Can the existing Direct Connect be reused for the VPC in the AWS US West region?
Question
A Fintech company has its major applications deployed in AWS US East (N.
Virginia) region.
Since the applications need extremely fast processing, stable and high speed of network broadband is required.
A Direct Connect has been set up in the region which connects its on-premises network with the Virtual Private Gateway in AWS VPC.
Direct Connect has already run for two months smoothly.
Now, as the business grows, new applications have been deployed in AWS US West region VPC recently.
They also need to communicate with the on-premises datacenter which is located in Virginia using a high-speed network.
Can the existing Direct Connect be reused for the VPC in the AWS US West region?
Answers
Explanations
Click on the arrows to vote for the correct answer
A. B. C. D. C. F.Correct Answer - C.
Direct Connect Gateway is a service that helps on connecting AWS Direct Connect connection over a private virtual interface to one or more VPCs in the same account that are located in the same or different Regions.
The reinvent session https://www.youtube.com/watch?v=Pj11NFXDbLY has very good introductions of this feature.
As below picture, the Direct Connect gateway enables you to use the AWS Direct Connect connection in the US East (N.
Virginia) Region to access VPCs in your account in both the US East (N.
Virginia) and US West (N.
California) Regions.
For the documentation of Direct Connect Gateway, check the below link in https://docs.aws.amazon.com/directconnect/latest/UserGuide/direct-connect-gateways.html.
Option A is incorrect because by using Direct Connect Gateway, the existing Direct Connect can be reused.
It does not need to create another new one which is time-consuming.
Option B is incorrect because, via Direct Connect Gateway, VPCs in different regions can use the same AWS Direct Connect connection.
Option C is CORRECT because to use Direct Connect Gateway, a private virtual interface is needed for the AWS Direct Connect connection to communicate with the Direct Connect gateway.
In the meantime, attach a private virtual interface in VPC to the Direct Connect gateway.
Option D is incorrect because a private virtual interface instead of a private VPN IPsec tunnel is needed between the AWS Direct Connect connection and the Direct Connect gateway.
The answer is C. Yes. A Direct Connect Gateway is required to associate with the virtual private gateway for the VPC in the AWS US West region.
Direct Connect is a network service that allows you to establish a dedicated network connection from your premises to AWS. This service provides a more reliable and consistent network experience compared to internet-based connections. Direct Connect can be used to access AWS services in any region, but a separate connection is required for each region.
In this scenario, the company already has a Direct Connect set up in the AWS US East region to connect its on-premises datacenter to its VPC. Now, the company has deployed new applications in the AWS US West region VPC, and they need to communicate with the on-premises datacenter using a high-speed network.
To reuse the existing Direct Connect connection, the company needs to set up a Direct Connect Gateway, which is a new type of virtual interface that allows traffic to flow between VPCs in different regions. The Direct Connect Gateway needs to be associated with the virtual private gateway for the VPC in the AWS US West region.
Once the Direct Connect Gateway is set up and associated with the virtual private gateway, the company can create a private virtual interface for the AWS Direct Connect connection to the Direct Connect Gateway. This will enable the new VPC in the AWS US West region to communicate with the on-premises datacenter over the same dedicated network connection that is already in place.
Therefore, the correct answer is C. Yes. A Direct Connect Gateway is required to associate with the virtual private gateway for the VPC in the AWS US West region.