What should a solutions architect do to meet this requirement?
Create one AWS Site-to-Site VPN connection in ap-south-1. Connect the company’s data center to the virtual private gateway.
Create two AWS Site-to-Site VPN connections: one in ap-south-1 and one in ap-southeast-1. Connect the company’s data center to both virtual private gateways.
Create one AWS Direct Connect gateway. Provision a 4 Gbps Direct Connect hosted connection from an AWS Direct Connect Partner. Associate the connection with the Direct Connect gateway.
Create two AWS Direct Connect gateways: one in ap-south-1 and one in ap-southeast-1. Provision a 4 Gbps Direct Connect hosted connection from an AWS Direct Connect Partner. Associate the connection with both Direct Connect gateways.
Explanations:
A single Site-to-Site VPN connection only allows connectivity to one AWS Region (ap-south-1) and does not meet the requirement for connectivity to both regions (ap-south-1 and ap-southeast-1). Additionally, VPN connections do not provide guaranteed bandwidth of 4 Gbps.
While this option provides separate connections to both AWS Regions, Site-to-Site VPNs are not dedicated connections and may not support the required bandwidth of 4 Gbps. Therefore, it does not meet the requirement for a single dedicated connection with 4 Gbps throughput.
Creating one AWS Direct Connect gateway allows for the provisioning of a dedicated connection with sufficient bandwidth (4 Gbps). A Direct Connect gateway can be associated with multiple virtual private clouds (VPCs) across different regions, enabling a dedicated connection to both ap-south-1 and ap-southeast-1.
Although having two Direct Connect gateways may provide connectivity to both regions, it does not meet the requirement of a single dedicated connection. The option unnecessarily complicates the architecture by requiring multiple gateways when a single Direct Connect gateway is sufficient to provide the needed connectivity.