AWS Certified SysOps Administrator – Associate — Question 450

An application is running on an Amazon EC2 instance in a VPC with the default DHCP option set. The application connects to an on-premises Microsoft SQL
Server database with the DNS name mssql.example.com. The application is unable to resolve the database DNS name.
Which solution will fix this problem?

Answer options

• A. Create an Amazon Route 53 Resolver inbound endpoint. Add a forwarding rule for the domain example.com. Associate the forwarding rule with the VPC.
• B. Create an Amazon Route 53 Resolver inbound endpoint. Add a system rule for the domain example.com. Associate the system rule with the VPC.
• C. Create an Amazon Route 53 Resolver outbound endpoint. Add a forwarding rule for the domain example.com. Associate the forwarding rule with the VPC.
• D. Create an Amazon Route 53 Resolver outbound endpoint. Add a system rule for the domain example.com. Associate the system rule with the VPC.

Correct answer: C

Explanation

To resolve DNS queries for an on-premises domain from resources inside an Amazon VPC, an Amazon Route 53 Resolver outbound endpoint is required to route the queries out of the VPC to the on-premises DNS servers. A forwarding rule must be created for the specific domain and associated with the VPC to direct those queries to the outbound endpoint. Inbound endpoints are used for the reverse path (on-premises to VPC DNS), and system rules do not define custom forwarding paths to external DNS servers.