Exam AWS Certified Solutions Architect - Professional SAP-C02 topic 1 question 230 discussion

A By sharing the subnets that host the service provider applications using AWS Resource Access Manager (RAM), the service consumer applications can be deployed in the same organization's accounts. This allows the traffic between the service consumer and service provider applications to stay within the organization's network, reducing data transfer charges. D By using the Availability Zone-specific endpoint service's local DNS name, the service consumer compute resources can directly access the service provider applications within the same Availability Zone. This eliminates the need for cross-Availability Zone data transfer, thus reducing data transfer charges.

- **C. Turn off cross-zone load balancing for the Network Load Balancer in all service provider application deployments.** - **D. Ensure that service consumer compute resources use the Availability Zone-specific endpoint service by using the endpoint's local DNS name.**

This is why C is correct: "For ALB and CLB, there is no cross-AZ data transfer charges within the same VPC. But for NLB, if the client and target are in one AZ, but the NLB is in another AZ, there will be a zone-in and zone-out which is $0.02."

B is not an option: While placing resources in the same organization might simplify management, it does not inherently reduce data transfer charges. Data transfer costs between AWS Organizations accounts are typically not impacted by being in the SAME OR DIFFERENT organizations, especially when using PrivateLink.

C D is correct one For C, Cross-zone load balancing can distribute traffic across multiple AZs, which increases data transfer costs between AZs. Disabling cross-zone load balancing ensures that traffic remains within the same AZ, reducing the associated data transfer charges. This is particularly important for applications using AWS PrivateLink, as it will help keep data transfers within the same AZ as much as possible.

B is useless because if you place the resource in the same org but in different AZs you will pay the same as different org in different AZs. So B is uncorrect (like A and E). Remains C and D as a solution that should reduce costs.

BD for me

B - allows data transfer between linked accounts to be free of charge. D - ensures traffic stays within the same AZ as much as possible, minimizing inter-AZ data transfer costs. CD - Save money.

"The company manages two organisations in AWS Organizations," which means they have one organisation for service providers and one more for consumers. A. Since applications are created in the provider organisation, sharing the subnet with other accounts within the same organisation has no effect. B. Combining provider and consumer into one organisation is the first move for Option D. C. Cross-zone load balancing does not change the amount of data traffic passing through the NLB, it affects how that traffic is distributed across the targets. D. AZ-specific endpoint helps to reduce data transfer charges because it keeps the traffic in a single AZ and is designed for intra-regional communication within the same account or organization. E. WTF

It's B and D. A. Sharing subnets does not directly reduce data transfer charges. C. Turning off cross-zone load balancing does not impact data transfer costs between VPC endpoints and service consumers. E. A Savings Plan reduces costs for compute usage, not specifically for data transfer charges.

Answer: C, D

https://docs.aws.amazon.com/ram/latest/userguide/shareable.html "Can share with only AWS accounts in its own organization." ec2:Subnet

Answer is CD D) Obvious option, This approach minimizes data transfer costs by ensuring that traffic between service consumers and service providers stays within the same Availability Zone C) Only after setting up your NLB, you can create a VPC Endpoint Service (VPC-E) that is powered by AWS PrivateLink. Cross-zone lb feature is optional for NLB since 2018 so, turning off cross-zone load balancing can help ensure that data does not unnecessarily cross Availability Zones, thereby once again reducing data transfer costs https://docs.aws.amazon.com/elasticloadbalancing/latest/userguide/how-elastic-load-balancing-works.html B) Incorrect: putting the workloads into 1 org - would not make any effect on billing neither, unless you change the topology profoundly and move away the VPCE solution - but we are not talking about Re-architecting, we are looking to provide guidelines A) Incorrect: RAM can be used only within 1 organization E) Incorrect: there is no a such flavor of Saving plans, AWS provides 3 Compute, EC Instance and SageMaker Saving plans

Holy bageezus, never seen a discussion thread so divided. @NikkyDicky is spot on - cross zone traffic is indeed where the money is going. I think we all know that. A - appears incorrect, we cannot share subnets between accounts in different AWS Orgs. Even if you could, or even if you chose A+B, it would be impractical to assume all other workloads could be deployed in service provider subnets. Would probably run out of IPs. And even if the subnets were huge and we didn't run out of IPs, there is no mechanism in A to guide developers deploying their workloads to reduce or prevent cross-AZ traffic. You could share the subnets and deploy all provider/consumer workloads in the same set of subnets and still end up with the same huge bill :-)

I go with C & D. Data transfer cost base on physical distance.(cross AZ, cross region, internal) A & B - shared VPC doesn't distribute traffic to inter-az

This question is poorly framed. I go with A & D, not because they are great, but because the others are terrible. You should not have to move into the same org (that can't be the answer). Also, we won't compromise HA, so that can't be the answer either.

The question is badly framed. First, we need define the "Data transfer". Does it mean cross AZ data transfer or cross account data transfer? I assume there isn't private network connectivity between the two parties, because they are not even in the same organization, and there is not statement saying they are connected to each other with peering or transit gateway or VPN. So I assume the "Data transfer" is cross organization data transfer, which highly possible is internet data transfer cost. So, A and B will be the best answer. If the question designer meant the cross AZ data transfer and forgot to mention there is already private network connectivity created between the two VPC, C and D might be the best answer. But we can't assume something without any evidence, right?