A company hosts an application on AWS. The application uses AWS Lambda functions and stores data in Amazon DynamoDB tables. The Lambda functions are connected to a VPC that does not have internet access. The traffic to access DynamoDB must not travel across the internet. The application must have write access to only specific DynamoDB tables. Which combination of steps should a solutions architect take to meet these requirements? (Choose two.)

Topic #: - All AWS Certified Solutions Architect - Associate SAA-C02 Questions

A. Attach a VPC endpoint policy for DynamoDB to allow write access to only the specific DynamoDB tables. Most Voted
B. Attach a security group to the interface VPC endpoint to allow write access to only the specific DynamoDB tables.
C. Create a resource-based IAM policy to grant write access to only the specific DynamoDB tables. Attach the policy to the DynamoDB tables.
D. Create a gateway VPC endpoint for DynamoDB that is associated with the Lambda VPC. Ensure that the Lambda execution role can access the gateway VPC endpoint. Most Voted
E. Create an interface VPC endpoint for DynamoDB that is associated with the Lambda VPC. Ensure that the Lambda execution role can access the interface VPC endpoint.

- Awsexamhub website is not related to, affiliated with, endorsed or authorized by Amazon.
- Trademarks, certification & product names are used for reference only and belong to Amazon.

Suggested Answer:

Share this post

Join the Discussion