A company has recently established an AWS Direct Connect connection from its on-premises data center to AWS. A Network Engineer has blocked all traffic destined for Amazon S3 over the company’s gateway to the internet from its onpremises firewall. S3 traffic should only traverse the Direct Connect connection.
Currently, no one in the on-premises data center can access Amazon S3.
Which solution will resolve this connectivity issue?
A. Configure a private virtual interface on the Direct Connect connection. Update the on-premises routing tables to choose Direct Connect as the preferred next hop for traffic destined for Amazon S3.
B. Establish an S3 VPC endpoint for the company’s Amazon VPC. Configure a private virtual interface on the Direct Connect connection. Update the onpremises routing tables to choose Direct Connect as the preferred next hop.
C. Configure a public virtual interface on the Direct Connect connection. Update the on-premises routing tables to choose Direct Connect as the preferred next hop for traffic destined for Amazon S3.
D. Configure a public virtual interface on the Direct Connect connection. Establish an AWS managed VPN over the connection. Update the on-premises routing tables to choose the VPN connection as the preferred next hop.
