A company utilizes AWS Organizations to manage its development environment, where each development team has its own AWS account with a non-overlapping CIDR block in a single VPC. The company maintains an Amazon Aurora DB cluster in a shared services account, and all development teams require access to live data from this cluster. What is the most operationally efficient solution to provide connectivity to the DB cluster for all development accounts?

Exam-Like

Implement an AWS Resource Access Manager (AWS RAM) resource share for the DB cluster, enabling sharing of the DB cluster with all development accounts.

54.5%

Establish a transit gateway in the shared services account, followed by an AWS Resource Access Manager (AWS RAM) resource share for the transit gateway. Share the transit gateway with all development accounts, instructing developers to accept the resource share and configure networking accordingly.

18.2%

Deploy an Application Load Balancer (ALB) targeting the IP address of the DB cluster, and create an AWS PrivateLink endpoint service utilizing the ALB. Grant permissions to each development account to connect to the endpoint service.

18.2%

Set up an AWS Site-to-Site VPN connection in the shared services account, configure networking, and utilize AWS Marketplace VPN software in each development account to establish a connection to the Site-to-Site VPN.

9.1%

AWS Certified Solutions Architect - Professional

Get started today

Comments