AWS Certified Solutions Architect – Associate (SAA-C02) — Question 180

A company hosts its core network services, including directory services and DNS, in its on-premises data center. The data center is connected to the AWS Cloud using AWS Direct Connect (DX). Additional AWS accounts are planned that will require quick, cost-effective, and consistent access to these network services.
What should a solutions architect implement to meet these requirements with the LEAST amount of operational overhead?

Answer options

• A. Create a DX connection in each new account. Route the network traffic to the on-premises servers.
• B. Configure VPC endpoints in the DX VPC for all required services. Route the network traffic to the on-premises servers.
• C. Create a VPN connection between each new account and the DX VPC. Route the network traffic to the on-premises servers.
• D. Configure AWS Transit Gateway between the accounts. Assign DX to the transit gateway and route network traffic to the on-premises servers.

Correct answer: D

Explanation

The correct answer is D because using an AWS Transit Gateway allows multiple accounts to efficiently share a connection to on-premises resources with minimal management. The other options involve creating multiple direct connections or VPNs, which would increase complexity and operational overhead.