AWS Certified Developer – Associate (DVA-C02) — Question 459

A developer needs to configure an AWS Lambda function to make HTTP POST requests to an internal application. The application is in the same AWS account that hosts the function. The internal application runs on Amazon EC2 instances in a private subnet within a VPC.

Which solution will meet these requirements?

Answer options

• A. Configure a VPC endpoint to connect to the private subnet. Attach the endpoint to the Lambda function.
• B. Attach the Lambda function to the VPC and to the private subnet.
• C. Configure a VPN connection between the Lambda function and the private subnet. Attach the VPN to the Lambda function.
• D. Configure the VPC route table to include the Lambda function’s IP address.

Correct answer: B

Explanation

To allow an AWS Lambda function to access resources inside a private VPC subnet, you must configure the function to access the VPC by specifying the VPC and the private subnet ID. This configuration enables Lambda to create Elastic Network Interfaces (ENIs) inside the subnet to route traffic to the EC2 instances. Other options like configuring a VPN connection or modifying VPC route tables with Lambda IP addresses are incorrect because Lambda does not support these methods for VPC access.