AWS Certified Advanced Networking – Specialty (ANS-C01) — Question 121
A marketing company is using hybrid infrastructure through AWS Direct Connect links and a software-defined wide area network (SD-WAN) overlay to connect its branch offices. The company connects multiple VPCs to a third-party SD-WAN appliance transit VPC within the same account by using AWS Site-to-Site VPNs.
The company is planning to connect more VPCs to the SD-WAN appliance transit VPC. However, the company faces challenges of scalability, route table limitations, and higher costs with the existing architecture. A network engineer must design a solution to resolve these issues and remove dependencies.
Which solution will meet these requirements with the LEAST amount of operational overhead?
Answer options
- A. Configure a transit gateway to attach the VPCs. Configure a Site-to-Site VPN connection between the transit gateway and the third-party SD-WAN appliance transit VPC. Use the SD-WAN overlay links to connect to the branch offices.
- B. Configure a transit gateway to attach the VPCs. Configure a transit gateway Connect attachment for the third-party SD-WAN appliance transit VPC. Use transit gateway Connect native integration of SD-WAN virtual hubs with AWS Transit Gateway.
- C. Configure a transit gateway to attach the VPCs. Configure VPC peering between the VPCs and the third-party SD-WAN appliance transit VPUse the SD-WAN overlay links to connect to the branch offices.
- D. Configure VPC peering between the VPCs and the third-party SD-WAN appliance transit VPC. Use transit gateway Connect native integration of SD-WAN virtual hubs with AWS Transit Gateway.
Correct answer: B
Explanation
Option B is the best choice because it uses a transit gateway with a Connect attachment, allowing for scalable and efficient management of multiple VPCs while reducing operational overhead. Options A and C rely on Site-to-Site VPNs and VPC peering, which can lead to routing limitations and increased complexity. Option D does not utilize the transit gateway Connect feature, which is essential for optimal integration with the SD-WAN appliance.