You are planning to create a VPC endpoint for your SaaS product hosted in AWS.
You will provide this link to a customer who will access the link from their application.
The application works on the UDP protocol.
You plan to provide the DNS name for the link to them.
But the customer is not able to use the link from within their application.
What could be the issue?
Click on the arrows to vote for the correct answer
A. B. C. D.Answer - B.
This is mentioned as one of the limitations for Endpoint Services in the AWS Documentation.
Option A is incorrect since this is an interface and not a gateway.
Options C and D are incorrect since you don't need a NAT device or Network Load Balancer to access the service.
For more information on Service Endpoints, please refer to the below URL.
https://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/endpoint-service.htmlThe issue is that the customer is not able to use the link from within their application when accessing the SaaS product hosted on AWS using a VPC endpoint. The application works on the UDP protocol. Let's review each of the answer options to see what could be causing the issue.
A. The gateway endpoint has a policy that denies access. This should be modified accordingly.
This answer option suggests that there might be a policy in place that denies access to the VPC endpoint, which could be causing the issue. However, this seems unlikely to be the root cause of the problem, as if there were a policy issue, the customer would not be able to access the VPC endpoint at all, regardless of the protocol being used. Therefore, this option can be ruled out.
B. The service endpoint only works on the TCP protocol.
This answer option suggests that the service endpoint only works on the TCP protocol, and not on the UDP protocol which the customer's application is using. This could be the root cause of the problem. If the endpoint only supports TCP, it would not be able to accept UDP traffic from the customer's application. Therefore, this option could be the correct answer.
C. The customer needs to create a Network load balancer to access the endpoint service.
This answer option suggests that the customer needs to create a Network Load Balancer to access the endpoint service. However, this seems unlikely to be the root cause of the problem, as a Load Balancer would not be able to solve the issue of the endpoint only supporting TCP traffic, which is the main issue here. Therefore, this option can be ruled out.
D. The customer needs to use a NAT device to access the endpoint service.
This answer option suggests that the customer needs to use a NAT device to access the endpoint service. However, this also seems unlikely to be the root cause of the problem, as a NAT device would not be able to solve the issue of the endpoint only supporting TCP traffic. Therefore, this option can be ruled out.
In conclusion, answer option B is the most likely root cause of the problem. The service endpoint only works on the TCP protocol, and not on the UDP protocol which the customer's application is using. Therefore, the customer will need to either modify their application to use TCP traffic, or find a different endpoint service that supports UDP traffic.