AWS Certified Solutions Architect – Professional — Question 344

An organization has setup RDS with VPC. The organization wants RDS to be accessible from the internet. Which of the below mentioned configurations is not required in this scenario?

Answer options

• A. The organization must enable the parameter in the console which makes the RDS instance publicly accessible.
• B. The organization must allow access from the internet in the RDS VPC security group,
• C. The organization must setup RDS with the subnet group which has an external IP.
• D. The organization must enable the VPC attributes DNS hostnames and DNS resolution.

Correct answer: C

Explanation

To make an RDS instance publicly accessible, the Publicly Accessible flag must be enabled, the security group must permit internet traffic, and the VPC must have DNS resolution and hostnames active. DB subnet groups themselves do not possess external IP addresses; rather, they are collections of subnets that must be mapped to an Internet Gateway to route public traffic. Thus, configuring a subnet group with an external IP is not a real or required step.