AWS Certified Solutions Architect - Professional

Get started today

Ultimate access to all questions.

Quick Answer

Answer-first summary for fast verification

Answer: Create a transit gateway, attach the Site-to-Site VPN, VPC A, and VPC B to it, and update the transit gateway route tables for all networks to include IP range routes for the other networks.

Option A is the correct answer. The use of a transit gateway allows for easy and centralized management of connectivity between multiple VPCs and on-premises networks. By attaching both VPC A and VPC B, as well as the Site-to-Site VPN to a single transit gateway, Example Corp. can efficiently route traffic between the on-premises data center and both VPCs. This method minimizes operational complexity and workload by consolidating routing configurations in one place. Other options are either incorrect in their use of AWS components or require more complex and error-prone configurations. For instance, Option B suggests an unnecessary additional VPN connection and an incorrect use of the transit gateway. Option C's approach would not achieve the desired connectivity due to limitations in VPC peering. Option D misunderstands the capabilities of the virtual private gateway, which cannot be shared in the suggested manner.

Author: LeetQuiz Editorial Team

Quick Answer

Answer-first summary for fast verification

Answer: Create a transit gateway, attach the Site-to-Site VPN, VPC A, and VPC B to it, and update the transit gateway route tables for all networks to include IP range routes for the other networks.

Author: LeetQuiz Editorial Team

Comments (0)

No comments yet.

Example Corp. has an on-premises data center connected to a VPC named VPC A via an AWS Site-To-Site VPN. The on-premises servers can access VPC A. Example Corp. has recently acquired AnyCompany, which has a VPC named VPC B. There is no IP address overlap between these networks, and VPC A and VPC B are peered. Example Corp. aims to enable its on-premises servers to access VPC B. The network ACLs and security groups have been properly configured. What is the most operationally efficient solution to achieve this connectivity?

Exam-Like

Create a transit gateway, attach the Site-to-Site VPN, VPC A, and VPC B to it, and update the transit gateway route tables for all networks to include IP range routes for the other networks.

50.0%

Create a transit gateway, establish a Site-to-Site VPN connection between the on-premises network and VPC B, and connect the VPN to the transit gateway. Add a route to direct traffic to the peered VPCs and an authorization rule to allow access to VPCs A and B.

28.6%

Update the route tables for the Site-to-Site VPN and both VPCs for all three networks, configure BGP propagation for these networks, and wait for BGP propagation to complete (up to 5 minutes).

7.1%

Modify the Site-to-Site VPN’s virtual private gateway to include both VPC A and VPC B, and split the virtual private gateway's routers between the two VPCs.