A company has more than 100 AWS accounts, with one VPC per account, that need outbound HTTPS connectivity to theinternet. The current design contains one NAT gateway per Availability Zone (AZ) in each VPC. To reduce costs andobtaininformation about outbound traffic, management has asked for a new architecture for internet access.
Which solution will meet the current needs, and continue to grow as new accounts are provisioned, while reducing costs?
A. Create a transit VPC across two AZs using a third-party routing appliance. Create a VPN connection to each VPC. Default route internet traffic to the transit VPC.
B. Create multiple hosted-private AWS Direct Connect VIFs, one per account, each with a Direct Connect gateway. Default route internet traffic back to an on-premises router to route to the internet.
C. Create a central VPC for outbound internet traffic. Use VPC peering to default route to a set of redundant NAT gateway in the central VPC.
D. Create a proxy fleet in a central VPC account. Create an AWS PrivateLink endpoint service in the central VPC. Use PrivateLink interface for internet connectivity through the proxy fleet.
Amazon AWS Certified Solutions Architect – Professional (SAP-C01)Free dumps for SAP-C01 in Printable PDF format.High quality PDF and software. VALID exam to help you pass. |
 |
