AWS Certified SysOps Administrator – Associate — Question 183

A company's VPC has connectivity to an on-premises data center through an AWS Site-to-Site VPN. The company needs Amazon EC2 instances in the VPC to send DNS queries for example.com to the DNS servers in the data center.

Which solution will meet these requirements?

Answer options

• A. Create an Amazon Route 53 Resolver inbound endpoint. Create a conditional forwarding rule on the on-premises DNS servers to forward DNS requests for example.com to the inbound endpoints.
• B. Create an Amazon Route 53 Resolver inbound endpoint. Create a forwarding rule on the resolver that sends all queries for example.com to the on-premises DNS servers. Associate this rule with the VPC.
• C. Create an Amazon Route 53 Resolver outbound endpoint. Create a conditional forwarding rule on the on-premises DNS servers to forward DNS requests for example.com to the outbound endpoints.
• D. Create an Amazon Route 53 Resolver outbound endpoint. Create a forwarding rule on the resolver that sends all queries for example.com to the on-premises DNS servers. Associate this rule with the VPC.

Correct answer: D

Explanation

The correct answer is D, as it involves creating an outbound endpoint that allows the VPC to send DNS queries to the on-premises DNS servers. Options A and B incorrectly suggest using inbound endpoints, which are meant for receiving DNS queries rather than sending them. Option C also suggests a conditional forwarding rule with an outbound endpoint, which does not fulfill the requirement of sending all queries to the on-premises servers.