Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Amazon SAA-C03 Exam - Topic 3 Question 61 Discussion

A company hosts its applications in multiple private and public subnets in a VPC. The applications in the private subnets need to access an API. The API is available on the internet and is hosted in the company's on-premises data center. A solutions architect needs to establish connectivity for applications in the private subnets.Which solution will meet these requirements MOST cost-effectively?
D) Implement an AWS Site-to-Site VPN connection between the VPC and the on-premises data center. Use the VPN connection to make API calls from the private subnets to the on-premises data center.
A) Create a transit gateway to connect the VPC to the on-premises network. Use the transit gateway to route API calls from the private subnets to the on-premises data center.
B) Create a NAT gateway in the public subnet of the VPC. Use the NAT gateway to allow the private subnets to access the API over the internet.
C) Establish an AWS PrivateLink connection to connect the VPC to the on-premises network. Use PrivateLink to make API calls from the private subnets to the on-premises data center.

Amazon SAA-C03 Exam - Topic 3 Question 61 Discussion

Actual exam question for Amazon's SAA-C03 exam
Question #: 61
Topic #: 3
[All SAA-C03 Questions]

A company hosts its applications in multiple private and public subnets in a VPC. The applications in the private subnets need to access an API. The API is available on the internet and is hosted in the company's on-premises data center. A solutions architect needs to establish connectivity for applications in the private subnets.

Which solution will meet these requirements MOST cost-effectively?

Show Suggested Answer Hide Answer
Suggested Answer: D

AWS Site-to-Site VPN is a cost-effective way to securely connect your on-premises data center with AWS resources. In this scenario:

Applications in private subnetsrequire access to the API hosted in the on-premises data center.

ASite-to-Site VPN connectionis a secure and cost-efficient option to route traffic between the VPC and on-premises resources.

Transit GatewayandPrivateLinkare not cost-effective for this use case.

NAT Gatewayonly provides internet access for private subnets, which is not suitable for reaching an on-premises resource.

AWS Documentation Reference:

AWS Site-to-Site VPN


by Barney at Jul 08, 2025, 05:26 PM

Limited Time Offer

25%

Off

Get Premium SAA-C03 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Delfina
6 months ago
Wait, can a NAT gateway really handle that? I thought it was just for internet access!
upvoted 0 times
...
Dominque
6 months ago
Definitely not a fan of the VPN option; it adds too much overhead.
upvoted 0 times
...
Jani
6 months ago
I think a NAT gateway is more cost-effective for this scenario.
upvoted 0 times
...
Leota
6 months ago
AWS PrivateLink sounds interesting, but is it really necessary here?
upvoted 0 times
...
Ellsworth
6 months ago
A transit gateway is usually the best for complex setups.
upvoted 0 times
...
Eva
7 months ago
PrivateLink sounds familiar, but I can't recall if it’s the right choice for accessing an on-premises API from private subnets.
upvoted 0 times
...
Alison
7 months ago
I practiced a similar question about connecting VPCs, and I feel like a Site-to-Site VPN could work, but it might not be the cheapest.
upvoted 0 times
...
Cherri
7 months ago
I think using a transit gateway could be overkill for just API calls, but it might be the most reliable option.
upvoted 0 times
...
Wilburn
7 months ago
I remember studying about NAT gateways, but I'm not sure if they are the most cost-effective solution for this scenario.
upvoted 0 times
...
Lajuana
7 months ago
I'm feeling pretty confident about this one. I'd go with the transit gateway solution, as it seems like the most straightforward way to connect the private subnets to the on-premises API while keeping costs down.
upvoted 0 times
...
Rory
8 months ago
Based on the information provided, I think the transit gateway or PrivateLink options are the most likely to be the most cost-effective. The NAT gateway and VPN solutions might be more expensive to set up and maintain.
upvoted 0 times
...
Evangelina
8 months ago
Hmm, I'm a bit confused about the differences between the options. I'll need to review the details of each solution to determine which one is the most cost-effective for this scenario.
upvoted 0 times
...
Laurel
8 months ago
This seems like a straightforward connectivity question. I'd start by considering the most cost-effective options that meet the requirements, like using a transit gateway or PrivateLink.
upvoted 0 times
...
Coletta
10 months ago
Haha, just imagine if we went with the NAT gateway option. Talk about a security nightmare - exposing our private subnets to the big bad internet? No thanks!
upvoted 0 times
...
Susana
10 months ago
Wait, are we sure PrivateLink is available in our region? Might need to double-check that before jumping to conclusions. Don't want any surprises!
upvoted 0 times
...
Adell
10 months ago
Hmm, I was leaning towards the VPN solution, but PrivateLink does sound more efficient. Gotta love those AWS managed services!
upvoted 0 times
Anthony
8 months ago
A: PrivateLink is definitely a great option for connecting VPCs to on-premises networks.
upvoted 0 times
...
...
Izetta
10 months ago
I prefer option D as it offers a reliable VPN connection.
upvoted 0 times
...
Chantay
10 months ago
I agree, PrivateLink is the way to go. No need to expose my private subnets to the internet. Keep it secure and cost-effective!
upvoted 0 times
Brittni
8 months ago
A: Let's go with PrivateLink then. No need to expose our private subnets to the internet.
upvoted 0 times
...
Shawnta
9 months ago
B: Yeah, I agree. It keeps everything private and cost-effective.
upvoted 0 times
...
Gretchen
10 months ago
A: I think PrivateLink is the best option for secure connectivity.
upvoted 0 times
...
...
Larae
11 months ago
I think option C is the best choice because it provides a secure connection.
upvoted 0 times
...
Sherill
11 months ago
Option C seems the most cost-effective since it uses PrivateLink to establish a private connection between the VPC and on-premises network, avoiding the need for a NAT gateway or VPN.
upvoted 0 times
Melissia
10 months ago
PrivateLink is definitely the way to go for this scenario.
upvoted 0 times
...
Dorethea
10 months ago
I agree, option C using PrivateLink is the most cost-effective solution.
upvoted 0 times
...
...
Patrick
11 months ago
I disagree, I believe option B is more cost-effective.
upvoted 0 times
...
Tiffiny
11 months ago
I think option A is the most cost-effective solution.
upvoted 0 times
...

Save Cancel