You operate a production VPC with both a public and a private subnet. Your organization maintains a restricted Amazon S3 bucket to support this production workload. Only Amazon EC2 instances in the private subnet should access the bucket. You implement VPC endpoints (VPC-E) for Amazon S3 and remove the NAT that previously provided a network path to Amazon S3. The default VPC-E policy is applied. Neither EC2 instances in the public or private subnets are able to access the S3 bucket. What should you do to enable Amazon S3 access from EC2 instances in the private subnet?
A) Add the CIDR address range of the private subnet to the S3 bucket policy.
B) Add the VPC-E identifier to the S3 bucket policy.
C) Add the VPC identifier for the production VPC to the S3 bucket policy.
D) Add the VPC-E identifier for the production VPC to endpoint policy.

Question

Quizplus · Accepted Answer

The Answer of You operate a production VPC with both a public and a private subnet. Your organization maintains a restricted Amazon S3 bucket to support this production workload. Only Amazon EC2 instances in the private subnet should access the bucket. You implement VPC endpoints (VPC-E) for Amazon S3 and remove the NAT that previously provided a network path to Amazon S3. The default VPC-E policy is applied. Neither EC2 instances in the public or private subnets are able to access the S3 bucket. What should you do to enable Amazon S3 access from EC2 instances in the private subnet?
A) Add the CIDR address range of the private subnet to the S3 bucket policy.
B) Add the VPC-E identifier to the S3 bucket policy.
C) Add the VPC identifier for the production VPC to the S3 bucket policy.
D) Add the VPC-E identifier for the production VPC to endpoint policy.

You Operate a Production VPC with Both a Public and a Private