Find answers, ask questions, and connect with our
community around the world.

Home Forums AWS AWS Certified Advanced Networking – Specialty Incorrect Answer Explanation (S3 Interface Endpoint)

  • Incorrect Answer Explanation (S3 Interface Endpoint)

  • JordanP

    November 22, 2022 at 5:19 am

    The part that I bolded below is incorrect. A VPC interface endpoint can be used for S3. While I do not disagree with the answer to the question, the explanation is wrong. Source:



    Category: ANS – Network Implementation

    An application is running on an Amazon EC2 instance launched in a private subnet in us-east-1 (N. Virginia) region. A new feature will be released that requires the application to pull data from several public web services over the Internet to complete its processing. The result will be stored to an S3 bucket in the same region. The Network Engineer must restrict outbound Internet access to a list of whitelisted URLs only.

    What should the Engineer do to satisfy these requirements?


    The option that says: Deploy a NAT instance in a public subnet. Install a Squid proxy in the instance to whitelist the outbound Internet access. Create a VPC Interface endpoint to access the Amazon S3 bucket is incorrect because you have to create a VPC Gateway endpoint to allow access to the S3 bucket and not a VPC Interface endpoint. Same thing as well if you want to connect to a DynamoDB table. An Interface endpoint is only applicable for Amazon RDS Data API, Amazon SNS, Amazon SQS, and others.

Viewing 1 of 1 replies

Log in to reply.

Original Post
0 of 0 posts June 2018