Exam AWS Certified Solutions Architect - Associate SAA-C02 topic 1 question 400 discussion

https://docs.aws.amazon.com/vpc/latest/peering/what-is-vpc-peering.html: You can establish peering relationships between VPCs across different AWS Regions (also called Inter-Region VPC Peering). This allows VPC resources including EC2 instances, Amazon RDS databases and Lambda functions that run in different AWS Regions to communicate with each other using private IP addresses, without requiring gateways, VPN connections, or separate network appliances. The traffic remains in the private IP space" Answer D

Answer is D. https://docs.aws.amazon.com/vpc/latest/peering/what-is-vpc-peering

lol i see this question in cloud practitioner exam

D A VPC peering connection is a networking connection between two VPCs that enables you to route traffic between them using private IPv4 addresses or IPv6 addresses The VPCs can be in different regions (also known as an inter-region VPC peering connection). https://docs.aws.amazon.com/vpc/latest/peering/what-is-vpc-peering.html

A = traffic will traverse over the internet B = VPC endpoints only work in the same region as per this resource: https://aws.amazon.com/blogs/architecture/using-vpc-endpoints-in-multi-region-architectures-with-route-53-resolver/ "The challenge some customers have faced is that VPC endpoints can only be used to access resources in the same Region as the endpoint. For example, an Amazon Simple Storage Service (S3) VPC endpoint deployed in us-east-1 can only be used to access S3 buckets also located in us-east-1. To access a bucket in us-east-2, that traffic has to traverse the public internet. Ideally, customers want to keep this traffic within their private network and apply VPC endpoint policies, regardless of the Region where the resource is located." C = traffic will traverse over the internet D = A VPC uses AWS internal infrastructure to communicate

Answer is "D"

The answer is between B and D, they both support Cross-region access. I know some AWS documents are confusing....The only difference is VPC peering does NOT support CIDR overlap, while VPC endpoint supports it. What if two VPCs have overlapping subnet, we need to consider all possible scenarios. https://support.huaweicloud.com/intl/en-us/vpcep_faq/vpcep_04_0004.html So the answer is B

Somebody please say why not VPC endpoint?

Answer D I too thought aboubt B initially and then changed my answer back https://aws.amazon.com/about-aws/whats-new/2017/11/announcing-support-for-inter-region-vpc-peering/#:~:text=Inter%2DRegion%20VPC%20Peering%20allows,connections%20or%20separate%20network%20appliances.

You can create a VPC endpoint to connect your local data center to a cloud service using a VPN connection or a direct connection over an internal network. VPC Peering supports only communication between two VPCs in the same region. The answer should be B since it's across regions

I am trying to understand - considering VPC endpoint does not require public IP address, why the answer can't be VPC endpoint? Can someone help? Thanks.

VPC peering over the AWS backbone network. D

D for sure

D. VPC Peering.

D. Create a VPC peering connection and update the route table of the EC2 instancesג€™ subnet.