Question #845
A software company requires temporary testing environments for each feature branch. Each environment uses an Amazon EC2 instance in an Auto Scaling group and must connect to an on-premises database via a VPN. The company uses a transit gateway for on-premises connectivity. The solution must automate environment creation and deletion with minimal management overhead.
Which solution meets these requirements MOST effectively?
Use AWS CloudFormation to deploy each environment in a new VPC with a transit gateway attachment. Configure routing tables manually for each deployment.
Deploy all environments into a single existing VPC that is preconfigured with a transit gateway attachment. Use AWS CloudFormation to automate environment lifecycle management within this VPC.
Create a new AWS account for each test environment. Use AWS Organizations and CloudFormation StackSets to deploy VPCs with transit gateway attachments in each account.
Migrate the on-premises database to Amazon RDS. Deploy test environments in a VPC with direct RDS access, eliminating the need for VPN connectivity.
Explanation
The correct answer is B because:
- Minimal Management Overhead: Using a single preconfigured VPC with a transit gateway attachment avoids recreating network infrastructure (e.g., VPN, transit gateway) for each environment, reducing manual effort.
- Automation: AWS CloudFormation automates the creation/deletion of EC2 instances and Auto Scaling groups within the existing VPC, ensuring consistency and scalability.
- Why Not Other Options:
- A: Requires manual routing table updates, increasing overhead.
- C: Creating new AWS accounts per environment adds complexity and management costs.
- D: Migrating the database violates the requirement to use the on-premises database via VPN.
Key Points: Reuse preconfigured network resources (VPC, transit gateway) with infrastructure-as-code (CloudFormation) to balance automation and simplicity.
Answer
The correct answer is: B