AWS Certified Solutions Architect - Professional

Get started today

Ultimate access to all questions.

Quick Answer

Answer-first summary for fast verification

Answer: Deploy a transit gateway and share it across the existing AWS accounts, attaching the existing VPCs to the transit gateway, and configuring the necessary routing to enable internet access.

The correct answer is B. Using a transit gateway is a scalable solution for this scenario, as it allows you to easily manage connectivity between hundreds of VPCs across multiple AWS accounts. By sharing the transit gateway with the existing AWS accounts and attaching the existing VPCs to it, you can centralize the routing configuration and ensure that all internet-bound traffic from the private subnets in the spoke VPCs can be routed through the egress VPC via the NAT gateway.

Author: LeetQuiz Editorial Team

Quick Answer

Answer-first summary for fast verification

Answer: Deploy a transit gateway and share it across the existing AWS accounts, attaching the existing VPCs to the transit gateway, and configuring the necessary routing to enable internet access.

Author: LeetQuiz Editorial Team

Comments (0)

No comments yet.

A large company operates workloads across hundreds of AWS accounts, with each account containing VPCs that include both public and private subnets spanning multiple Availability Zones. NAT gateways are established in the public subnets to facilitate internet access from the private subnets. A solutions architect is tasked with implementing a hub-and-spoke network architecture where all private subnets in the spoke VPCs must route internet-bound traffic through an egress VPC. The architect has already set up a NAT gateway in the egress VPC within a central AWS account. What additional steps should the solutions architect implement to fulfill these connectivity requirements?

Exam-Like

Last updated: March 12, 2026 at 14:03

Establish VPC peering connections between the egress VPC and the spoke VPCs, and configure the necessary routing to enable internet access.

16.7%

Deploy a transit gateway and share it across the existing AWS accounts, attaching the existing VPCs to the transit gateway, and configuring the necessary routing to enable internet access.

58.3%

Deploy a transit gateway in each AWS account, attach the NAT gateway to these transit gateways, and configure the necessary routing to enable internet access.

25.0%

Set up an AWS PrivateLink connection between the egress VPC and the spoke VPCs, and configure the necessary routing to enable internet access.