New Year Sale 2026! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Amazon SAP-C02 Exam - Topic 5 Question 41 Discussion

Actual exam question for Amazon's SAP-C02 exam
Question #: 41
Topic #: 5
[All SAP-C02 Questions]

A software as a service (SaaS) company provides a media software solution to customers The solution is hosted on 50 VPCs across various AWS Regions and AWS accounts One of the VPCs is designated as a management VPC The compute resources in the VPCs work independently

The company has developed a new feature that requires all 50 VPCs to be able to communicate with each other. The new feature also requires one-way access from each customer's VPC to the company's management VPC The management VPC hosts a compute resource that validates licenses for the media software solution

The number of VPCs that the company will use to host the solution will continue to increase as the solution grows

Which combination of steps will provide the required VPC connectivity with the LEAST operational overhead'' (Select TWO.)

Show Suggested Answer Hide Answer
Suggested Answer: A, C

Create a Transit Gateway:

Step 1: In the AWS Management Console, navigate to the VPC Dashboard.

Step 2: Select 'Transit Gateways' and click on 'Create Transit Gateway'.

Step 3: Configure the transit gateway by providing a name and setting the options for Amazon side ASN and VPN ECMP support as needed.

Step 4: Attach each of the company's VPCs and relevant subnets to the transit gateway. This centralizes the network management and simplifies the routing configurations, supporting scalable and flexible network architecture.

Set Up AWS PrivateLink:

Step 1: Create a Network Load Balancer (NLB) in the management VPC that points to the compute resource responsible for license validation.

Step 2: Create an AWS PrivateLink endpoint service pointing to this NLB.

Step 3: Allow each customer's VPC to create an interface endpoint to this PrivateLink service. This setup enables secure and private communication between the customer VPCs and the management VPC, ensuring one-way access from each customer's VPC to the management VPC for license validation.

This combination leverages the benefits of AWS Transit Gateway for scalable and centralized routing, and AWS PrivateLink for secure and private service access, meeting the requirement with minimal operational overhead.

Reference

Amazon VPC-to-Amazon VPC Connectivity Options

AWS PrivateLink - Building a Scalable and Secure Multi-VPC AWS Network Infrastructure

Connecting Your VPC to Other VPCs and Networks Using a Transit Gateway


by Beula at Sep 15, 2024, 04:14 AM

Limited Time Offer

25%

Off

Get Premium SAP-C02 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Renato
3 months ago
Is a VPN really necessary for this setup? Sounds complicated!
upvoted 0 times
...
Shayne
3 months ago
I think peering could work, but it’s not efficient with so many VPCs.
upvoted 0 times
...
Hortencia
3 months ago
Wait, why not just use PrivateLink? Seems simpler.
upvoted 0 times
...
Alease
4 months ago
Totally agree, VPC peering would be a nightmare to manage!
upvoted 0 times
...
Jenise
4 months ago
A transit gateway sounds like the best option for scalability.
upvoted 0 times
...
Noah
4 months ago
I vaguely recall that using a VPN appliance for each VPC could be quite cumbersome. I don't think option D is efficient for this scenario.
upvoted 0 times
...
Erin
4 months ago
I practiced a similar question where we had to connect multiple VPCs, and I think using a transit gateway was the solution we went with. So, I’m leaning towards A.
upvoted 0 times
...
Misty
4 months ago
I'm not entirely sure, but I feel like VPC peering could get complicated with so many VPCs. It might not be the best option, right?
upvoted 0 times
...
Glory
5 months ago
I remember studying transit gateways and how they simplify VPC connectivity. I think option A might be the right choice for reducing overhead.
upvoted 0 times
...
Nobuko
5 months ago
I'm leaning towards either A or C. The VPC peering (B and E) and VPN (D) options seem like they could get unwieldy to manage as the number of VPCs increases.
upvoted 0 times
...
Belen
5 months ago
Option C with the PrivateLink endpoint service looks interesting, but I'm not sure if that would be the least operationally intensive approach compared to the transit gateway. I'll need to weigh the pros and cons of each.
upvoted 0 times
...
Micaela
5 months ago
Hmm, I'm a bit confused by all the VPC and networking concepts in this question. I'll need to review my notes on AWS networking to make sure I understand the implications of each choice.
upvoted 0 times
...
Bernardo
5 months ago
This seems like a tricky question. I'll need to think through the different options carefully to determine the least operationally intensive approach.
upvoted 0 times
...
Nadine
5 months ago
I think the transit gateway option (A) might be the way to go here. It seems like it would provide the required connectivity between the VPCs with the least ongoing management overhead as the number of VPCs grows.
upvoted 0 times
...
Domonique
5 months ago
I recall some practice questions where Puppet was mentioned as a common tool for configuration management, maybe it's not perfect for orchestration?
upvoted 0 times
...
Donte
1 year ago
Wow, 50 VPCs? That's a lot of virtual real estate. I hope they don't forget to water the VPCs, or they might start wilting!
upvoted 0 times
...
Onita
1 year ago
Nah, Site-to-Site VPN is way too much work for this use case. Who has time to set up a VPN appliance in 50+ customer VPCs? Not this guy!
upvoted 0 times
...
Peggy
1 year ago
I like the idea of using PrivateLink to create a managed endpoint service for the license validation. That way, the customers can access it securely without needing to manage a VPN connection.
upvoted 0 times
Pamella
1 year ago
A: Agreed, less hassle for everyone involved.
upvoted 0 times
...
German
1 year ago
B: Yeah, it definitely simplifies the process for customers. No need to deal with VPNs.
upvoted 0 times
...
Doretha
1 year ago
A: I think option C is a great idea. Using PrivateLink for secure access sounds efficient.
upvoted 0 times
...
...
Tyisha
1 year ago
I agree with Ailene. Option A and C seem to be the most efficient in terms of connectivity and reducing operational overhead.
upvoted 0 times
...
Virgilio
1 year ago
I'm not sure about option B. Creating VPC peering connections between all VPCs might become cumbersome as the company scales.
upvoted 0 times
...
Ailene
1 year ago
I think option A and C would be the best choices. Transit gateway for VPC connectivity and NLB with PrivateLink for license validation.
upvoted 0 times
...
Dante
1 year ago
The transit gateway seems like the most scalable and maintainable option here. Creating individual VPC peering connections between 50+ VPCs sounds like a headache.
upvoted 0 times
Truman
1 year ago
B) Create VPC peering connections between all the company's VPCs
upvoted 0 times
...
Jules
1 year ago
A transit gateway would definitely simplify the connectivity between all the VPCs
upvoted 0 times
...
Virgina
1 year ago
C) Create a Network Load Balancer (NLB) that points to the compute resource for license validation. Create an AWS PrivateLink endpoint service that is available to each customer's VPC Associate the endpoint service with the NLB
upvoted 0 times
...
Desiree
1 year ago
A) Create a transit gateway Attach all the company's VPCs and relevant subnets to the transit gateway
upvoted 0 times
...
...

Save Cancel