AWS Certified Advanced Networking – Specialty (ANS-C00) — Question 335

A company has a hybrid environment across its on-premises network and the AWS Cloud. The company wants to use Amazon Elastic File System (Amazon EFS) to store and share data between on-premises services that are required to resolve DNS queries through on-premises DNS servers. The company wants to use a custom domain name to connect to Amazon EFS. The company also wants to avoid using the Amazon EFS target IP address.
What should a network engineer do to meet these requirements?

Answer options

• A. Create an Amazon Route 53 Resolver outbound endpoint, and configure it for the VPC where Amazon EFS resides. Create a Route 53 public hosted zone, and add a new CNAME record with the value of the Amazon EFS DNS name. Configure forwarding rules on the on-premises DNS servers to forward queries for the custom domain host to the Route 53 public hosted zone.
• B. Create an Amazon Route 53 Resolver inbound endpoint, and configure it for the VPC where Amazon EFS resides. Create a Route 53 private hosted zone, and add a new CNAME record with the value of the Amazon EFS DNS name. Configure forwarding rules on the on-premises DNS servers to forward queries for the custom domain host to the Route 53 Resolver.
• C. Create an Amazon Route 53 Resolver outbound endpoint, and configure it for the VPC where Amazon EFS resides. Create a Route 53 private hosted zone, and add a new CNAME record with the value of the Amazon EFS DNS name. Configure forwarding rules on the on-premises DNS servers to forward queries for the custom domain host to the Route 53 Resolver.
• D. Create an Amazon Route 53 Resolver inbound endpoint, and configure it for the VPC where Amazon EFS resides. Create a Route 53 private hosted zone, and add a new PTR record with the value of the Amazon EFS DNS name. Configure forwarding rules on the on-premises DNS servers to forward queries for the custom domain host to the Route 53 private hosted zone.

Correct answer: B

Explanation

To resolve AWS resources from an on-premises network using a custom domain name, an Amazon Route 53 Resolver inbound endpoint must be configured to accept DNS queries from the local DNS servers. A Route 53 private hosted zone is required to manage the custom domain internally, and a CNAME record maps this custom domain to the default Amazon EFS DNS name. Outbound endpoints are designed for AWS-to-on-premises resolution, and PTR records are used for reverse DNS lookups, which makes the other options incorrect.