Q92 — AWS ANS-C01 Ch.1

Question 92 of 100 | ← Chapter 1

An insurance company is planning the migration of workloads from its on-premises data center to the AWS Cloud. The company requires end-to-end domain name resolution. Bi-directional DNS resolution between AWS and the existing on-premises environments must be established. The workloads will be migrated into multiple VPCs. The workloads also have dependencies on each other, and not all the workloads will be migrated at the same time. Which solution meets these requirements?

Correct Answer: A. Configure a private hosted zone for each application VPC, and create the requisite records. Create a set of Amazon Route 53 Resolver inbound and outbound endpoints in an egress VPC. Dene Route 53 Resolver rules to forward requests for the on-premises domains to the on-premises DNS resolver. Associate the application VPC private hosted zones with the egress VPC, and share the Route 53 Resolver rules with the application accounts by using AWS Resource Access Manager. Configure the on-premises DNS servers to forward the cloud domains to the Route 53 inbound endpoints.

Explanation

为了满足题目中的要求,需要实现AWS云和现有本地环境之间的双向DNS解析,同时考虑到工作负载将迁移到多个VPC中,并且这些工作负载之间存在相互依赖,且不会同时迁移。选项A详细描述了如何为每个应用VPC配置私有托管区域,并创建必要的记录。它使用了AmazonRoute53Resolver的入站和出站端点来管理DNS流量,并定义了Route53Resolver规则以将本地域请求转发到本地DNS解析器。同时,它还配置了本地DNS服务器以将云域请求转发到Route53的入站端点,实现了双向DNS解析的需求。此外,通过AWSResourceAccessManager共享Route53Resolver规则,确保了应用账户之间的访问权限。因此,A选项是满足所有要求的解决方案。 查看全部