AWS Certified SysOps Administrator – Associate (legacy) — Question 567

Two companies will be working on several development projects together. Each company has an AWS account with a single VPC in us-east-1. Two companies would like to access one another's development servers. The IPv4 CIDR blocks in the two VPCs does not overlap.
What can the SysOps Administrators for each company do to set up network routing?

Answer options

• A. Each Administrator should create a custom routing table that points to the other company's internet gateway public IP address.
• B. Both Administrators should set up a NAT gateway in a public subnet in their respective VPCs. Then. using the public IP address from the NAT gateway, the Administrators should enable routing between the two VPCs.
• C. Both Administrators should install a 1 Gbps AWS Direct Connect circuit in their respective environments. Then, using the AWS Management Console, the Administrators should create an AWS Direct Connect routing requests to enable connectivity.
• D. One Administrator should create a VPC peering request and send it to the other Administrator's account. Once the other Administrator accepts the request, update the routing tables to enable traffic.

Correct answer: D

Explanation

VPC peering is the standard and most efficient method to connect two VPCs with non-overlapping CIDR blocks across different AWS accounts. Once the peering connection is requested and accepted, updating the route tables in both VPCs enables secure, private network communication. Other solutions like using NAT gateways, internet gateways, or AWS Direct Connect are either technically incorrect for this scenario or introduce unnecessary cost and complexity.