ExpertMinds LogoExpertMinds
Easy1 markMultiple Choice
Domain 3.5: Cost OptimizationCost OptimizationNetworkingVPC Endpoints

AWS SAP-C02 · Question 49 · Domain 3.5: Cost Optimization

An organization is using AWS Cost Explorer and notices a significant increase in data transfer costs. Investigation reveals that EC2 instances in private subnets are downloading large amounts of data from Amazon DynamoDB and Amazon S3. The instances access these services via a NAT Gateway. How can the Architect reduce these data transfer costs MOST effectively?

Answer options:

A.

Create Gateway VPC Endpoints for Amazon S3 and Amazon DynamoDB in the VPC and update the route tables.

B.

Create Interface VPC Endpoints (AWS PrivateLink) for Amazon S3 and Amazon DynamoDB.

C.

Move the EC2 instances to public subnets and assign them Elastic IP addresses.

D.

Purchase a Compute Savings Plan to reduce the NAT Gateway hourly charges.

How to approach this question

Identify the free VPC feature that routes traffic to S3 and DynamoDB.

Full Answer

A.Create Gateway VPC Endpoints for Amazon S3 and Amazon DynamoDB in the VPC and update the route tables.✓ Correct
NAT Gateways incur an hourly charge and a data processing charge per gigabyte. If your EC2 instances are transferring large amounts of data to S3 or DynamoDB through a NAT Gateway, your costs will be high. By creating Gateway VPC Endpoints for S3 and DynamoDB, the traffic is routed directly over the AWS network. Gateway endpoints are completely free, eliminating the NAT Gateway data processing costs for this traffic.

Common mistakes

Choosing Interface Endpoints, which cost money, instead of the free Gateway Endpoints.
48All questions50

Practice the full AWS Solutions Architect Professional SAP-C02 Practice Exam 5

75 questions · hints · full answers · grading

Sign up freeTake the exam

More questions from this exam

Q01A global enterprise is redesigning its AWS network architecture across 50 AWS accounts and 3 AWS ...HardQ02A company uses AWS Organizations to manage multiple accounts. The security team mandates that no ...MediumQ03A financial institution requires a disaster recovery strategy for its critical trading applicatio...HardQ04An enterprise is setting up a new multi-account AWS environment using AWS Control Tower. They nee...MediumQ05A company has a complex AWS environment with hundreds of linked accounts under AWS Organizations....Hard
View all 75 questions →