A company has a service that runs on TCP port 443 in VPC A within AWS account A. The company wants to expose the service to Amazon EC2 instances in VPC B within AWS account B.
The service must not be made public, and all other services in VPC A must not be accessible from VPC B.
A network engineer is using AWS PrivateLink for the configuration.
Which set of procedures should the network engineer follow to meet these requirements?
A. In VPC A, create an Application Load Balancer (ALB) that has an HTTPS listener. Create an endpoint service in VPC A that points to the ALB. Add the principal ARN of account B to the service endpoints allow list. In VPC B, create an interface endpoint that points to the service identifier of the endpoint service in AWS account A.
B. In VPC A, create a Network Load Balancer (NLB) that has a TCP listener. Create an endpoint service in VPC A that points to the NLB. Add the principal ARN of account B to the service endpoints allow list. In VPC B, create an interface endpoint that points to the service identifier of the endpoint service in AWS account A.
C. In VPC A, create a Network Load Balancer (NLB) that has a TCP listener. Create an endpoint service in VPC A that points to the NLB. Add the principal ARN of account B to the service endpoints allow list. In VPC B, create a gateway endpoint that points to the service identifier of the endpoint service in AWS account A.
D. In VPC A, create an Application Load Balancer (ALB) that has a TCP listener. Create an endpoint service in VPC A that points to the ALB. Add the principal ARN of account B to the service endpoints allow list. In VPC B, create a Gateway Load Balancer endpoint that points to the service identifier of the endpoint service in AWS account A.
The service must not be made public, and all other services in VPC A must not be accessible from VPC B.
A network engineer is using AWS PrivateLink for the configuration.
Which set of procedures should the network engineer follow to meet these requirements?
A. In VPC A, create an Application Load Balancer (ALB) that has an HTTPS listener. Create an endpoint service in VPC A that points to the ALB. Add the principal ARN of account B to the service endpoints allow list. In VPC B, create an interface endpoint that points to the service identifier of the endpoint service in AWS account A.
B. In VPC A, create a Network Load Balancer (NLB) that has a TCP listener. Create an endpoint service in VPC A that points to the NLB. Add the principal ARN of account B to the service endpoints allow list. In VPC B, create an interface endpoint that points to the service identifier of the endpoint service in AWS account A.
C. In VPC A, create a Network Load Balancer (NLB) that has a TCP listener. Create an endpoint service in VPC A that points to the NLB. Add the principal ARN of account B to the service endpoints allow list. In VPC B, create a gateway endpoint that points to the service identifier of the endpoint service in AWS account A.
D. In VPC A, create an Application Load Balancer (ALB) that has a TCP listener. Create an endpoint service in VPC A that points to the ALB. Add the principal ARN of account B to the service endpoints allow list. In VPC B, create a Gateway Load Balancer endpoint that points to the service identifier of the endpoint service in AWS account A.