Cost-Effective Connectivity Options
Question
Your company has 2 AWS accounts which has individual VPC's.
These VPC's need to communicate with each other.
The AWS accounts are in different regions.
The VPC's have non-overlapping CIDR blocks.
Which of the following would be a cost-effective connectivity option?
Answers
Explanations
Click on the arrows to vote for the correct answer
A. B. C. D.Correct Answer: B.
The AWS Documentation mentions the following.
A VPC peering connection is a networking connection between two VPCs that enables you to route traffic between them privately.
Instances in either VPC can communicate with each other as if they are within the same network.
You can create a VPC peering connection between your own VPCs, with a VPC in another AWS account, or with a VPC in a different AWS Region.
AWS uses the existing infrastructure of a VPC to create a VPC peering connection; it is neither a gateway nor a VPN connection and does not rely on a separate piece of physical hardware.
There is no single point of failure for communication or a bandwidth bottleneck.
Options A and C are incorrect since VPC peering is easier to establish.
Option D is incorrect since this is used for instances in the private subnet to communicate with the Internet.
For more information on VPC peering, please refer to the below URL-
https://docs.aws.amazon.com/vpc/latest/userguide/vpc-peering.htmlTo enable communication between the two VPCs in different AWS accounts and regions, there are multiple options available. However, the most cost-effective connectivity option would be to use VPC peering between the two VPCs.
Here's why:
A. Use VPN connections: VPN connections use the public internet to create a secure and encrypted connection between the two VPCs. This requires creating a virtual private gateway and a customer gateway in each VPC, which incurs additional costs. Moreover, the data transfer fees for VPN connections can be high, especially when transferring large amounts of data.
B. Use VPC peering between the 2 VPC's: VPC peering allows the two VPCs to communicate directly with each other using private IP addresses. This option is cost-effective as it does not require any additional infrastructure and does not incur any data transfer fees for communication between the two VPCs. However, it is important to note that VPC peering is only possible if the CIDR blocks of the two VPCs do not overlap.
C. Use AWS Direct Connect: AWS Direct Connect is a dedicated network connection between the two VPCs that bypasses the public internet, providing a more secure and reliable connection. However, this option can be costly as it requires the provisioning of a dedicated connection and can incur additional data transfer fees.
D. Use a NAT gateway: A NAT gateway is used to allow resources in a private subnet to access the internet. It does not provide a means for VPC-to-VPC communication, and therefore would not be suitable for this scenario.
In summary, VPC peering is the most cost-effective and straightforward option for enabling communication between the two VPCs in different AWS accounts and regions, provided that their CIDR blocks do not overlap.
