MuleSoft Certified Integration Architect – Level 1 — Question 44

An organization has previously provisioned its own AWS VPC hosting various servers. The organization now needs to use CloudHub to host a Mule application that will implement a REST API. Once deployed to CloudHub, this Mule application must be able to communicate securely with the customer-provisioned AWS
VPC resources within the same region, without being interceptable on the public Internet.
What Anypoint Platform features should be used to meet these network communication requirements between CloudHub and the existing customer-provisioned
AWS VPC?

Answer options

• A. Add a Mulesoft-hosted Anypoint VPC configured with VPC Peering to the AWS VPC
• B. Add default API Whitelisting policies to API Manager to automatically whitelist the customer-provisioned AWS VPC IP ranges needed by the Mule application
• C. Use VM queues in the Mule application to allow any non-Mule assets within the customer-provisioned AWS VPC to subscribe to and receive messages
• D. Configure an external identity provider (IdP) in Anypoint Platform with certificates from the customer-provisioned AWS VPC

Correct answer: A

Explanation

The correct answer is A because using a Mulesoft-hosted Anypoint VPC with VPC Peering allows for secure communication directly between CloudHub and the AWS VPC without traversing the public Internet. Options B, C, and D do not establish the necessary secure network connection required for direct communication between CloudHub and the AWS VPC resources.