Explanation:
AWS Transit Gateway is a regional resource. To connect VPCs across multiple Regions, you must create a Transit Gateway in each Region and then establish Transit Gateway Peering connections between them. Sharing the TGW using AWS Resource Access Manager (RAM) allows other accounts in the organization to attach their VPCs to it. This provides a scalable hub-and-spoke architecture that works across multiple regions and accounts. Option B is incorrect because a single Transit Gateway cannot span multiple regions directly; it requires peering.
Ultimate access to all questions.
No comments yet.
Question #43: A global company uses an organization in AWS Organizations to manage multiple AWS accounts. To comply with regulations, the company deploys workload environments to five AWS Regions. The company has a separate AWS account for each Region. The company needs to connect every environment's VPC to a central shared VPC that serves as a directory and to a shared monitoring VPC. The shared accounts are each in separate AWS accounts. Which solution will meet these requirements?
A
Create a separate transit gateway in every Region where the company has deployed resources. Share the transit gateways with company’s AWS accounts. Connect the VPC in each Region to the transit gateway that is in the same Region. Peer the transit gateways. Create appropriate routes in all route tables.
B
Create a transit gateway in the central shared AWS account. Share the transit gateway with the company’s AWS accounts. Connect all VPCs to the central transit gateway.
C
Create a virtual private gateway for the shared VPCs. Create a customer gateway for the workload VPCs. Configure an AWS Site-to-Site VPN connection between the directory VPC, the monitoring VPC, and every workload VPC.
D
Create VPC peering connections between the central shared VPC, the shared monitoring VPC, and every workload VPC.
E
None
F
None