ExamTopics Logo
Mail Us[email protected]
Menu
Amazon Discussions
exam questions

Exam AWS Certified Solutions Architect - Professional All Questions

View all questions & answers for the AWS Certified Solutions Architect - Professional exam
Go to Exam

Exam AWS Certified Solutions Architect - Professional topic 1 question 919 discussion

Exam question from Amazon's AWS Certified Solutions Architect - Professional
Question #: 919
Topic #: 1
[All AWS Certified Solutions Architect - Professional Questions]

A company has introduced a new policy that allows employees to work remotely from their homes if they connect by using a VPN. The company is hosting internal applications with VPCs in multiple AWS accounts. Currently, the applications are accessible from the company's on-premises office network through an AWS Site- to-Site VPN connection. The VPC in the company's main AWS account has peering connections established with VPCs in other AWS accounts.
A solutions architect must design a scalable AWS Client VPN solution for employees to use while they work from home.
What is the MOST cost-effective solution that meets these requirements?

  • A. Create a Client VPN endpoint in each AWS account. Configure required routing that allows access to internal applications.
  • B. Create a Client VPN endpoint in the main AWS account. Configure required routing that allows access to internal applications.
  • C. Create a Client VPN endpoint in the main AWS account. Provision a transit gateway that is connected to each AWS account. Configure required routing that allows access to internal applications.
  • D. Create a Client VPN endpoint in the main AWS account. Establish connectivity between the Client VPN endpoint and the AWS Site-to-Site VPN.
Show Suggested Answer Hide Answer
Suggested Answer: B 🗳️
by cale at Sept. 7, 2022, 3:56 a.m.
Disclaimers:
  • - ExamTopics website is not related to, affiliated with, endorsed or authorized by Amazon.
  • - Trademarks, certification & product names are used for reference only and belong to Amazon.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
pinhead900
Highly Voted 2 years, 7 months ago
but Edge to edge routing through a VPN connection doesnt work on aws: https://docs.aws.amazon.com/vpc/latest/peering/invalid-peering-configurations.html TGW would be a must in this cae
upvoted 5 times
sb333
2 years, 6 months ago
The use cases of that link do not apply to Client VPN, which is an endpoint "inside" a VPC. The answer is B.
upvoted 1 times
sb333
2 years, 6 months ago
https://docs.aws.amazon.com/vpn/latest/clientvpn-admin/scenario-peered.html
upvoted 2 times
...
...
pek77
2 years, 6 months ago
If VPC A has a VPN connection to a corporate network, resources in VPC B can't use the VPN connection to communicate with the corporate network. this question mentioned: from the company's on-premises office network through an AWS Site- to-Site VPN connection. I think from on-premises to VPC B is ok... according https://docs.aws.amazon.com/vpn/latest/clientvpn-admin/scenario-peered.html
upvoted 1 times
...
...
nimbus_00
Most Recent 6 months, 2 weeks ago
Selected Answer: B
The main AWS account already has VPC peering connections established with the other VPCs in different AWS accounts. This means that once users connect to the Client VPN in the main AWS account, they can access the internal applications in the other accounts through the peering connections.
upvoted 1 times
...
Greanny
1 year, 3 months ago
ChatGPT Option B is cost-effective because it involves creating a single Client VPN endpoint in the main AWS account. This simplifies the setup and management compared to creating multiple endpoints in each AWS account (Option A) or provisioning a transit gateway (Option C). Option D is not the best choice because it suggests establishing connectivity between the Client VPN endpoint and the AWS Site-to-Site VPN, which is not necessary for providing remote access to internal applications. This option introduces additional complexity and may not be the most efficient solution for remote work scenarios.
upvoted 1 times
...
Cloudyheema
2 years, 2 months ago
Selected Answer: B
B - Client VPN endpoints can access peered VPCS https://docs.aws.amazon.com/vpn/latest/clientvpn-admin/scenario-peered.html
upvoted 1 times
...
Arunava1
2 years, 3 months ago
the statement. "Currently, the applications are accessible from the company's on-premises office network through an AWS Site- to-Site VPN connection. The VPC in the company's main AWS account has peering connections established with VPCs in other AWS accounts." is wrong. applications cannot be accessed from on -prem through a different vpc through peering. But if we use client vpn it is accessable. So I am confused here
upvoted 2 times
...
masetromain
2 years, 3 months ago
Selected Answer: B
B. Create a Client VPN endpoint in the main AWS account. Configure required routing that allows access to internal applications. This solution would allow employees to use the Client VPN endpoint in the main AWS account to access the internal applications hosted in the VPCs in the other AWS accounts. By having the Client VPN endpoint in the main AWS account, the routing can be configured to allow access to the internal applications through the existing peering connections. This solution is cost-effective because it only requires a single Client VPN endpoint and does not require additional resources such as a transit gateway or additional VPN connections.
upvoted 2 times
...
[Removed]
2 years, 6 months ago
Selected Answer: B
https://docs.aws.amazon.com/vpn/latest/clientvpn-admin/scenario-peered.html
upvoted 3 times
...
AwsBRFan
2 years, 7 months ago
Selected Answer: B
I agree also since "peering connections established"
upvoted 2 times
...
cale
2 years, 7 months ago
Selected Answer: B
I agree it's B. Option C is redundant and not cost-effective.
upvoted 2 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago