Logo
AWS Certified Solutions Architect - Professional / Question #606 of 529

Question #606

Example Corp. has an on-premises data center connected to VPC Main in their AWS account via a Site-to-Site VPN. They acquire NewCorp, which has VPC New. There is no IP address overlap between the networks. VPC Main and VPC New are peered. Example Corp. wants its on-premises servers to access VPC New. Network ACLs and security groups are properly configured.

Which solution will meet this requirement with the LEAST operational effort?

A

Create a transit gateway. Attach the Site-to-Site VPN, VPC Main, and VPC New to the transit gateway. Update the transit gateway route tables for all networks to add IP range routes for all other networks.
B

Create a transit gateway. Establish a new Site-to-Site VPN connection between the on-premises network and VPC New, and connect the VPN connection to the transit gateway. Add a route to direct traffic to the peered VPCs and an authorization rule to grant access to VPC Main and VPC New.
C

Update the route tables for the Site-to-Site VPN, VPC Main, and VPC New to include routes for all three networks. Enable BGP propagation for all networks and wait up to 5 minutes for propagation to complete.
D

Modify the existing Site-to-Site VPN\u2019s virtual private gateway to include both VPC Main and VPC New. Split the virtual private gateway\u2019s routers between the two VPCs.

Explanation

Answer A is correct because a Transit Gateway (TGW) simplifies routing by acting as a hub. Attaching the existing Site-to-Site VPN, VPC Main, and VPC New to the TGW allows transitive routing between all networks. Updating the TGW route tables once ensures on-premises traffic can reach VPC New via VPC Main. Other options are less efficient: Option B requires a new VPN connection, adding complexity. Option C relies on manual route updates and BGP propagation, which is time-consuming and error-prone. Option D is invalid because a Virtual Private Gateway (VGW) cannot be shared across multiple VPCs. TGW provides the simplest and most scalable solution with minimal operational overhead.

Answer

The correct answer is: A