🔥 3-day streak
AWS Certified Solutions Architect - Professional37 / 186
Question 37 of 186
A company runs a centralized fraud-detection microservice in a shared-services AWS account. Dozens of application accounts across multiple VPCs (some with overlapping CIDR ranges) need to consume this service over private connectivity. The security team requires that only the specific service be reachable — not the entire shared-services VPC — and that consumers cannot initiate connections back into the provider VPC. Which approach best meets these requirements with the least ongoing operational overhead?
Reviewed for accuracy · Report an issueNext question