A company is migrating some of its applications to AWS. The company wants to migrate and…

Question

A company is migrating some of its applications to AWS. The company wants to migrate and modernize the applications quickly after it finalizes networking and security strategies. The company has set up an AWS Direct Connection connection in a central network account.
The company expects to have hundreds of AWS accounts and VPCs in the near future. The corporate network must be able to access the resources on AWS seamlessly and also must be able to communicate with all the VPCs. The company also wants to route its cloud resources to the internet through its on-premises data center.
Which combination of steps will meet these requirements? (Choose three.)

Accepted Answer

Correct answer: B, D, F. B. Create a Direct Connect gateway and a transit gateway in the central network account. Attach the transit gateway to the Direct Connect gateway by using a transit VIF. — D. Share the transit gateway with other accounts. Attach VPCs to the transit gateway. — F. Provision only private subnets. Open the necessary route on the transit gateway and customer gateway to allow outbound internet traffic from AWS to flow through NAT services that run in the data center. — To connect hundreds of VPCs and accounts via AWS Direct Connection, utilizing an AWS Transit Gateway combined with a Direct Connect gateway via a transit VIF is the most scalable approach (Option B). Sharing this transit gateway across accounts allows multiple VPCs to easily attach to it, facilitating seamless communication (Option D). Finally, deploying only private subnets and routing default outbound traffic (0.0.0.0/0) through the transit gateway and customer gateway back to the on-premises data center satisfies the requirement to use on-premises NAT services for internet access (Option F).

AWS Certified Solutions Architect – Professional — Question 644

Answer options

Correct answer: B, D, F

Explanation