Ultimate access to all questions.
A company hosts a centralized Amazon EC2 application in a single shared VPC, which needs to be accessible by client applications in multiple business unit VPCs. The application's front end utilizes a Network Load Balancer (NLB) for scalability. Up to 10 business unit VPCs must connect to the shared VPC, with some having overlapping CIDR blocks with the shared VPC and among themselves. Only authorized business unit VPCs should have network connectivity to the centralized application in the shared VPC. What network configuration should a solutions architect implement to ensure connectivity from the client applications in the business unit VPCs to the centralized application in the shared VPC?
A
Create an AWS Transit Gateway, attach the shared VPC and authorized business unit VPCs to it, and establish a single transit gateway route table associated with all attached VPCs. Enable automatic route propagation from the attachments into the route table, and configure VPC routing tables to direct traffic to the transit gateway.
B
Set up a VPC endpoint service using the centralized application's NLB, requiring endpoint acceptance. Create a VPC endpoint in each business unit VPC using the service name of the endpoint service, and manage authorized endpoint requests through the endpoint service console.
C
Establish a VPC peering connection from each business unit VPC to the shared VPC, accepting these connections from the shared VPC console. Update VPC routing tables to route traffic through the VPC peering connection.
D
Configure a virtual private gateway for the shared VPC and customer gateways for each authorized business unit VPC. Set up a Site-to-Site VPN connection from the business unit VPCs to the shared VPC, and adjust VPC routing tables to route traffic via the VPN connection.