago
Option C seems like the best choice for this scenario.
upvoted 0 times
...
...
Santos
9 months ago
But option A uses the S3 gateway endpoint, which is already in place.
upvoted 0 times
...
Luisa
10 months ago
I disagree, I believe option B is more efficient.
upvoted 0 times
...
Jarvis
10 months ago
The proxy fleet solution in option B seems like the most operationally efficient way to handle both the VPC and on-premises workloads. The S3 interface endpoint allows for better control and security.
upvoted 0 times
Stephane
9 months ago
User 2
upvoted 0 times
...
Renato
9 months ago
User 1
upvoted 0 times
...
...
Santos
10 months ago
I think option A is the best solution.
upvoted 0 times
...

Save Cancel