ExamTopics Logo
Mail Us[email protected]
Menu
Amazon Discussions
exam questions

Exam AWS Certified SysOps Administrator - Associate All Questions

View all questions & answers for the AWS Certified SysOps Administrator - Associate exam
Go to Exam

Exam AWS Certified SysOps Administrator - Associate topic 1 question 269 discussion

Exam question from Amazon's AWS Certified SysOps Administrator - Associate
Question #: 269
Topic #: 1
[All AWS Certified SysOps Administrator - Associate Questions]

A company currently runs its infrastructure within a VPC in a single Availability Zone. The VPC is connected to the company’s on-premises data center through an AWS Site-to-Site VPN connection attached to a virtual private gateway. The on-premises route tables route all VPC networks to the VPN connection. Communication between the two environments is working correctly. A SysOps administrator created new VPC subnets within a new Availability Zone, and deployed new resources within the subnets. However, communication cannot be established between the new resources and the on-premises environment.

Which steps should the SysOps administrator take to resolve the issue?

  • A. Add a route to the route tables of the new subnets that send on-premises traffic to the virtual private gateway.
  • B. Create a ticket with AWS Support to request adding Availability Zones to the Site-to-Site VPN route configuration.
  • C. Establish a new Site-to-Site VPN connection between a virtual private gateway attached to the new Availability Zone and the on-premises data center.
  • D. Replace the Site-to-Site VPN connection with an AWS Direct Connect connection.
Show Suggested Answer Hide Answer
Suggested Answer: A 🗳️
by trvtrinh at July 23, 2023, 2:47 p.m.
Disclaimers:
  • - ExamTopics website is not related to, affiliated with, endorsed or authorized by Amazon.
  • - Trademarks, certification & product names are used for reference only and belong to Amazon.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
ansible902
10 months ago
Selected Answer: A
Site-to-Site VPN connects the customer's GW with the VGW in the VPC. Therefore, since the VGWs in the VPC are connected, you only need to add routing tables.
upvoted 3 times
...
Christina666
11 months, 1 week ago
Selected Answer: A
When new subnets are created within a new Availability Zone, they are associated with their own route tables. By default, these route tables do not have the necessary route to direct traffic from the new subnets to the on-premises data center via the existing Site-to-Site VPN connection. The SysOps administrator needs to add a route in the route table of the new subnets that points to the virtual private gateway, just like the route that is already present in the route table of the existing subnet.
upvoted 2 times
...
trvtrinh
11 months, 2 weeks ago
A is correct In the current setup, the on-premises route tables already route all VPC networks to the VPN connection, which is attached to the virtual private gateway. However, when new subnets are created in a new Availability Zone, they have their own route tables. By default, these new route tables do not include the necessary route to direct traffic to the on-premises data center through the VPN connection.
upvoted 2 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel