VMware Cloud on AWS Specialist — Question 2

An administrator deploys a virtual machine and configures it to perform backups to an AWS Simple Storage Service (S3) bucket. After the first month of use, the administrator receives a bill from AWS indicating egress charges were applied to the backup traffic leaving the software-defined data center (SDCC), destined for the AWS S3 bucket. What can the administrator do to ensure backup traffic travels to the linked Amazon Virtual Private Cloud (VPC) through the Elastic Network
Interface?

Answer options

• A. Configure the S3 bucket with a public endpoint accessible over the Internet through HTTPS.
• B. Configure Direct Connect to a private virtual interface for access to AWS services.
• C. Create a gateway endpoint in the linked AWS VPC and configure it for use with the S3 bucket.
• D. Configure a route-based virtual private network (VPN) for the SDDC to the VPC.

Correct answer: C

Explanation

The correct answer is C because creating a gateway endpoint allows traffic to flow directly from the VPC to the S3 bucket without going over the Internet, thus avoiding egress charges. Option A is incorrect as a public endpoint would incur egress fees. Option B, while useful for connecting to AWS services, does not specifically address the traffic routing to S3. Option D involves a VPN which is not necessary for accessing S3 via a gateway endpoint.