Exam4Training

in which two ways would the administrator achieve this?

An administrator has been tasked with ensuring NC2 VMs are able to access AWS resources. The NC2 VM traffic must not traverse the internet.

in which two ways would the administrator achieve this? (Choose two.)
A . By using a Gateway Endpoint
B . By using a NAT Gateway.
C . By using an Interface Endpoint
D . By using a VPC Peer.

Answer: CD

Explanation:

To ensure that NC2 VMs can access AWS resources without traversing the internet, the administrator can use AWS VPC Peering and Interface Endpoints. Both methods ensure that traffic stays within the AWS network, maintaining security and efficiency.

Interface Endpoint:

Interface Endpoints allow you to privately connect your VPC to supported AWS services. They use AWS PrivateLink to route traffic directly to services within the AWS network, bypassing the public internet.

Steps:

Create an interface endpoint for the required service in the AWS VPC console.

Ensure the security groups and route tables are configured to allow traffic to the interface endpoint.

VPC Peering:

VPC Peering allows the routing of traffic between VPCs using private IP addresses, without the need for internet gateways, NAT devices, or VPN connections.

Steps:

Create a VPC peering connection between the VPCs.

Update the route tables to direct traffic between the peered VPCs. Ensure security group rules allow the necessary traffic between VPCs.

Reference: AWS VPC Peering Documentation

AWS Interface Endpoint Documentation

Nutanix Cloud Clusters on AWS Administration Guide

Exit mobile version