A solutions architect needs to ensure that API calls to Amazon DynamoDB from Amazon EC2 instances in a VPC do not traverse the internet. What should the solutions architect do to accomplish this? (Choose two.) A. Create a route table entry for the endpoint. B. Create a gateway endpoint for DynamoDB. C. Create a new DynamoDB table that uses the endpoint. D. Create an ENI for the endpoint in each of the subnets of the VPC. E. Create a security group entry in the default security group to provide access.  Suggested Answer: AB Community Answer: AB A VPC endpoint enables you to privately connect your VPC to supported AWS services and VPC endpoint services powered by AWS PrivateLink without requiring an internet gateway, NAT device, VPN connection, or AWS Direct Connect connection. Instances in your VPC do not require public IP addresses to communicate with resources in the service. Traffic between your VPC and the other service does not leave the Amazon network. Gateway endpoints - A gateway endpoint is a gateway that you specify as a target for a route in your route table for traffic destined to a supported AWS service. The following AWS services are supported: Amazon S3 - DynamoDB - Reference: https://docs.aws.amazon.com/vpc/latest/userguide/vpc-endpoints.html This question is in SAA-C02 AWS Certified Solutions Architect – Associate Exam For getting AWS Certified Solutions Architect – Associate Certificate Disclaimers: The website is not related to, affiliated with, endorsed or authorized by Amazon. Trademarks, certification & product names are used for reference only and belong to Amazon. The website does not contain actual questions and answers from Amazon's Certification Exam.
Please login or Register to submit your answer