An organization needs to ensure that its compute instances, which handle sensitive data in an isolated environment, have the ability to securely access object storage without the data traveling over the internet. Which configuration aligns with these stringent security requirements?
Provision a service-specific gateway within the isolated environment for direct object storage access.
Install a NAT device in the isolated environment to route traffic to the object storage.
Set up a VPN connection from the compute instances to the object storage service.
Allocate public IP addresses to the compute instances for internet access to the object storage.