Q58 — AWS SAA-C03 Ch.1
Question 58 of 65 | ← Chapter 1
Q58. A company runs an application in the AWS Cloud and uses Amazon DynamoDB as the database. The company deploys Amazon EC2 instances to a private network to process data from the database. The company uses two NAT instances to provide connectivity to DynamoDB.The company wants to retire the NAT instances.A solutions architect must implement a solution that provides connectivity to DynamoDB and that does not require ongoing management.What is the MOST cost-effective solution that meets these requirements?
- A. Create a gateway VPC endpoint to provide connectivity to DynamoDB ✓
- B. Configure a managed NAT gateway to provide connectivity to DynamoDB
- C. Establish an AWS Direct Connect connection between the private network and DynamoDB
- D. Deploy an AWS PrivateLink endpoint service between the private network and DynamoDB
Correct Answer: A. Create a gateway VPC endpoint to provide connectivity to DynamoDB
Explanation
The most cost-effective solution that meets the requirements of providing connectivity to DynamoDB without requiring ongoing management is option A: Create a gateway VPC endpoint to provide connectivity to DynamoDB. Here's why this option is the most cost-effective: 1. Gateway VPC endpoint: A gateway VPC endpoint allows private connectivity between your VPC and supported AWS services. By creating a gateway VPC endpoint for DynamoDB, you can access DynamoDB directly from your private network without the need for NAT instances. This eliminates the cost of running and maintaining the NAT instances. 2. No ongoing management: Once the gateway VPC endpoint is set up, it requires no ongoing management. It is a fully managed service provided by AWS, so you don't have to worry about maintaining and updating the infrastructure. 3. Cost savings: By retiring the NAT instances, you save on the costs associated with running and managing them. Gateway VPC endpoints have a fixed hourly rate, which is generally more cost-effective compared to NAT instances that are billed based on data transfer and instance usage. Option B, configuring a managed NAT gateway, would still require ongoing management and would not eliminate the costs associated with running the NAT instances. Option C, establishing an AWS Direct Connect connection, is not necessary for connectivity to DynamoDB. Direct Connect is typically used for dedicated private network connections between on-premises environments and AWS, which is not required in this scenario. Option D, deploying an AWS PrivateLink endpoint service, is not necessary for connectivity to DynamoDB in this case. PrivateLink is used to securely access services hosted on AWS from your VPC without using public IP addresses. However, DynamoDB can be accessed directly using a gateway VPC endpoint without the need for PrivateLink. Therefore, option A (creating a gateway VPC endpoint to provide connectivity to DynamoDB) is the most cost-effective solution that meets the requirements of providing connectivity to DynamoDB without requiring ongoing management.