SAP-C02 Exam QuestionsBrowse all questions from this exam
Go to Exam

SAP-C02 Exam - Question 430

A company provides a centralized Amazon EC2 application hosted in a single shared VPC. The centralized application must be accessible from client applications running in the VPCs of other business units. The centralized application front end is configured with a Network Load Balancer (NLB) for scalability.

Up to 10 business unit VPCs will need to be connected to the shared VPC. Some of the business unit VPC CIDR blocks overlap with the shared VPC, and some overlap with each other Network connectivity to the centralized application in the shared VPC should be allowed from authorized business unit VPCs only.

Which network configuration should a solutions architect use to provide connectivity from the client applications in the business unit VPCs to the centralized application in the shared VPC?

Show Answer
Correct Answer: B

To provide connectivity from client applications in the business unit VPCs to the centralized application in the shared VPC, especially when the CIDR blocks of the VPCs overlap, the best solution is to create a VPC endpoint service using the centralized application NLB and enable the option to require endpoint acceptance. Then, create a VPC endpoint in each of the business unit VPCs using the service name of the endpoint service, and accept authorized endpoint requests from the endpoint service console. This configuration allows for secure and controlled access to the centralized application despite the overlapping IP addresses.

Discussion

9 comments
Sign in to comment
sat2008
Feb 17, 2024

B is the answer for me Only way to get around overlapping IP range is using endpoint service

alexis123456
Feb 6, 2024

Correct Answer is A

kejamOption: B
Feb 7, 2024

https://www.examtopics.com/discussions/amazon/view/46708-exam-aws-certified-solutions-architect-professional-topic-1/ https://aws.amazon.com/blogs/networking-and-content-delivery/connecting-networks-with-overlapping-ip-ranges/

HunkyBunkyOption: B
Feb 7, 2024

Answer is B Application already uses NLB so this is a best way for solve that task

arberodOption: B
Feb 8, 2024

B is the answer

master9Option: B
Feb 7, 2024

VPC Endpoint Service can do the job

career360guruOption: B
Mar 9, 2024

option B

43c89f4
May 1, 2024

A is actually. they never mentioned cost effect or less effort solution. when they are not mentioned anything we need to prefer best option

sarlos
May 22, 2024

Not possible, because TGW does not support overlapping ranges

toma
Jul 2, 2024

"This requires that automatic route propagation to Transit Gateway be disabled as not all of the subnets in each VPC should be advertised." so it is B

MoghiteOption: B
Jul 19, 2024

only option to get around of IP overlapping https://aws.amazon.com/blogs/networking-and-content-delivery/connecting-networks-with-overlapping-ip-ranges/