Which AWS service or feature can be used to create a private connection between an on-premises workload and an AWS Cloud workload?
Which AWS service or feature can be used to create a private connection between an on-premises workload and an AWS Cloud workload?
AWS Direct Connect is the correct service for creating a private connection between an on-premises workload and an AWS Cloud workload. It provides a dedicated network connection from your premises to AWS. This ensures that the connection is private and does not traverse the public internet, providing low latency and consistent network performance, which are essential for critical and high-throughput workloads.
Correct answer is C- Direct connect is for private dedicated connection between on premise and AWS. PrivateLink provides direct secure connections from VPCs to other AWS services. VPC Private Link is a way of making your service available to set of consumers. You can expose a service and the consumers can consume your service by creating an endpoint for your service.With PrivateLink, endpoints are instead created directly inside of your VPC, using Elastic Network Interfaces (ENIs) and IP addresses in your VPC's subnets.To use AWS PrivateLink, create a VPC endpoint in your VPC, specifying the name of the service and a subnet. This creates an elastic network interface in the subnet that serves as an entry point for traffic destined to the service. The service is now in your VPC, enabling connectivity to AWS services via private IP addresses.
The question didnt mention - DEDICATED connection was a requirement. So Correct answer is D. Secured link is good enough.
I'm confused, can you create a private but not dedicated connection between on-prem and AWS?
Yes, over VPN connection.
which one is dedicated please
Direct Connect is is for private dedicated connection between on-premise network and AWS infrastructure, not between workloads (applications and services). Private Link uses VPC endpoint services to access the service over an Amazon VPC endpoint, rather than over external network infrastructure.
AWS PrivateLink provides private connectivity between virtual private clouds (VPCs), supported AWS services, and your on-premises networks without exposing your traffic to the public internet. See the link: https://aws.amazon.com/privatelink/#:~:text=AWS%20PrivateLink%20provides%20private%20connectivity,traffic%20to%20the%20public%20internet. Image: https://d1.awsstatic.com/products/privatelink/product-page-diagram_AWS-PrivateLink.fc899b8ebd46fa0b3537d9be5b2e82de328c63b8.png
AWS privatelink use case: - Migrate to a hybrid cloud Connect on-premises applications and data to SaaS applications hosted on AWS securely and realize a hybrid cloud architecture. https://aws.amazon.com/privatelink/#:~:text=AWS%20PrivateLink%20provides%20private%20connectivity,traffic%20to%20the%20public%20internet
Seems like D - AWS PrivateLink is better answer. From https://aws.amazon.com/privatelink/: "AWS PrivateLink provides private connectivity between virtual private clouds (VPCs), supported AWS services, and your on-premises networks without exposing your traffic to the public internet."
Checked with ChatGPT as well, it says C is the correct answer
Both services can facilitate private connections, but AWS Direct Connect specifically deals with establishing a dedicated physical connection between on-premises and AWS, while AWS PrivateLink facilitates private connectivity between services within the AWS cloud and on-premises environments.
Direct connect because its establish connectivity between On premises services with cloud services such as my workloads in VMware vcenter in one Ompremises DC and S3 in cloud to store multiple objects and take advantage of storage-lifecycle-policy.
C. AWS Direct Connect
C. AWS Direct Connect
C is the answer
Tricky one again. Private Link uses VPC endpoint to access the service over an Direct Connect from on-premises. The right answer in indeed D
is D AWS PrivateLink provides private connectivity between virtual private clouds (VPCs), supported AWS services, and your on-premises networks without exposing your traffic to the public internet.
PrivateLink is used when you comunicate with third party VPC and it Requires a network load balancer (Service VPC) and ENI (Customer VPC)
As I am reading documentation on AWS site, I believe that many people voting for D do not fully understand this. It indeed mentions that on-premise can reach PrivateLink endpoints over Direct Connect... but doesn't that mean that requirement to make on-premises use PrivateLink is Direct Connect it with VPC first?
C- Direct connect
https://aws.amazon.com/privatelink/faqs/# Q: What is AWS PrivateLink? A: AWS PrivateLink enables customers to access services hosted on AWS in a highly available and scalable manner, while keeping all the network traffic within the AWS network. Service users can privately access services powered by PrivateLink from their Amazon Virtual Private Cloud (VPC) or their on-premises, without using public IPs, and without requiring traffic to traverse across the Internet. Service owners can register their Network Load Balancers to PrivateLink services in order to provide their services to other AWS customers. Q: Can I privately access services powered by AWS PrivateLink over AWS Direct Connect? A: Yes. The application in your premises can connect to the service endpoints in Amazon VPC over AWS Direct Connect. The service endpoints will automatically direct the traffic to AWS services powered by AWS PrivateLink.
Private link provides a private network connection btw vpc and AWS services while AWS direct connect is a dedicated, private connection between on premises infrastructure and an AWS location.. the answer is DIRECT CONNECT
AWS Direct connect is the service name.
What is AWS PrivateLink, exactly? PrivateLink is a networking construct that allows an application/service residing in one VPC (the “Service Provider VPC”) to be accessed by clients/consumers in (or through) other VPCs within the AWS Region (“Consumer VPCs”). The consumer accesses the service privately via an interface (VPC Endpoint) deployed locally in the Consumer VPC, avoiding any requirement for internet connectivity and keeping all traffic inside AWS’s private network. It’s also possible to access the VPC Endpoint via Direct Connect, allowing end-to-end private connectivity to applications/integrations from an enterprise LAN/WAN or data center.