Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Amazon Exam ANS-C01 Topic 3 Question 23 Discussion

Actual exam question for Amazon's ANS-C01 exam
Question #: 23
Topic #: 3
[All ANS-C01 Questions]

A company's VPC has Amazon EC2 instances that are communicating with AWS services over the public internet. The company needs to change the connectivity so that the communication

does not occur over the public intemet.

The company deploys AWS PrivateLink endpoints in the VPC. After the deployment of the PrivateLink endpoints, the EC2 instances can no longer communicate at all with the required AWS

services.

Which combination of steps should a network engineer take to restore communication with the AWS services? (Select TWO.)

Show Suggested Answer Hide Answer
Suggested Answer: B, C

To use AWS PrivateLink, you need to create interface type VPC endpoints for the services that you want to access privately from your VPC1. These endpoints appear as elastic network interfaces (ENIs) with private IPs in your subnets2. To enable DNS resolution for these endpoints, you need to set the enableDnsSupport attribute to True for your VPC, and enable DNS support for each endpoint3. You also need to ensure that the VPC endpoint policy allows communication between your VPC and the service4. You do not need to create any route table entries or Route 53 hosted zones for the endpoints, as they are not required for PrivateLink5.

AWS PrivateLink FAQs -- Amazon Web Services 2: AWS PrivateLink and service endpoint - Amazon EC2 Overview and Networking Introduction for Telecom Companies 3: VPC Endpoints: Secure and Direct Access to AWS Services 4: AWS PrivateLink and service endpoint - Amazon EC2 Overview and Networking Introduction for Telecom Companies 5: AWS Private Link vs VPC Endpoint - Stack Overflow


by Portia at Apr 10, 2024, 04:47 PM

Limited Time Offer

25%

Off

Get Premium ANS-C01 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Ethan
7 days ago
Yeah, the DNS piece is crucial here. I'm guessing the PrivateLink endpoints need to be registered in a private hosted zone so the EC2 instances can resolve the service names correctly.
upvoted 0 times
...
Penney
8 days ago
Yup, sounds good to me. Now let's just hope the rest of the exam is as straightforward as this one!
upvoted 0 times
...
Junita
9 days ago
Agreed. Okay, I think we've got a good handle on this now. Let's go with B and C as our answers.
upvoted 0 times
...
Kathrine
9 days ago
Haha, I can just imagine the network engineer trying to figure this out. 'Okay, let me try adding a route to the PrivateLink endpoints... Nope, that's not it. Wait, what about the DNS settings? Aha, that must be it!'
upvoted 0 times
...
Serina
10 days ago
Haha, yeah, that one's a real doozy. Definitely a red herring. Let's stick to the PrivateLink and VPC networking stuff.
upvoted 0 times
...
Justine
10 days ago
Yeah, that makes sense. I was also thinking about the route table, but that's probably not the main issue here. The question specifically says the communication is broken after the PrivateLink deployment, so the routing should be fine.
upvoted 0 times
...
Helga
11 days ago
I agree, the DNS configuration is probably the key here. Let's see, I think option B and E might be the right ones. We need to make sure the DNS support is enabled for the VPC and the PrivateLink endpoints, and we might need to create a private hosted zone to resolve the service names.
upvoted 0 times
...
Tonja
13 days ago
Hmm, I'm guessing the issue has to do with the DNS configuration. The question mentions that the EC2 instances can't communicate with the services after the PrivateLink deployment, so we might need to look at DNS settings.
upvoted 0 times
...
Clay
15 days ago
This question seems pretty straightforward, but I'm not sure about the PrivateLink part. I think it's asking us to figure out how to enable communication between the EC2 instances and the AWS services after the PrivateLink deployment.
upvoted 0 times
...

Save Cancel