Q20 — AWS AIF-C01 Ch.2

Question 20 of 100 | ← Chapter 2

A financial institution is developing an AI application using Amazon Bedrock and hosting it within a Virtual Private Cloud (VPC). To meet regulatory compliance standards, the VPC must not permit any internet-bound traffic. Which AWS service or feature satisfies this requirement?

Correct Answer: A. AWS PrivateLink

Explanation

AWS PrivateLink enables private, secure connectivity between a VPC and supported AWS services (including Amazon Bedrock) without traversing the public internet—fully satisfying the zero-internet-access compliance constraint. An Internet Gateway explicitly enables internet access, violating the requirement; Amazon Macie and CloudFront do not provide private service connectivity.