Multiple Choice
A company has more than 100 AWS accounts, with one VPC per account, that need outbound HTTPS connectivity to the internet. The current design contains one NAT gateway per Availability Zone (AZ) in each VPC. To reduce costs and obtain information about outbound traffic, management has asked for a new architecture for internet access. Which solution will meet the current needs, and continue to grow as new accounts are provisioned, while reducing costs?
A) Create a transit VPC across two AZs using a third-party routing appliance. Create a VPN connection to each VPC. Default route internet traffic to the transit VPC.
B) Create multiple hosted-private AWS Direct Connect VIFs, one per account, each with a Direct Connect gateway. Default route internet traffic back to an on-premises router to route to the internet.
C) Create a central VPC for outbound internet traffic. Use VPC peering to default route to a set of redundant NAT gateway in the central VPC.
D) Create a proxy fleet in a central VPC account. Create an AWS PrivateLink endpoint service in the central VPC. Use PrivateLink interface for internet connectivity through the proxy fleet.
Correct Answer:
Verified
Correct Answer:
Verified
Q101: A company wants to refactor its retail
Q102: A company experienced a breach of highly
Q103: A Solutions Architect must migrate an existing
Q104: A Solutions Architect is responsible for redesigning
Q105: A security engineer determined that an existing
Q107: A company has an Amazon EC2 deployment
Q108: A large company is migrating its entire
Q109: A company runs a public-facing application that
Q110: A company is using AWS CloudFormation to
Q111: A company hosts a legacy application that