To follow the new security compliances your company has hired an external auditor to assess the security perimeter around your SaaS platform. The application is running in multiple regions and uses the load balancers within each regions for higher availability. The instances loads sensitive configurations from an S3 bucket at start and the DynamoDB is used as primary database. The auditor has advised to further tighten the security groups and NACLs based on the application requirement and use the private network instead of using the public endpoints to access the AWS services. Your team decided to use the VPC Endpoints as it uses the AWS internal network for all the communication, after detailed examination they realised the current architecture will not allow them to use the VPC endpoints as it is and will require a set of modifications. What modifications would be needed to align the architecture? (Select THREE)