Configuring a Direct Connection to a Public S3 Endpoint

Establishing a Low Latency Dedicated Connection to an S3 Public Endpoint

Prev Question Next Question

Question

A company has placed a set of on-premises resources with an AWS Direct Connect provider.

After establishing connections to a local AWS region in the US, the company needs to establish a low latency dedicated connection to an S3 public endpoint over the Direct Connect dedicated low latency connection.

What steps need to be taken to accomplish configuring a direct connection to a public S3 endpoint?

Answers

A. Configure a Public Virtual Interface AND configure on-premise routing to utilize the direct connect for AWS S3.

B. Establish a VPN connection from the VPC to the public S3 endpoint.

C. Configure a private virtual interface to connect to the public S3 endpoint via the Direct Connect connection.

D. Add a BGP route as part of the on-premises router. This will route S3 related traffic to the public S3 endpoint to the dedicated AWS region.

Show Answer

Explanations

Click on the arrows to vote for the correct answer

A. B. C. D.

The correct answer is C: Configure a private virtual interface to connect to the public S3 endpoint via the Direct Connect connection.

Explanation:

AWS Direct Connect allows customers to establish dedicated, low-latency connections between their on-premises data centers and AWS. Customers can establish private virtual interfaces to connect to their Amazon VPCs or public virtual interfaces to connect to AWS services over the Direct Connect connection.

In this scenario, the company needs to establish a low latency dedicated connection to an S3 public endpoint over the Direct Connect dedicated low latency connection. This means that the company wants to use Direct Connect to connect to the public S3 endpoint directly, without going through the Internet.

To accomplish this, the company needs to configure a private virtual interface to connect to the public S3 endpoint via the Direct Connect connection. The private virtual interface will allow the company to access the S3 public endpoint as if it were part of its VPC, but without going through the Internet.

To configure a private virtual interface to connect to the public S3 endpoint via the Direct Connect connection, the company needs to follow these steps:

Create a Direct Connect private virtual interface.
Associate the private virtual interface with the Direct Connect connection.
Configure the on-premises router to advertise the route to the S3 public endpoint via the Direct Connect private virtual interface.
Verify connectivity to the S3 public endpoint.

Option A is incorrect because configuring a public virtual interface is not necessary to connect to a public S3 endpoint over Direct Connect. Additionally, configuring on-premise routing to utilize the Direct Connect for AWS S3 is not sufficient to establish a low latency dedicated connection to a public S3 endpoint.

Option B is incorrect because establishing a VPN connection from the VPC to the public S3 endpoint would route traffic through the Internet, which is not what the company wants to do.

Option D is incorrect because adding a BGP route as part of the on-premises router would not be sufficient to establish a private virtual interface to connect to a public S3 endpoint via Direct Connect.

Prev Question Next Question