🔥 3-day streak
AWS Certified Advanced Networking - Specialty90 / 141
Question 90 of 141
A financial services company runs an internal application on EC2 instances in a private subnet. The application must call the Amazon SQS API without traversing the internet, so the team has created an interface VPC endpoint (powered by AWS PrivateLink) for SQS. Compliance requires that only the two application server security groups be allowed to send API requests through this endpoint, and that all other resources in the VPC be denied. Which configuration correctly enforces this at the network layer?
Reviewed for accuracy · Report an issueNext question