SAA-C03 Question #646: Real Exam Question with Answer & Explanation

Question

A company runs business applications on AWS. The company uses 50 AWS accounts, thousands of VPCs, and three AWS Regions across the United States and Europe. The company has an existing AWS Direct Connect connection that connects an on-premises data center to a single Region. A solutions architect needs to establish network connectivity between the on-premises data center and the remaining two Regions. The solutions architect must also establish connectivity between the VPCs. On-premises users and applications must be able to connect to applications that run in the VPCs. The solutions architect creates a transit gateway in each Region and configures the transit gateways as inter-Region peers. What should the solutions architect do next to meet these requirements?

Options

• ACreate a private virtual interface (VIF) with a gateway type of virtual private gateway. Configure
• BCreate a private virtual interface (VIF) to a new Direct Connect gateway. Associate the new Direct
• CCreate a transit virtual interface (VIF) with a gateway association to a new Direct Connect
• DCreate an AWS Site-to-Site VPN connection that uses a public virtual interface (VIF) for the Direct

Explanation

A Direct Connect gateway combined with a transit virtual interface (transit VIF) is the correct way to extend a single Direct Connect connection to multiple Regions and multiple VPCs when using transit gateways. By creating a transit VIF to a new Direct Connect gateway and then associating each Regional transit gateway with that Direct Connect gateway, you: - Allow the on-premises data center to reach VPCs in all three Regions through their transit - Leverage existing inter-Region transit gateway peering for VPC-to-VPC connectivity across This design provides scalable, centralized connectivity with minimal configuration per VPC.

No community discussion yet for this question.