A company is moving its containerized application to AWS, using an ingress VPC with a Network Load Balancer (NLB) to route traffic to front-end pods in an Amazon EKS cluster. The front end will identify users and direct traffic to one of 10 services VPCs, each with an NLB distributing traffic to service pods in an EKS cluster. The company is concerned about costs, as user traffic will exceed 10 TB of data transfer monthly between the ingress VPC and services VPCs.

What is the most cost-effective solution for designing communication between these VPCs?

Exam-Like

Create a transit gateway. Peer each VPC to the transit gateway. Use zonal DNS names for the NLB in the services VPCs to minimize cross-AZ traffic from the ingress VPC to the services VPCs.

Create an AWS PrivateLink endpoint in every Availability Zone in the ingress VPC. Each PrivateLink endpoint will point to the zonal DNS entry of the NLB in the services VPCs.

Create a VPC peering connection between the ingress VPC and each of the 10 services VPCs. Use zonal DNS names for the NLB in the services VPCs to minimize cross-AZ traffic from the ingress VPC to the services VPCs.

Create a transit gateway. Peer each VPC to the transit gateway. Turn off cross-AZ load balancing on the transit gateway. Use Regional DNS names for the NLB in the services VPCs.

AWS Certified Advanced Networking - Specialty

Get started today

Comments