Transit Gateway Route Table Configuration

Correct Answer - B.

Transit Gateway can be used for isolated shared services between multiple VPCs.

For this, two routing tables can be created in Transit Gateway.

First, the route table would have a route table with routes propagated from VPC R&D & VPC Production attachments.Other route tables would have a route table with routes propagated from VPC IT.

Option A is incorrect as For Transit Gateway, each attachment can be associated only to one route table.

In the above case, VPC IT cannot be associated with two route tables.

Option C is incorrect as with the static Default route.

Both VPC R&D & PC Finance will be able to communicate with each other.

Option D is incorrect as with the default route table, VPC R&D & VPC Production will be able to communicate with each other.

For more information on AWS Transit Gateway, refer to the following URL.

https://docs.aws.amazon.com/vpc/latest/tgw/transit-gateway-isolated-shared.html

The scenario involves an organization with three VPCs, R&D, Production, and IT, where IT has shared services servers that need to communicate with servers in all three VPCs. However, communication between R&D and Production should not be allowed, and the organization wants to support future demand in the number of VPCs. To enable communication between VPCs, the organization has decided to use a Transit Gateway.

The Transit Gateway is a fully-managed service that simplifies network connectivity between VPCs, VPNs, and on-premises networks. It acts as a hub that connects multiple VPCs and provides a central point for managing network traffic. It also supports routing between VPCs using route tables.

To meet the requirement of allowing communication between IT and R&D/Production while preventing communication between R&D and Production, and to support future demand for VPCs, we need to design a route table configuration for the Transit Gateway.

Answer A suggests creating two routing tables in Transit Gateway and associating VPC R&D and VPC IT attachments to one route table with routes propagated from each VPC. This approach allows communication between R&D and IT, which is not desirable.

Answer B suggests associating VPC Production and VPC IT attachments to one route table with routes propagated from each VPC. This approach allows communication between Production and IT, which is not desirable.

Answer C suggests creating two routing tables in Transit Gateway and associating VPC R&D and VPC Production attachments to the route table with routes propagated from VPC IT. Also, associate VPC IT attachments with route tables having propagated routes from VPC R&D and VPC Production. This approach would enable communication between IT and R&D/Production, but it violates the requirement of not allowing communication between R&D and Production.

Answer D suggests creating two routing tables in Transit Gateway and associating VPC R&D and VPC Production attachments to the route table with a static default route. Also, associate VPC IT attachments with route tables having propagated routes from VPC R&D and VPC Production. This approach would allow communication between IT and R&D/Production, but it violates the requirement of not allowing communication between R&D and Production.

Answer E suggests creating two routing tables in Transit Gateway and associating VPC R&D and VPC Production attachments to the default route table with route propagation enabled. Also, associate VPC IT attachments with route tables having propagated routes from VPC R&D and VPC Production. This approach allows communication between IT and R&D/Production while preventing communication between R&D and Production, meeting the requirement stated in the question. Hence, the correct answer is E.