Q100 — AWS ANS-C01 Ch.1
Question 100 of 100 | ← Chapter 1
A company has two business units (BUs). The company operates in the us-east-1 Region and the us-west-1 Region. The company plans to extend To more Regions in the future. Each BU has a VPC in each Region. Each Region has a transit gateway with the BU VPCs attached. The transit Gateways in both Regions are peered. The company will create several more BUs in the future and will need to isolate some of the BUs from the other BUs. The company wants to Migrate to an architecture to incorporate more Regions and BUs. Which solution will meet these requirements with the MOST operational efficiency?
- A. Create a new transit gateway for each new BU in each Region. Peer the new transit gateways with the existing transit gateways. Update the Route tables to control traffic between BUs.
- B. Create an AWS Cloud WAN core network with an edge location in both Regions. Configure a segment for each BU with VPC attachments to The new BU VPCs. Use segment actions to control traffic between segments. ✓
- C. Create an AWS Cloud WAN core network with an edge location in both Regions. Configure a segment for each BU with VPC attachments to The new BU VPCs. Configure the segments to isolate attachments to control traffic between segments.
- D. Attach new VPCs to the existing transit gateways. Update route tables to control traffic between BUs.
Correct Answer: B. Create an AWS Cloud WAN core network with an edge location in both Regions. Configure a segment for each BU with VPC attachments to The new BU VPCs. Use segment actions to control traffic between segments.
Explanation
AWS Cloud WAN的核心网络设计适用于多区域、多业务单元扩展场景。AWS官方文档指出,Cloud WAN通过全局网络简化跨区域连接,使用Segment逻辑隔离不同业务单元流量。选项B通过为每个BU创建独立Segment,利用Segment Actions精细化控制流量交互策略,相比Transit Gateway对等连接的手动路由配置,减少了运营复杂度。选项C的"isolate attachments"会导致Segment间完全隔离,不符合需要部分通信的需求。选项A/D涉及大量手动路由维护,操作效率低。选项B的策略管理能灵活适应未来扩展需求。