Which solution meets these requirements MOST cost-effectively?

By:
On:
In: SAP-C01
Tagged:
With: 0 Comments
A company uses AWS Organizations.The company creates a central VPC in an AWS account that is designated for networking in a single AWS Region.The central VPC has an AWS Site-to-Site VPN connection to the company’s on-premises network.A solutions architect must create another AWS account that uses the same networking resources that the central VPC uses.

Which solution meets these requirements MOST cost-effectively?

Create a VPC in the new AWS account. Create a new Site-to-Site VPN connection for the on-premises connection.

Use AWS Resource Access Manager to share the VPN connection in the central VPC with the new AWS account.

Create a VPC in the new AWS account. Configure a virtual private gateway to connect to the central VPC.

Use AWS Resource Access Manager to share the subnets in the central VPC with the new AWS account.

Explanations:

This option involves creating a new VPC and a new Site-to-Site VPN connection, which incurs additional costs and does not leverage the existing central VPC’s resources.

While AWS Resource Access Manager (RAM) allows sharing certain resources, it does not support sharing VPN connections directly across accounts. Therefore, this option is not viable.

Creating a new VPC and configuring a virtual private gateway would require managing two separate VPCs and VPN connections, leading to additional complexity and cost.

Using AWS Resource Access Manager to share the subnets in the central VPC allows the new account to utilize the existing VPC’s resources, including the Site-to-Site VPN connection, thus minimizing costs and resource duplication.

Leave a Reply

Your email address will not be published. Required fields are marked *

seven + twenty =