You have set up an S3 endpoint, and you want to restrict some instances from being able to access it.
These instances are all in the same subnet, so you cannot simply remove the prefix list from the route table.
What two approaches can you take to solve this? (Choose two.)
A. Remove any access to the PL in the security group attached to the instances.
B. Add A rule in the NACL to block the prefix list ID outbound.
C. This is not possible.
D. Modify the endpoint policy.
These instances are all in the same subnet, so you cannot simply remove the prefix list from the route table.
What two approaches can you take to solve this? (Choose two.)
A. Remove any access to the PL in the security group attached to the instances.
B. Add A rule in the NACL to block the prefix list ID outbound.
C. This is not possible.
D. Modify the endpoint policy.