ExamTopics Logo
Mail Us[email protected]
Menu
Amazon Discussions
exam questions

Exam AWS Certified Solutions Architect - Professional SAP-C02 All Questions

View all questions & answers for the AWS Certified Solutions Architect - Professional SAP-C02 exam
Go to Exam

Exam AWS Certified Solutions Architect - Professional SAP-C02 topic 1 question 431 discussion

Exam question from Amazon's AWS Certified Solutions Architect - Professional SAP-C02
Question #: 431
Topic #: 1
[All AWS Certified Solutions Architect - Professional SAP-C02 Questions]

A company provides a centralized Amazon EC2 application hosted in a single shared VPC. The centralized application must be accessible from client applications running in the VPCs of other business units. The centralized application front end is configured with a Network Load Balancer (NLB) for scalability.

Up to 10 business unit VPCs will need to be connected to the shared VPC. Some of the business unit VPC CIDR blocks overlap with the shared VPC, and some overlap with each other Network connectivity to the centralized application in the shared VPC should be allowed from authorized business unit VPCs only.

Which network configuration should a solutions architect use to provide connectivity from the client applications in the business unit VPCs to the centralized application in the shared VPC?

  • A. Create an AWS Transit Gateway. Attach the shared VPC and the authorized business unit VPCs to the transit gateway. Create a single transit gateway route table and associate it with all of the attached VPCs. Allow automatic propagation of routes from the attachments into the route table. Configure VPC routing tables to send traffic to the transit gateway.
  • B. Create a VPC endpoint service using the centralized application NLB and enable the option to require endpoint acceptance. Create a VPC endpoint in each of the business unit VPCs using the service name of the endpoint service. Accept authorized endpoint requests from the endpoint service console.
  • C. Create a VPC peering connection from each business unit VPC to the shared VPAccept the VPC peering connections from the shared VPC console. Configure VPC routing tables to send traffic to the VPC peering connection.
  • D. Configure a virtual private gateway for the shared VPC and create customer gateways for each of the authorized business unit VPCs. Establish a Site-to-Site VPN connection from the business unit VPCs to the shared VPC. Configure VPC routing tables to send traffic to the VPN connection.
Show Suggested Answer Hide Answer
Suggested Answer: B 🗳️
by alexis123456 at Feb. 6, 2024, 2:58 a.m.
Disclaimers:
  • - ExamTopics website is not related to, affiliated with, endorsed or authorized by Amazon.
  • - Trademarks, certification & product names are used for reference only and belong to Amazon.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
sat2008
Highly Voted 1 year, 2 months ago
B is the answer for me Only way to get around overlapping IP range is using endpoint service
upvoted 7 times
...
0b43291
Most Recent 5 months, 1 week ago
Selected Answer: B
By using a VPC endpoint service with the "require endpoint acceptance" option, the company can securely and efficiently provide connectivity from the client applications in the business unit VPCs to the centralized application in the shared VPC, while addressing the requirements of overlapping CIDR blocks and controlled access. A. AWS Transit Gateway: While Transit Gateway can connect multiple VPCs, it does not provide a mechanism to control access or handle overlapping CIDR blocks between VPCs. C. VPC Peering: VPC peering does not support overlapping CIDR blocks between VPCs, which is a requirement in this scenario. Additionally, managing multiple VPC peering connections can become complex and difficult to maintain as the number of VPCs increases. D. Site-to-Site VPN: No
upvoted 3 times
...
AzureDP900
5 months, 2 weeks ago
By choosing Option B, you get secure, private connectivity between the client applications in the business unit VPCs and the centralized application in the shared VPC without introducing unnecessary complexity or costs. This configuration provides secure, private connectivity between the client applications in the business unit VPCs and the centralized application in the shared VPC.
upvoted 1 times
...
Moghite
9 months, 2 weeks ago
Selected Answer: B
only option to get around of IP overlapping https://aws.amazon.com/blogs/networking-and-content-delivery/connecting-networks-with-overlapping-ip-ranges/
upvoted 2 times
...
43c89f4
12 months ago
A is actually. they never mentioned cost effect or less effort solution. when they are not mentioned anything we need to prefer best option
upvoted 1 times
toma
10 months ago
"This requires that automatic route propagation to Transit Gateway be disabled as not all of the subnets in each VPC should be advertised." so it is B
upvoted 1 times
...
sarlos
11 months, 1 week ago
Not possible, because TGW does not support overlapping ranges
upvoted 3 times
...
...
career360guru
1 year, 1 month ago
Selected Answer: B
option B
upvoted 1 times
...
arberod
1 year, 2 months ago
Selected Answer: B
B is the answer
upvoted 2 times
...
HunkyBunky
1 year, 2 months ago
Selected Answer: B
Answer is B Application already uses NLB so this is a best way for solve that task
upvoted 2 times
...
kejam
1 year, 2 months ago
Selected Answer: B
https://www.examtopics.com/discussions/amazon/view/46708-exam-aws-certified-solutions-architect-professional-topic-1/ https://aws.amazon.com/blogs/networking-and-content-delivery/connecting-networks-with-overlapping-ip-ranges/
upvoted 4 times
...
master9
1 year, 2 months ago
Selected Answer: B
VPC Endpoint Service can do the job
upvoted 1 times
...
alexis123456
1 year, 2 months ago
Correct Answer is A
upvoted 4 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago