A company has two business units (BUs). The company operates in the us-east-1 Region and…

Question

A company has two business units (BUs). The company operates in the us-east-1 Region and the us-west-1 Region. The company plans to extend to more Regions in the future. Each BU has a VPC in each Region. Each Region has a transit gateway with the BU VPCs attached. The transit gateways in both Regions are peered. The company will create several more BUs in the future and will need to isolate some of the BUs from the other BUs. The company wants to migrate to an architecture to incorporate more Regions and BUs. Which solution will meet these requirements with the MOST operational efficiency?

Accepted Answer

Correct answer: B. B. Create an AWS Cloud WAN core network with an edge location in both Regions. Configure a segment for each BU with VPC attachments to the new BU VPCs. Use segment actions to control traffic between segments. — AWS Cloud WAN provides a central dashboard and policy-driven approach to connect and manage global networks across multiple Regions, which is significantly more operationally efficient than managing a complex mesh of transit gateways. By utilizing segments, BUs are isolated by default, and 'segment actions' are the correct mechanism to define and control how traffic flows or is shared between different segments. Option C is incorrect because setting segments to isolate attachments only restricts communication between attachments within the same segment, rather than controlling traffic between different segments.

AWS Certified Advanced Networking – Specialty (ANS-C01) — Question 266

Answer options

Correct answer: B

Explanation