AWS Certified Advanced Networking – Specialty (ANS-C01) — Question 176

A company has a transit gateway in AWS Account A. The company uses AWS Resource Access Manager (AWS RAM) to share the transit gateway so that users in other accounts can connect to multiple VPCs in the same AWS Region. AWS Account B contains a VPC (10.0.0.0/16) with subnet 10.0.0.0/24 in the us-west-2a Availability Zone and subnet 10.0.1.0/24 in the us-west-2b Availability Zone. Resources in these subnets can communicate with other VPCs.

A network engineer creates two new subnets: 10.0.2.0/24 in the us-west-2b Availability Zone and 10.0.3.0/24 in the us-west-2c Availability Zone. All the subnets share one route table. The default route 0.0.0.0/0 is pointing to the transit gateway. Resources in subnet 10.0.2.0/24 can communicate with other VPCs, but resources in subnet 10.0.3.0/24 cannot communicate with other VPCs.

What should the network engineer do so that resources in subnet 10.0.3.0/24 can communicate with other VPCs?

Answer options

• A. In Account B, add 10.0.2.0/24 and 10.0.3.0/24 as the destinations to the route table. Use the transit gateway as the target.
• B. In Account B, update the transit gateway attachment. Attach the new subnet ID that is associated with us-west-2c to Account B's VPC.
• C. In Account A, create a static route for 10.0.3.0/24 in the transit gateway route tables.
• D. In Account A, recreate propagation for 10.0.0.0/16 in the transit gateway route tables.

Correct answer: B

Explanation

The correct answer is B because the transit gateway needs to be updated to recognize the new subnet in us-west-2c for it to communicate with other VPCs. Option A is incorrect because merely adding the new subnets to the route table does not establish the necessary attachment. Option C does not address the need for the subnet attachment in Account B. Option D incorrectly focuses on the propagation of an existing subnet rather than on the new one that requires attention.