Learn how to securely transfer data from on-premises systems to Amazon S3 using AWS Direct Connect and S3 Gateway Endpoint. This guide provides a step-by-step approach to ensure private data transfer without the data traveling across the internet.
Table of Contents
Question
A company wants to send data from its on-premises systems to Amazon S3 buckets. The company created the S3 buckets in three different accounts. The company must send the data privately without the data traveling across the internet. The company has no existing dedicated connectivity to AWS.
Which combination of steps should a solutions architect take to meet these requirements? (Choose two.)
A. Establish a networking account in the AWS Cloud. Create a private VPC in the networking account. Set up an AWS Direct Connect connection with a private VIF between the on-premises environment and the private VPC.
B. Establish a networking account in the AWS Cloud. Create a private VPC in the networking account. Set up an AWS Direct Connect connection with a public VIF between the on-premises environment and the private VPC.
C. Create an Amazon S3 interface endpoint in the networking account.
D. Create an Amazon S3 gateway endpoint in the networking account.
E. Establish a networking account in the AWS Cloud. Create a private VPC in the networking account. Peer VPCs from the accounts that host the S3 buckets with the VPC in the network account.
Answer
A. Establish a networking account in the AWS Cloud. Create a private VPC in the networking account. Set up an AWS Direct Connect connection with a private VIF between the on-premises environment and the private VPC.
D. Create an Amazon S3 gateway endpoint in the networking account.
Explanation
The solutions architect should take the following steps to meet these requirements:
- A. Establish a networking account in the AWS Cloud. Create a private VPC in the networking account. Set up an AWS Direct Connect connection with a private VIF between the on-premises environment and the private VPC. This will establish a dedicated network connection from the on-premises systems to AWS, ensuring that the data is sent privately and does not travel across the internet.
- D. Create an Amazon S3 gateway endpoint in the networking account. This will allow the on-premises systems to connect to the S3 buckets in the three different accounts via the private VPC, ensuring that the data remains within the AWS network.
Amazon AWS Certified Solutions Architect – Professional SAP-C02 certification exam practice question and answer (Q&A) dump with detail explanation and reference available free, helpful to pass the Amazon AWS Certified Solutions Architect – Professional SAP-C02 exam and earn Amazon AWS Certified Solutions Architect – Professional SAP-C02 certification.