Use Amazon Elastic Kubernetes Service (Amazon EKS) with Amazon EC2 worker nodes. A company has deployed an application in an AWS account. The application consists of microservices that run on AWS Lambda and Amazon Elastic Kubernetes Service (Amazon EKS). A separate team supports each microservice. The company has multiple AWS accounts and wants to give each team its own account for its microservices. A solutions architect needs to design a solution that will provide service-to-service communication over HTTPS (port 443). The solution also must provide a service registry for service discovery. Which solution will meet these requirements with the LEAST administrative overhead?

Questions › Category: SAA-C03 › Use Amazon Elastic Kubernetes Service (Amazon EKS) with Amazon EC2 worker nodes. A company has deployed an application in an AWS account. The application consists of microservices that run on AWS Lambda and Amazon Elastic Kubernetes Service (Amazon EKS). A separate team supports each microservice. The company has multiple AWS accounts and wants to give each team its own account for its microservices. A solutions architect needs to design a solution that will provide service-to-service communication over HTTPS (port 443). The solution also must provide a service registry for service discovery. Which solution will meet these requirements with the LEAST administrative overhead?

0 Vote Up Vote Down

Admin Staff asked 10 months ago

Use Amazon Elastic Kubernetes Service (Amazon EKS) with Amazon EC2 worker nodes.
A company has deployed an application in an AWS account. The application consists of microservices that run on AWS Lambda and Amazon Elastic Kubernetes Service (Amazon EKS). A separate team supports each microservice. The company has multiple AWS accounts and wants to give each team its own account for its microservices.
A solutions architect needs to design a solution that will provide service-to-service communication over HTTPS (port 443). The solution also must provide a service registry for service discovery.
Which solution will meet these requirements with the LEAST administrative overhead?

A. Create an inspection VP

B. Deploy an AWS Network Firewall firewall to the inspection VP

C. Attach the inspection VPC to a new transit gateway. Route VPC-to-VPC traffic to the inspection VP

D. Apply firewall rules to allow only HTTPS communication.

E. Create a VPC Lattice service network. Associate the microservices with the service network. define HTTPS listeners for each service.
Register microservice compute resources as targets. Identify VPCs that need to communicate with the services. Associate those VPCs with the service network.

F. Create a Network Load Balancer (NLB) with an HTTPS listener and target groups for each microservice. Create an AWS PrivateLink endpoint service for each microservice. Create an interface VPC endpoint in each VPC that needs to consume that microservice.

G. Create peering connections between VPCs that contain microservices. Create a pre x list for each service that requires a connection to a client. Create route tables to route traffic to the appropriate VP

H. Create security groups to allow only HTTPS communication.

Correct Answer: A

This question is in SAA-C03 exam
For getting AWS Certified Solutions Architect Associate Certificate


Disclaimers:
The website is not related to, affiliated with, endorsed or authorized by Amazon.
Trademarks, certification & product names are used for reference only and belong to Amazon.
The website does not contain actual questions and answers from Amazon's Certification Exams.