A company with multiple business units, each having separate AWS accounts and overlapping CIDR ranges in their VPCs, needs to make a new internal application created by the marketing team accessible to all other business units using private IP addresses only. What is the most operationally efficient solution to achieve this?

Exam-Like

Add a unique secondary CIDR range to each business unit's VPC, peer the VPCs, and use a private NAT gateway in the secondary range for routing traffic to the marketing team.

0.0%

Deploy an Amazon EC2 instance as a virtual appliance in the marketing team's VPC and establish an AWS Site-to-Site VPN connection with each business unit's VPC, performing NAT where necessary.

0.0%

Set up an AWS PrivateLink endpoint service for the marketing application, allowing specific AWS accounts access permissions and creating interface VPC endpoints in other accounts for private IP access.

100.0%

Deploy a Network Load Balancer (NLB) in front of the marketing application within a private subnet, create an API Gateway API with Amazon API Gateway private integration to the NLB, enable IAM authorization for the API, and grant access to other business unit accounts.

0.0%

AWS Certified Solutions Architect - Professional

Get started today

Comments