What solution meets these requirements while maintaining the lowest cost?

By:
On:
In: SOA-C01
Tagged:
With: 0 Comments
A Systems Administrator is planning to deploy multiple EC2 instances within two separate Availability Zones in the same AwS Region.The instances cannot be exposed to the Internet, but must be able to exchange traffic between one another.The data does not need to be encrypted.

What solution meets these requirements while maintaining the lowest cost?

Create two private subnets within the same VPC. Communicate between instances using their private IP addresses

Create 2 public subnets within the same VPC. Communicate between instances using their public IP addresses

Create 2 separate VPCs, one for each Availability Zone. Create a private subnet within each VPC. Create a static route table pointing the destination CIDR to the other VPC

Create 2 separate VPCs, one for each Availability Zone and create a public subnet in each. Deploy a VPN appliance within each VPC and establish a VPN tunnel between them. Communicate between instances by routing traffic through the VPN appliances

Explanations:

Two private subnets in the same VPC allow EC2 instances to communicate via private IPs without internet access. This is the most cost-effective solution.

Public subnets require instances to have public IPs, which would expose them to the Internet, violating the requirement that they cannot be exposed to the Internet.

Creating two separate VPCs involves unnecessary complexity and cost, as inter-VPC communication requires additional setup (e.g., peering or VPN).

Setting up VPN appliances between two separate VPCs adds unnecessary complexity and cost, making it less efficient compared to using a single VPC.

Leave a Reply

Your email address will not be published. Required fields are marked *

5 − one =