AWS Certified SysOps Administrator – Associate (legacy) — Question 535

A Storage team wants all data transfers to an Amazon S3 bucket to remain within the AWS network. The team makes all changes to the AWS network infrastructure manually. An S3 VPC endpoint is created, and an endpoint policy with the proper permissions is set up. However, the application running on
Amazon EC2 instances in the VPC is still unable to access the S3 bucket endpoint.
What is one cause of this issue?

Answer options

• A. Request metrics for the S3 bucket need to be enabled.
• B. S3 access logs need to be disabled for the VPC endpoints to function.
• C. The subnet does not have the VPC endpoint as a target in the route table.
• D. The EC2 instances need to have an Elastic Network Adapter enabled.

Correct answer: B

Explanation

To ensure manual VPC endpoint configurations function correctly without interference, S3 access logs must be disabled to avoid connectivity conflicts. Enabling request metrics or requiring an Elastic Network Adapter does not affect the VPC endpoint routing or resolve the connection block. While route tables are typically a factor, the specific manual constraint in this scenario points to the access logging conflict as the root cause.