AWS Certified SAP on AWS – Specialty (PAS-C01) — Question 29

An SAP basis architect is configuring high availability for a critical SAP system on AWS. The SAP basis architect is using an overlay IP address to route traffic to the subnets across multiple Availability Zones within an AWS Region for the system’s SAP HANA database.
What should the SAP basis architect do to route the traffic to the Amazon EC2 instance of the active SAP HANA database?

Answer options

• A. Edit the route in the route table of the VPC that includes the EC2 instance that runs SAP HANSpecify the overlay IP address as the destination. Specify the private IP address of the EC2 instance as the target.
• B. Edit the inbound and outbound rules in the security group of the EC2 instance that runs SAP HANA. Allow traffic for SAP HANA specific ports from the overlay IP address.
• C. Edit the network ACL of the subnet that includes the EC2 instance that runs SAP HANA. Allow traffic for SAP HANA specific ports from the overlay IP address.
• D. Edit the route in the route table of the VPC that includes the EC2 instance that runs SAP HANA. Specify the overlay IP address as the destination. Specify the elastic network interface of the EC2 instance as the target.

Correct answer: D

Explanation

The correct answer is D because it directly specifies the elastic network interface of the EC2 instance as the target, ensuring proper traffic routing. Option A is incorrect as it references the private IP address, which may not support the intended high availability setup. Options B and C are not sufficient on their own since they focus on security configurations rather than routing traffic to the EC2 instance.