ExamTopics Logo
Mail Us[email protected]
Menu
Amazon Discussions
exam questions

Exam AWS Certified Solutions Architect - Professional All Questions

View all questions & answers for the AWS Certified Solutions Architect - Professional exam
Go to Exam

Exam AWS Certified Solutions Architect - Professional topic 1 question 813 discussion

Exam question from Amazon's AWS Certified Solutions Architect - Professional
Question #: 813
Topic #: 1
[All AWS Certified Solutions Architect - Professional Questions]

A company in the United States (US) has acquired a company in Europe. Both companies use the AWS Cloud. The US company has built a new application with a microservices architecture. The US company is hosting the application across five VPCs in the us-east-2 Region. The application must be able to access resources in one VPC in the eu-west-1 Region. However, the application must not be able to access any other VPCs.
The VPCs in both Regions have no overlapping CIDR ranges. All Accounts are already consolidated in one organization in AWS Organizations.
Which solution will meet these requirements MOST cost-effectively?

  • A. Create one transit gateway in eu-west-1. Attach the VPCs in us-east-2 and the VPC in eu-west-1 to the transit gateway. Create the necessary route entries in each VPC so that the traffic is routed through the transit gateway.
  • B. Create one transit gateway in each Region. Attach the involved subnets to the regional transit gateway. Create the necessary route entries in the associated route tables for each subnet so that the traffic is routed through the regional transit gateway. Peer the two transit gateways.
  • C. Create a full mesh VPC peering connection configuration between all the VPCs. Create the necessary route entries in each VPC so that the traffic is routed through the VPC peering connection.
  • D. Create one VPC peering connection for each VPC in us-east-2 to the VPC in eu-west-1. Create the necessary route entries in each VPC so that the traffic is routed through the VPC peering connection.
Show Suggested Answer Hide Answer
Suggested Answer: D 🗳️
by RamCrk at Dec. 30, 2021, 11:40 p.m.
Disclaimers:
  • - ExamTopics website is not related to, affiliated with, endorsed or authorized by Amazon.
  • - Trademarks, certification & product names are used for reference only and belong to Amazon.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
ppandey96
Highly Voted 3 years, 5 months ago
Selected Answer: D
https://docs.aws.amazon.com/whitepapers/latest/building-scalable-secure-multi-vpc-network-infrastructure/transit-gateway-vs-vpc-peering.html Lower cost — With VPC peering you only pay for data transfer charges. Transit Gateway has an hourly charge per attachment in addition to the data transfer fees.
upvoted 9 times
...
ggrodskiy
Most Recent 1 year, 11 months ago
Correct A.
upvoted 1 times
...
kadev
2 years, 10 months ago
Right Aswer is D Explain: B and D is also right solutions to connect VPCs. But, two points you need to consider to pick the best aswer: - the best effort-cost - "The application, however, must be unable to access any other VPCs" => that mean, each VPC in US can connect to EU, but US VPCs must unable to connect together => Transit GW is ignore
upvoted 2 times
...
hilft
2 years, 11 months ago
The question is asking cheap options. D
upvoted 1 times
...
asfsdfsdf
2 years, 11 months ago
Selected Answer: D
D - is the most cost effective A - not possible you cant attach VPCs from multi-regions to one transit GW B - Can work but not cost effective you pay every hour for a transit GW attachments C - Can work but no need for full mesh the requirement is for one VPC
upvoted 3 times
asfsdfsdf
2 years, 11 months ago
Also "The application, however, must be unable to access any other VPCs." this for states about peering and also exclude C
upvoted 1 times
...
...
aandc
3 years ago
Go with D A is more expensive than D
upvoted 2 times
Jesuisleon
2 years ago
A is Wrong, Transit gateway is regional service, you need to peer TGW from different regions like B. ( D is cheaper than B.)
upvoted 1 times
...
...
bobsmith2000
3 years, 1 month ago
Selected Answer: D
The Q states "The application, however, must be unable to access any other VPCs". VPC Peering doesn't allow transitive routing.
upvoted 1 times
...
hilft
3 years, 1 month ago
It's A. D. is wrong because there are 5 VPCs in the U.S and peering each of them are operationally headwinds. B. is wrong. Transit gateway is ideal over the vpc but there is only 'a single' VPC in the eu-west-1 Region. You don't need two transitory gateway in each regions. C. Wrong wrong.
upvoted 1 times
asfsdfsdf
2 years, 11 months ago
How can you attach VPC from multiple regions to the same transit GW?
upvoted 1 times
...
zekesg
2 years, 11 months ago
B is wrong but not because of the reason you mentioned. Its wrong because its more costier solution than D. Transit gateway is a regional service and hence you cannot link vpc in different regions to a same transit gateway.
upvoted 3 times
...
...
antonisnyc
3 years, 1 month ago
D is incorrect because TRANSITIVE TRAFFIC IS NOT ALLOWED with vpc peering and the question states that the business requires access to all vpcs.. The application has 5 VPCs. Thus it's either B or C, but it'd go with B
upvoted 2 times
...
ArreRaja
3 years, 1 month ago
B https://aws.amazon.com/blogs/networking-and-content-delivery/building-a-global-network-using-aws-transit-gateway-inter-region-peering/
upvoted 1 times
...
hfeng95
3 years, 1 month ago
D. Cost effective and app can not access all others VPC. Transit gateway by default connect all vpc in a hub and spoke fashion.
upvoted 1 times
...
ravisar
3 years, 5 months ago
Answer is D. AWS Transit Gateway connects VPC and on-premises networks through a central hub. There is no On-prem network here. So A & B is out.
upvoted 1 times
parasf
3 years, 4 months ago
you are aware what you have written here right? Transit gateway is used to resolve mesh created by VPC Peering.
upvoted 2 times
...
...
Milind
3 years, 5 months ago
It's A https://aws.amazon.com/blogs/networking-and-content-delivery/automating-aws-transit-gateway-attachments-to-a-transit-gateway-in-a-central-account/
upvoted 2 times
...
tkanmani76
3 years, 6 months ago
Option D - Addreses the requirement of apps in VPC to connect to resources in eu-west. Cost effective over using transit gateways.
upvoted 3 times
wahlbergusa
3 years, 5 months ago
It is absolutely D. Each attachment to a transit gateway incurs charges. (on top of the per GB charge) , VPC peering would be cheaper.
upvoted 1 times
...
...
padel
3 years, 6 months ago
B - inter-region transit gateway
upvoted 1 times
...
GeniusMikeLiu
3 years, 6 months ago
Hi Guys , is B right?
upvoted 1 times
...
RamCrk
3 years, 6 months ago
D , i suggest
upvoted 3 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel