AWS Certified Solutions Architect – Professional SAP-C01 – Question153 - AWS Certified Solutions Architect

The MySecureData company has five branches across the globe. They want to expand their data centers such that their web server will be in the AWS and each branch would have their own database in the local data center. Based on the user login, the company wants to connect to the data center. How can MySecureData company implement this scenario with the AWS VPC?

A. Create five VPCs with the public subnet for the app server and setup the VPN gateway for each VPN to connect them individually.
B. Use the AWS VPN CloudHub to communicate with multiple VPN connections.
C. Use the AWS CloudGateway to communicate with multiple VPN connections.
D. It is not possible to connect different data centers from a single VPC.

Correct Answer: B

Explanation:

Explanation: A Virtual Private Cloud (VPC) is a virtual network dedicated to the user’s AWS account. The user can create subnets as per the requirement within a VPC. If the user wants to connect VPC from his own data centre, he can setup a public and VPN only subnet which uses hardware VPN access to connect with his data centre. If the organization has multiple VPN connections, he can provide secure communication between sites using the AWS VPN CloudHub.
The VPN CloudHub operates on a simple hub-and-spoke model that the user can use with or without a VPC. This design is suitable for customers with multiple branch offices and existing internet connections who would like to implement a convenient, potentially low-cost hub-and- spoke model for primary or backup connectivity between remote offices.
Reference:
http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPN_CloudHub….