Free AWS SAA-C03 Actual Exam Questions – Solutions Architect Questions - Question 2 Discussion
must not be accessible to the internet. However, the applications need to access multiple AWS
services. The applications must not use public IP addresses to access the AWS services.
Which solution will meet these requirements MOST cost-effectively?
A, since interface endpoints keep traffic private without extra public IPs or big costs.
Actually, option B can be ruled out because NAT gateways assign public IPs to the traffic, which violates the no public IP requirement. So, A is better since it keeps traffic private and avoids extra costs.
A interface endpoints keep traffic inside AWS without needing public IPs or NAT. B uses NAT gateways which cost more and assign public IPs, so less ideal here.
Makes sense to rule out C and D right away since internet gateways and Direct Connect don’t fit this use case. B is expensive and uses public IPs. A looks like the best fit here. A
Option A avoids public IPs and NAT costs, fits the no-internet-access rule.
Question: Are all the required AWS services supported by interface VPC endpoints? That could make a big difference in choosing between options A and B.