AWS Certified Solutions Architect – Professional — Question 560

A company is running its AWS infrastructure across two AWS Regions. The company has four VPCs in the eu-west-1 Region and has two VPCs in the us-east-1
Region. The company also has an on-premises data center in Europe that has two AWS Direct Connect connections in eu-west-1.
The company needs a solution in which Amazon EC2 instances in each VPC can connect to each other by using private IP addresses. Servers in the on-premises data center also must be able to connect to those VPCs by using private IP addresses.
What is the MOST cost-effective solution that meets these requirements?

Answer options

• A. Create an AWS Transit Gateway in each Region, and attach each VPC to the transit gateway in that Region. Create cross-Region peering between the transit gateways. Create two transit VIFs, and attach them to a single Direct Connect gateway. Associate each transit gateway with the Direct Connect gateway.
• B. Create VPC peering between each VPC in the same Region. Create cross-Region peering between each VPC in different Regions. Create two private VIFs, and attach them to a single Direct Connect gateway. Associate each VPC with the Direct Connect gateway.
• C. Create VPC peering between each VPC in the same Region. Create cross-Region peering between each VPC in different Regions. Create two public VIFs that are configured to route AWS IP addresses globally to on-premises servers.
• D. Create an AWS Transit Gateway in each Region, and attach each VPC to the transit gateway in that Region. Create cross-Region peering between the transit gateways. Create two private VIFs, and attach them to a single Direct Connect gateway. Associate each VPC with the Direct Connect gateway.

Correct answer: B

Explanation

VPC peering does not incur any hourly association fees, making it the most cost-effective method to interconnect a small number of VPCs compared to AWS Transit Gateway, which charges hourly fees per attachment. Furthermore, a single Direct Connect gateway can support up to 10 virtual private gateway associations using private VIFs, which easily accommodates the 6 VPCs in this scenario. Options utilizing AWS Transit Gateway are more expensive, and using public VIFs does not meet the requirement for private IP routing.