AWS Certified Advanced Networking – Specialty (ANS-C01) — Question 80

A company manages resources across VPCs in multiple AWS Regions. The company needs to connect to the resources by using its internal domain name. A network engineer needs to apply the aws.example.com DNS suffix to all resources.

What must the network engineer do to meet this requirement?

Answer options

• A. Create an Amazon Route 53 private hosted zone for aws.example.com in each Region that has resources. Associate the private hosted zone with that Region's VPC. In the appropriate private hosted zone, create DNS records for the resources in each Region.
• B. Create one Amazon Route 53 private hosted zone for aws.example.com. Configure the private hosted zone to allow zone transfers with every VPC.
• C. Create one Amazon Route 53 private hosted zone for example.com. Create a single resource record for aws.example.com in the private hosted zone. Apply a multivalue answer routing policy to the record. Add all VPC resources as separate values in the routing policy.
• D. Create one Amazon Route 53 private hosted zone for aws.example.com. Associate the private hosted zone with every VPC that has resources. In the private hosted zone, create DNS records for all resources.

Correct answer: D

Explanation

The correct answer is D because creating one private hosted zone for aws.example.com and associating it with every VPC ensures that all resources can resolve the DNS suffix correctly. Option A is incorrect as creating separate hosted zones for each Region complicates management. Option B does not allow for the necessary resource-specific DNS records. Option C is inadequate since it only addresses a single hosted zone for example.com, not aws.example.com.