ExamTopics Logo
Mail Us[email protected]
Menu
Amazon Discussions
exam questions

Exam AWS Certified Solutions Architect - Professional All Questions

View all questions & answers for the AWS Certified Solutions Architect - Professional exam
Go to Exam

Exam AWS Certified Solutions Architect - Professional topic 1 question 1004 discussion

Exam question from Amazon's AWS Certified Solutions Architect - Professional
Question #: 1004
Topic #: 1
[All AWS Certified Solutions Architect - Professional Questions]

A company operates a fleet of servers on premises and operates a fleet of Amazon EC2 instances in its organization in AWS Organizations. The company's AWS accounts contain hundreds of VPCs. The company wants to connect its AWS accounts to its on-premises network. AWS Site-to-Site VPN connections are already established to a single AWS account. The company wants to control which VPCs can communicate with other VPCs.

Which combination of steps will achieve this level of control with the LEAST operational effort? (Choose three.)

  • A. Create a transit gateway in an AWS account. Share the transit gateway across accounts by using AWS Resource Access Manager (AWS RAM).
  • B. Configure attachments to all VPCs and VPNs.
  • C. Set up transit gateway route tables. Associate the VPCs and VPNs with the route tables.
  • D. Configure VPC peering between the VPCs.
  • E. Configure attachments between the VPCs and VPNs.
  • F. Set up route tables on the VPCs and VPNs.
Show Suggested Answer Hide Answer
Suggested Answer: ABC 🗳️
by YOIAN at Dec. 20, 2022, 10:02 p.m.
Disclaimers:
  • - ExamTopics website is not related to, affiliated with, endorsed or authorized by Amazon.
  • - Trademarks, certification & product names are used for reference only and belong to Amazon.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
YOIAN
Highly Voted 2 years, 4 months ago
ABC seems more logical.
upvoted 9 times
Kende
2 years, 4 months ago
Agree!
upvoted 1 times
...
...
devilman222
Most Recent 9 months ago
Selected Answer: ABC
OK, who every decides the correct answer needs to get a clue. You go set up transit gateway, set up the transit gateway route tables. Next, you create unnecessary peering connections. ---- WRONG. D-is wrong. Peering connections are great if you have 5 accounts and 5 VPCs.
upvoted 1 times
...
ggrodskiy
1 year, 9 months ago
Correct ABC
upvoted 4 times
...
SkyZeroZx
1 year, 9 months ago
Selected Answer: ABC
The following combination of steps will achieve this level of control with the LEAST operational effort: A. Create a transit gateway in an AWS account. Share the transit gateway across accounts by using AWS Resource Access Manager (AWS RAM). B. Configure attachments to all VPCs and VPNs. C. Set up transit gateway route tables. Associate the VPCs and VPNs with the route tables.
upvoted 3 times
SkyZeroZx
1 year, 9 months ago
This combination of steps will allow the company to control which VPCs can communicate with other VPCs by configuring the transit gateway route tables. The company can also use AWS RAM to share the transit gateway across accounts, which will reduce the operational effort required to manage the transit gateway. D. Configure VPC peering between the VPCs. VPC peering is not necessary if the company is using a transit gateway. E. Configure attachments between the VPCs and VPNs. This step is already included in step B. F. Set up route tables on the VPCs and VPNs. This step is also not necessary if the company is using a transit gateway.
upvoted 1 times
...
SkyZeroZx
1 year, 9 months ago
When you configure an attachment to a VPC or VPN, you are essentially creating a connection between the transit gateway and the VPC or VPN. This connection allows traffic to flow between the transit gateway and the VPC or VPN. In the case of this question, the company wants to control which VPCs can communicate with other VPCs. They can do this by configuring the transit gateway route tables. The transit gateway route tables will determine which VPCs can send traffic to other VPCs. For example, if the company wants to allow VPC A to communicate with VPC B, but not with VPC C, they would create a route in the transit gateway route table that routes traffic from VPC A to VPC B. They would not create a route in the transit gateway route table that routes traffic from VPC A to VPC C.
upvoted 1 times
SkyZeroZx
1 year, 9 months ago
this would prevent traffic from VPC A from reaching VPC C. By configuring the transit gateway route tables, the company can control which VPCs can communicate with other VPCs. This allows them to achieve the level of control they desire with the LEAST operational effort. Here are some additional details about configuring attachments to VPCs and VPNs: To configure an attachment to a VPC, you need to specify the VPC ID and the CIDR block of the VPC. To configure an attachment to a VPN, you need to specify the VPN connection ID and the BGP ASN of the VPN. Once you have configured an attachment, the transit gateway will automatically create a route table for the VPC or VPN. You can then use the transit gateway route table to control which VPCs can communicate with other VPCs.
upvoted 1 times
...
...
...
Jesuisleon
1 year, 11 months ago
Selected Answer: ABC
D is apparently wrong due to "The company's AWS accounts contain HUNDREDS of VPCs", the number implies vpc peering not applicable.
upvoted 1 times
...
dev112233xx
2 years ago
Selected Answer: ACD
ACD makes more sense because the VPN connections are already established
upvoted 1 times
...
coolt2
2 years, 2 months ago
D is out ,not scalable (question says Least operational effort) ,ABC looks best ,A is a must once a transit gateway is mentioned to allow easy connectivity between VPcs
upvoted 1 times
...
ccort
2 years, 3 months ago
Selected Answer: ABC
VPC Peering should be ruled out, there is a max of 50 connections, the question states hundreds of VPC's
upvoted 2 times
...
Appon
2 years, 4 months ago
Selected Answer: ACD
"VPN connections are already established"
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago