AWS Certified Solutions Architect – Associate (SAA-C02) — Question 22

A company has deployed an API in a VPC behind an internet-facing Application Load Balancer (ALB). An application that consumes the API as a client is deployed in a second account in private subnets behind a NAT gateway. When requests to the client application increase, the NAT gateway costs are higher than expected. A solutions architect has configured the ALB to be internal.
Which combination of architectural changes will reduce the NAT gateway costs? (Choose two.)

Answer options

• A. Configure a VPC peering connection between the two VPCs. Access the API using the private address.
• B. Configure an AWS Direct Connect connection between the two VPCs. Access the API using the private address.
• C. Configure a ClassicLink connection for the API into the client VPC. Access the API using the ClassicLink address.
• D. Configure a PrivateLink connection for the API into the client VPC. Access the API using the PrivateLink address.
• E. Configure an AWS Resource Access Manager connection between the two accounts. Access the API using the private address.

Correct answer: A, D

Explanation

The correct answers are A and D because both VPC peering and PrivateLink allow the client application to access the API directly over private IP addresses, which eliminates the need for NAT gateway usage and reduces costs. Options B, C, and E do not effectively provide the direct private access needed to minimize NAT gateway expenses.