ExamTopics Logo
Mail Us[email protected]
Menu
Amazon Discussions
exam questions

Exam AWS Certified Solutions Architect - Professional SAP-C02 All Questions

View all questions & answers for the AWS Certified Solutions Architect - Professional SAP-C02 exam
Go to Exam

Exam AWS Certified Solutions Architect - Professional SAP-C02 topic 1 question 247 discussion

Exam question from Amazon's AWS Certified Solutions Architect - Professional SAP-C02
Question #: 247
Topic #: 1
[All AWS Certified Solutions Architect - Professional SAP-C02 Questions]

A large company runs workloads in VPCs that are deployed across hundreds of AWS accounts. Each VPC consists of public subnets and private subnets that span across multiple Availability Zones. NAT gateways are deployed in the public subnets and allow outbound connectivity to the internet from the private subnets.

A solutions architect is working on a hub-and-spoke design. All private subnets in the spoke VPCs must route traffic to the internet through an egress VPC. The solutions architect already has deployed a NAT gateway in an egress VPC in a central AWS account.

Which set of additional steps should the solutions architect take to meet these requirements?

  • A. Create peering connections between the egress VPC and the spoke VPCs. Configure the required routing to allow access to the internet.
  • B. Create a transit gateway, and share it with the existing AWS accounts. Attach existing VPCs to the transit gateway. Configure the required routing to allow access to the internet.
  • C. Create a transit gateway in every account. Attach the NAT gateway to the transit gateways. Configure the required routing to allow access to the internet.
  • D. Create an AWS PrivateLink connection between the egress VPC and the spoke VPCs. Configure the required routing to allow access to the internet.
Show Suggested Answer Hide Answer
Suggested Answer: B 🗳️
by bhanus at June 22, 2023, 10:07 p.m.
Disclaimers:
  • - ExamTopics website is not related to, affiliated with, endorsed or authorized by Amazon.
  • - Trademarks, certification & product names are used for reference only and belong to Amazon.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
sergza888
1 month, 3 weeks ago
Selected Answer: A
there are a lot of unknowns ( IS there AWS organization so we can use Ram to share TGW or if these VPC's are in the same region). If we think about sharing there are supposed be AWS organizations and RAM
upvoted 1 times
...
mns0173
11 months ago
With hundreds of VPCs you will inevitably face CIDR overlapping conflict so better to use Transit Gateway
upvoted 1 times
...
teo2157
11 months, 3 weeks ago
Selected Answer: A
There's a key information that is not mentioned in the question, if the VPCs are in the same region or in different regions, as we're talking of hundreds of AWS accounts the answer will be VPC peering as a single transit gateway doesn´t support different regions so A. If all VPCs are in the same region, the answer would be transit gateway so B. Saying that I go for A
upvoted 1 times
helloworldabc
8 months, 1 week ago
just B
upvoted 1 times
...
...
career360guru
1 year, 5 months ago
Selected Answer: B
Option B
upvoted 1 times
...
joleneinthebackyard
1 year, 6 months ago
Selected Answer: B
"hundreds of AWS account" - think of transit gateway, VPC peering, PrivateLink should be out option C: add transit gateway to each account -> out
upvoted 4 times
...
ggrodskiy
1 year, 9 months ago
Correct B.
upvoted 1 times
...
NikkyDicky
1 year, 9 months ago
Selected Answer: B
b for sure
upvoted 1 times
...
Christina666
1 year, 9 months ago
Selected Answer: B
hundreds of VPCs-> TGW then we only have B and C C: create TGW in each account, wrong
upvoted 4 times
...
SmileyCloud
1 year, 10 months ago
Selected Answer: B
B - Hub and spoke is based on transit GW
upvoted 2 times
...
easytoo
1 year, 10 months ago
b-b-b-b-b-b-b
upvoted 2 times
...
PhuocT
1 year, 10 months ago
yep, it's B
upvoted 1 times
...
Alabi
1 year, 10 months ago
Selected Answer: B
Option B suggests creating a transit gateway, which acts as a hub for connectivity between multiple VPCs and on-premises networks. By sharing the transit gateway with the existing AWS accounts, the solutions architect can attach the VPCs, including the spoke VPCs, to the transit gateway. The required routing can then be configured to direct traffic from the spoke VPCs to the transit gateway, which will route it to the egress VPC with the NAT gateway. This allows for centralized routing and connectivity to the internet for the spoke VPCs.
upvoted 3 times
...
gd1
1 year, 10 months ago
Selected Answer: B
GPT = B; AWS Transit Gateway is a service that enables customers to connect their Amazon Virtual Private Clouds (VPCs) and their on-premises networks to a single gateway. It simplifies the management of network connectivity across a large number of accounts/VPCs.
upvoted 1 times
...
jubileu84
1 year, 10 months ago
B is correct because we have hundreds of vpcs and default quota for peering peer vpc is = 50
upvoted 1 times
...
bhanus
1 year, 10 months ago
Selected Answer: B
SHould be B
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago