ExamTopics Logo
Mail Us[email protected]
Menu
Amazon Discussions
exam questions

Exam AWS Certified Solutions Architect - Professional All Questions

View all questions & answers for the AWS Certified Solutions Architect - Professional exam
Go to Exam

Exam AWS Certified Solutions Architect - Professional topic 1 question 231 discussion

Exam question from Amazon's AWS Certified Solutions Architect - Professional
Question #: 231
Topic #: 1
[All AWS Certified Solutions Architect - Professional Questions]

ABC has created a multi-tenant Learning Management System (LMS). The application is hosted for five different tenants (clients) in the VPCs of the respective
AWS accounts of the tenant. ABC wants to setup a centralized server which can connect with the LMS of each tenant upgrade if required. ABC also wants to ensure that one tenant VPC should not be able to connect to the other tenant VPC for security reasons.
How can ABC setup this scenario?

  • A. ABC has to setup one centralized VPC which will peer in to all the other VPCs of the tenants.
  • B. ABC should setup VPC peering with all the VPCs peering each other but block the IPs from CIDR of the tenant VPCs to deny them.
  • C. ABC should setup all the VPCs with the same CIDR but have a centralized VPC. This way only the centralized VPC can talk to the other VPCs using VPC peering.
  • D. ABC should setup all the VPCs meshed together with VPC peering for all VPCs.
Show Suggested Answer Hide Answer
Suggested Answer: A 🗳️
A Virtual Private Cloud (VPC) is a virtual network dedicated to the user's AWS account. It enables the user to launch AWS resources into a virtual network that the user has defined. A VPC peering connection allows the user to route traffic between the peer VPCs using private IP addresses as if they are a part of the same network.
This is helpful when one VPC from the same or different AWS account wants to connect with resources of the other VPC. The organization wants to setup that one VPC can connect with all the other VPCs but all other VPCs cannot connect among each other. This can be achieved by configuring VPC peering where one
VPC is peered with all the other VPCs, but the other VPCs are not peered to each other. The VPCs are in the same or a separate AWS account and should not have overlapping CIDR blocks.
Reference:
http://docs.aws.amazon.com/AmazonVPC/latest/PeeringGuide/peering-configurations-full-access.html#many-vpcs-full-acces
by awsnoob at Feb. 10, 2021, 9:54 a.m.
Disclaimers:
  • - ExamTopics website is not related to, affiliated with, endorsed or authorized by Amazon.
  • - Trademarks, certification & product names are used for reference only and belong to Amazon.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
awsnoob
Highly Voted 3 years, 7 months ago
Ans A. Although if you have more than 5 VPC to peer, you should use Transit Gateway
upvoted 5 times
01037
3 years, 7 months ago
Transit Gateway is used for multiple VPCs connecting to each other. A is more suitable for the situation of the question.
upvoted 3 times
...
ryu10_09
3 years, 5 months ago
you want to say 50 peering per VPC not 5
upvoted 2 times
...
...
amministrazione
Most Recent 8 months, 3 weeks ago
A. ABC has to setup one centralized VPC which will peer in to all the other VPCs of the tenants.
upvoted 1 times
...
Sat897
1 year, 2 months ago
Going thru the question: Option A will be valid until this statement "ABC has created a multi-tenant Learning Management System (LMS). The application is hosted for five different tenants (clients) in the VPCs of the respective AWS accounts of the tenant. ABC wants to setup a centralized server which can connect with the LMS of each tenant upgrade if required" but they ABC don't want to connect to other vpc tenant interms of security.. I preferred to go with B
upvoted 1 times
...
SkyZeroZx
1 year, 10 months ago
Selected Answer: A
The most suitable option for ABC to set up the described scenario is: A. ABC has to set up one centralized VPC which will peer into all the other VPCs of the tenants. Explanation: Setting up a centralized VPC with peering connections to the VPCs of each tenant is the recommended approach to achieve the desired scenario. This setup allows ABC to have a centralized server that can connect to the Learning Management Systems (LMS) of each tenant for upgrades or other required activities.
upvoted 1 times
...
Sizuma
2 years, 8 months ago
Explanation: A Virtual Private Cloud (VPC) is a virtual network dedicated to the user's AWS account. It enables the user to launch AWS resources into a virtual network that the user has defined. A VPC peering connection allows the user to route traffic between the peer VPCs using private IP addresses as if they are a part of the same network. This is helpful when one VPC from the same or different AWS account wants to connect with resources of the other VPC. The organization wants to setup that one VPC can connect with all the other VPCs but all other VPCs cannot connect among each other. This can be achieved by configuring VPC peering where one VPC is peered with all the other VPCs, but the other VPCs are not peered to each other. The VPCs are in the same or a separate AWS account and should not have overlapping CIDR blocks. http://docs.aws.amazon.com/AmazonVPC/latest/PeeringGuide/peering-configurations-full-access.html#many-vpcs-full-acces A right options
upvoted 1 times
...
HellGate
3 years, 3 months ago
C seems more strong way than A.
upvoted 4 times
Chuky64
2 years, 11 months ago
The subnets have the same CIDR, how to enrute the taffic?
upvoted 1 times
...
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago