AWS Certified Advanced Networking - Specialty

Get started today

Ultimate access to all questions.

Quick Answer

Answer-first summary for fast verification

Answer: Create a transit gateway. Peer each VPC to the transit gateway. Use zonal DNS names for the NLB in the services VPCs to minimize cross-AZ traffic from the ingress VPC to the services VPCs.

To minimize costs while ensuring efficient data transfer between the ingress VPC and the services VPCs, the best approach is to use a transit gateway. This allows for centralized management of VPC connections and can reduce the complexity and cost associated with multiple VPC peering connections. Option A suggests creating a transit gateway and peering each VPC to it, which is a scalable and cost-effective solution. Using zonal DNS names for the NLB in the services VPCs helps minimize cross-AZ traffic, further reducing costs. Option B, while it uses AWS PrivateLink, could potentially be more expensive due to the need for an endpoint in every Availability Zone. Option C, creating a VPC peering connection between the ingress VPC and each of the 10 services VPCs, would not only be complex to manage but also more expensive due to the data transfer costs associated with VPC peering. Option D suggests turning off cross-AZ load balancing on the transit gateway, which could lead to inefficiencies and potential bottlenecks, making it less ideal. Therefore, the most cost-effective and efficient solution is Option A.

Author: LeetQuiz Editorial Team

Quick Answer

Answer-first summary for fast verification

Answer: Create a transit gateway. Peer each VPC to the transit gateway. Use zonal DNS names for the NLB in the services VPCs to minimize cross-AZ traffic from the ingress VPC to the services VPCs.

Author: LeetQuiz Editorial Team

Comments (0)

No comments yet.

A company is moving its containerized application to AWS, using an ingress VPC with a Network Load Balancer (NLB) to route traffic to front-end pods in an Amazon EKS cluster. The front end will identify users and direct traffic to one of 10 services VPCs, each with an NLB distributing traffic to service pods in an EKS cluster. The company is concerned about costs, as user traffic will exceed 10 TB of data transfer monthly between the ingress VPC and services VPCs.

What is the most cost-effective solution for designing communication between these VPCs?

Exam-Like

Create a transit gateway. Peer each VPC to the transit gateway. Use zonal DNS names for the NLB in the services VPCs to minimize cross-AZ traffic from the ingress VPC to the services VPCs.

Create an AWS PrivateLink endpoint in every Availability Zone in the ingress VPC. Each PrivateLink endpoint will point to the zonal DNS entry of the NLB in the services VPCs.

Create a VPC peering connection between the ingress VPC and each of the 10 services VPCs. Use zonal DNS names for the NLB in the services VPCs to minimize cross-AZ traffic from the ingress VPC to the services VPCs.

Create a transit gateway. Peer each VPC to the transit gateway. Turn off cross-AZ load balancing on the transit gateway. Use Regional DNS names for the NLB in the services VPCs.