ExamTopics Logo
Mail Us[email protected]
Menu
Amazon Discussions
exam questions

Exam AWS Certified Solutions Architect - Professional All Questions

View all questions & answers for the AWS Certified Solutions Architect - Professional exam
Go to Exam

Exam AWS Certified Solutions Architect - Professional topic 1 question 923 discussion

Exam question from Amazon's AWS Certified Solutions Architect - Professional
Question #: 923
Topic #: 1
[All AWS Certified Solutions Architect - Professional Questions]

A company has set up a multi-account AWS environment by using AWS Control Tower. Each AWS account that AWS Control Tower creates has its own VPC.
The company is developing an application that will integrate with many microservices. The company has designated a specific account to host the application. The company will deploy the microservices on Amazon EC2 instances and will implement the microservices across multiple AWS accounts.
The microservices require a high degree of interconnectivity. The company needs a solution that will give the application the ability to communicate privately with the microservices. The solution also must minimize cost and operational overhead.
Which solution will meet these requirements?

  • A. Use AWS VPN CloudHub to connect the application VPC to all the other VPCs. Use a virtual private gateway to provide traffic flow between all the VPCs.
  • B. Create VPC peering connections between the application VPC and all the other VPCs. Update the security groups and route tables to allow traffic flow between all the VPCs.
  • C. Create a transit gateway in the application account. Attach the application VPC and all the other VPCs to the transit gateway. Create a transit gateway route table to direct traffic between the VPCs.
  • D. Share the application VPC with the other AWS accounts by using AWS Resource Access Manager (AWS RAM). Deploy the microservices in the shared VPC.
Show Suggested Answer Hide Answer
Suggested Answer: C 🗳️
by AwsBRFan at Sept. 8, 2022, 8:47 p.m.
Disclaimers:
  • - ExamTopics website is not related to, affiliated with, endorsed or authorized by Amazon.
  • - Trademarks, certification & product names are used for reference only and belong to Amazon.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
wassb
Highly Voted 2 years, 6 months ago
Selected Answer: C
You cannot share a VPC but subnets of the VPC. i will go for C
upvoted 8 times
...
Rocketeer
Highly Voted 2 years, 7 months ago
I think D - https://docs.aws.amazon.com/vpc/latest/userguide/vpc-sharing.html
upvoted 6 times
Rocketeer
2 years, 5 months ago
Changing to B. VPC peering is cheaper than transit gateway.
upvoted 1 times
Rocketeer
2 years, 5 months ago
Could not edit my response. If we see from cost perspective, option D is still the cheapest. Hence I am leaning back to D.
upvoted 1 times
...
...
...
WhyIronMan
Most Recent 9 months, 3 weeks ago
Selected Answer: D
D https://docs.aws.amazon.com/vpc/latest/userguide/vpc-sharing.html
upvoted 1 times
...
3a632a3
1 year, 3 months ago
Selected Answer: D
Read the blog that others have posted, it covers every requirement and explains how the other options are more costly. https://aws.amazon.com/es/blogs/architecture/using-vpc-sharing-for-a-cost-effective-multi-account-microservice-architecture/
upvoted 1 times
marszalekm
1 year, 3 months ago
This a bit tricky, depends what author of the questions had in mind but generally you cannot share VPC itself, you can share subnets. https://repost.aws/knowledge-center/vpc-share-subnet-with-another-account Tt the same time AWS uses phrase "share VPC" https://docs.aws.amazon.com/vpc/latest/userguide/vpc-sharing.html I love such questions :)
upvoted 1 times
...
...
ggrodskiy
1 year, 9 months ago
Correct C.
upvoted 2 times
...
SkyZeroZx
1 year, 9 months ago
Selected Answer: D
https://aws.amazon.com/es/blogs/architecture/using-vpc-sharing-for-a-cost-effective-multi-account-microservice-architecture/
upvoted 2 times
vn_thanhtung
1 year, 8 months ago
RAM can not share VPC
upvoted 1 times
...
...
yama234
1 year, 12 months ago
D keyword is "a high degree of interconnectivity". Network Load Balancers in a shared VPC (using AWS RAM) is solution. https://aws.amazon.com/blogs/architecture/using-vpc-sharing-for-a-cost-effective-multi-account-microservice-architecture/
upvoted 1 times
...
dev112233xx
2 years ago
Selected Answer: D
D is 100% the solution and it's also has no costs. no need to use TGW or Peering.
upvoted 1 times
...
andras
2 years, 2 months ago
technically we share subnets... but according to AWS terminology: Share your VPC with other accounts......https://docs.aws.amazon.com/vpc/latest/userguide/vpc-sharing.html
upvoted 1 times
andras
2 years, 2 months ago
and one more: You can share non-default subnets with other accounts within your organization.
upvoted 1 times
...
...
zozza2023
2 years, 3 months ago
can't be D as we can't share vpc (we share subnet)
upvoted 1 times
...
zozza2023
2 years, 3 months ago
Selected Answer: C
i will go for C
upvoted 2 times
...
masetromain
2 years, 3 months ago
Selected Answer: C
C. Create a transit gateway in the application account. Attach the application VPC and all the other VPCs to the transit gateway. Create a transit gateway route table to direct traffic between the VPCs. This solution would allow for communication between the application VPC and all other VPCs, providing the necessary interconnectivity for the microservices. Additionally, using a transit gateway would minimize cost and operational overhead, as it allows for central management of network traffic flow and eliminates the need for a separate VPN connection or VPC peering connection for each VPC.
upvoted 2 times
...
SureNot
2 years, 5 months ago
Selected Answer: C
The microservices require a high degree of interconnectivity C - fits well B - VPC Peering is not transitive D - you can't share VPC, only subnets
upvoted 2 times
...
SureNot
2 years, 5 months ago
Selected Answer: B
Why not B??? The cheap and simple option
upvoted 1 times
...
Koloseum198020
2 years, 5 months ago
https://aws.amazon.com/blogs/architecture/using-vpc-sharing-for-a-cost-effective-multi-account-microservice-architecture/
upvoted 1 times
...
alnadan
2 years, 5 months ago
Selected Answer: D
D Please read this: https://aws.amazon.com/blogs/architecture/using-vpc-sharing-for-a-cost-effective-multi-account-microservice-architecture/
upvoted 1 times
...
mrgreatness
2 years, 5 months ago
I'm going D because there is an AWS blog about this and alot of exam questions are formed from blogs written by SA. D works and is cheaper option. So will go for D
upvoted 1 times
...
Load full discussion...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago