Logo
AWS Certified Solutions Architect - Professional / Question #1051 of 529

Question #1051

A company in the United States (US) has acquired a company in Asia. Both companies use the AWS Cloud. The US company hosts a distributed application across three VPCs in the us-west-2 Region. The application must access resources in two VPCs in the ap-northeast-1 Region but must not access any other VPCs. The VPCs in both Regions have non-overlapping CIDR ranges, and all accounts are consolidated under one organization in AWS Organizations. Which solution will meet these requirements MOST cost-effectively?

A

Create a transit gateway in ap-northeast-1. Attach the VPCs in us-west-2 and the two VPCs in ap-northeast-1 to the transit gateway. Configure route tables to direct traffic through the transit gateway.
B

Deploy a transit gateway in each Region. Attach the relevant VPCs to their regional transit gateway. Establish a peering connection between the transit gateways and update route tables to route traffic through the gateways.
C

Create a full mesh of VPC peering connections between all VPCs in both Regions. Update route tables to route traffic through the peering connections.
D

Create separate VPC peering connections from each of the three VPCs in us-west-2 to both VPCs in ap-northeast-1. Update route tables in all connected VPCs to route traffic through the peering connections.

Explanation

Option D is correct because it uses VPC peering to directly connect the three US VPCs to the two Asia VPCs, ensuring no access to other VPCs. This approach is cost-effective as it avoids the recurring costs of transit gateways and their attachments.

- Option A is invalid because a transit gateway cannot span multiple regions; VPCs in us-west-2 cannot attach to a transit gateway in ap-northeast-1.
- Option B involves transit gateways in both regions and inter-region peering, which incurs higher costs for gateways, attachments, and data transfer compared to VPC peering.
- Option C creates a full mesh of peering connections, which violates the requirement to avoid unnecessary VPC access and increases costs with redundant connections.

Key Points:
- VPC peering is cost-effective for limited cross-region connections.
- Transit gateways introduce additional costs and complexity unless many VPCs are involved.
- Non-overlapping CIDR ranges simplify routing in peering configurations.

Answer

The correct answer is: D