ExamTopics Logo
Mail Us[email protected]
Menu
Amazon Discussions
exam questions

Exam AWS Certified Solutions Architect - Professional SAP-C02 All Questions

View all questions & answers for the AWS Certified Solutions Architect - Professional SAP-C02 exam
Go to Exam

Exam AWS Certified Solutions Architect - Professional SAP-C02 topic 1 question 128 discussion

Exam question from Amazon's AWS Certified Solutions Architect - Professional SAP-C02
Question #: 128
Topic #: 1
[All AWS Certified Solutions Architect - Professional SAP-C02 Questions]

A software company hosts an application on AWS with resources in multiple AWS accounts and Regions. The application runs on a group of Amazon EC2 instances in an application VPC located in the us-east-1 Region with an IPv4 CIDR block of 10.10.0.0/16. In a different AWS account, a shared services VPC is located in the us-east-2 Region with an IPv4 CIDR block of 10.10.10.0/24. When a cloud engineer uses AWS CloudFormation to attempt to peer the application VPC with the shared services VPC, an error message indicates a peering failure.

Which factors could cause this error? (Choose two.)

  • A. The IPv4 CIDR ranges of the two VPCs overlap
  • B. The VPCs are not in the same Region
  • C. One or both accounts do not have access to an Internet gateway
  • D. One of the VPCs was not shared through AWS Resource Access Manager
  • E. The IAM role in the peer accepter account does not have the correct permissions
Show Suggested Answer Hide Answer
Suggested Answer: AE 🗳️
by zhangyu20000 at Jan. 16, 2023, 2:37 p.m.
Disclaimers:
  • - ExamTopics website is not related to, affiliated with, endorsed or authorized by Amazon.
  • - Trademarks, certification & product names are used for reference only and belong to Amazon.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Appon
Highly Voted 2 years, 6 months ago
Selected Answer: AE
https://aws.amazon.com/premiumsupport/knowledge-center/cloudformation-vpc-peering-error/
upvoted 9 times
...
zhangyu20000
Highly Voted 2 years, 7 months ago
AE is correct D is not correct because you cannot share VPC via RAM, subnet can
upvoted 5 times
djeong95
1 year, 5 months ago
In this link, you can find VPC sharing being described as "In this model, the account that owns the VPC (owner) shares one or more subnets with other accounts (participants) that belong to the same organization from AWS Organization". You can share subnets using AWS RAM. I think it is safe to conclude you can share VPCs using RAM. https://docs.aws.amazon.com/vpc/latest/userguide/vpc-sharing.html#vpc-share-prerequisites
upvoted 1 times
...
...
princajen
Most Recent 1 week, 5 days ago
Selected Answer: AE
VPC peering will fail if the CIDR ranges of the two VPCs overlap, even partially — as in this case, where 10.10.10.0/24 is within 10.10.0.0/16. Also, for cross-account peering via CloudFormation, the accepter account needs the correct IAM permissions to accept the peering request, or the operation will be denied. Region differences are supported, and VPCs do not need to be shared via RAM for peering to work.
upvoted 1 times
...
Syre
10 months, 3 weeks ago
Selected Answer: AB
E is wrong
upvoted 3 times
...
amministrazione
11 months, 2 weeks ago
A. The IPv4 CIDR ranges of the two VPCs overlap E. The IAM role in the peer accepter account does not have the correct permissions
upvoted 1 times
...
career360guru
1 year, 7 months ago
Selected Answer: AE
Option A and E
upvoted 1 times
...
m1xa
1 year, 9 months ago
Selected Answer: AE
https://docs.aws.amazon.com/vpc/latest/peering/what-is-vpc-peering.html https://repost.aws/knowledge-center/cloudformation-vpc-peering-error
upvoted 1 times
...
SK_Tyagi
1 year, 12 months ago
Selected Answer: AE
This is correct, per Appon's link
upvoted 1 times
...
NikkyDicky
2 years, 1 month ago
Selected Answer: AE
AE for sure
upvoted 1 times
...
ThaiNT
2 years, 3 months ago
Selected Answer: BE
VPCs are not in the same Region.
upvoted 3 times
ThaiNT
2 years, 3 months ago
My bad, option B is incorrect.
upvoted 2 times
...
...
mfsec
2 years, 4 months ago
Selected Answer: AE
AE is the best choice
upvoted 2 times
...
God_Is_Love
2 years, 5 months ago
Selected Answer: AE
FYI, Other reasons for issue : If the IAM role in the accepter account doesn't have the right permissions If the PeerRoleArn property isn't passed correctly when you create a VPC peering connection between VPCs in different accounts If the PeerRegion property isn't passed correctly when you're creating a VPC peering connection between VPCs in different AWS Regions
upvoted 4 times
...
zozza2023
2 years, 6 months ago
Selected Answer: AE
A and E
upvoted 1 times
...
masetromain
2 years, 7 months ago
Selected Answer: AE
A is correct because the IPv4 CIDR ranges of the two VPCs overlap. The two VPCs have an IP range of 10.10.0.0/16 and 10.10.10.0/24, which means that they share the same 10.10.0.0 network. This causes a conflict in routing and will prevent the VPCs from being able to communicate with each other. E is correct because the IAM role in the peer accepter account does not have the correct permissions. The role must have permissions to create, modify, and delete VPC peering connections in order for the peering to be established. B, C, and D are not correct. The VPCs are in the same region, both accounts have access to an internet gateway and both VPCs are not shared through AWS Resource Access Manager.
upvoted 3 times
clownfishman
2 years, 2 months ago
us-east-1 is in virginia, us-east-2 is in ohio - they are separate regions
upvoted 5 times
...
Arnaud92
1 year, 11 months ago
stop asking to ChatGPT
upvoted 7 times
...
m1xa
1 year, 9 months ago
It doesn't matter if both accounts are in the same region or not. >>> The VPCs can be in different Regions (also known as an inter-Region VPC peering connection). https://docs.aws.amazon.com/vpc/latest/peering/what-is-vpc-peering.html
upvoted 1 times
...
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel