ExpertAWS SAP-C02 · Question 56 · Domain 1.1: Network Connectivity
An enterprise is building a centralized network inspection architecture using AWS Transit Gateway. They have a dedicated Inspection VPC containing AWS Network Firewall. They want to ensure that traffic between any two application VPCs is routed through the Inspection VPC. How should the Transit Gateway route tables be configured?
An enterprise is building a centralized network inspection architecture using AWS Transit Gateway. They have a dedicated Inspection VPC containing AWS Network Firewall. They want to ensure that traffic between any two application VPCs is routed through the Inspection VPC. How should the Transit Gateway route tables be configured?
Answer options:
Use a single TGW route table and enable appliance mode on all VPC attachments.
Create two TGW route tables. Associate application VPCs with a route table that routes all traffic to the Inspection VPC. Associate the Inspection VPC with a route table that has routes to all application VPCs.
Configure VPC peering between all application VPCs and the Inspection VPC.
Enable AWS Shield Advanced on the Transit Gateway.
How to approach this question
Full Answer
Common mistakes
Practice the full AWS Solutions Architect Professional SAP-C02 Practice Exam 7
75 questions · hints · full answers · grading