Q19 — AWS AIF-C01 Ch.1

Question 19 of 100 | ← Chapter 1

A financial institution wants to use Amazon Bedrock to develop a generative AI application. The application is hosted within a VPC. To meet regulatory compliance requirements, the VPC must not allow any internet traffic. Which AWS service or feature satisfies these requirements?

Correct Answer: A. AWS PrivateLink

Explanation

This question tests knowledge of AWS services for secure, compliant architectures. When a VPC must remain isolated from the public internet to satisfy regulatory requirements, AWS PrivateLink enables private, secure connectivity between VPCs and supported AWS services (including Amazon Bedrock) without traversing the public internet. Amazon Macie focuses on data security and discovery, Amazon CloudFront is a content delivery network, and an Internet Gateway explicitly enables internet access—contradicting the requirement. Therefore, option A ('AWS PrivateLink') is correct.