A company uses Amazon RDS to store transactional data. The company runs an RDS DB instance in a private subnet. A developer wrote an AWS Lambda function with default settings to insert, update, or delete data in the DB instance.
The developer needs to give the Lambda function the ability to connect to the DB instance privately without using the public internet.
Which combination of steps will meet this requirement with the LEAST operational overhead? (Choose two.)
- Turn on the public access setting for the DB instance.
- Update the security group of the DB instance to allow only Lambda function invocations on the database port.
- Configure the Lambda function to run in the same subnet that the DB instance uses.
- Attach the same security group to the Lambda function and the DB instance. Include a self-referencing rule that allows access through the database port.
- Update the network ACL of the private subnet to include a self-referencing rule that allows access through the database port.
Reveal Solution Next Question