AWS Certified CloudOps Engineer Associate SOA-C03 Practice Question
A company runs two VPCs in the same AWS Region. The VPCs exchange about 15 TB of traffic each month. The network team attached both VPCs to an AWS Transit Gateway, but Finance reports that the monthly Transit Gateway attachment and data-processing charges now exceed budget. The team needs to cut recurring network costs without adding bandwidth bottlenecks or single points of failure. Which solution should the company implement?
Deploy NAT gateways in each VPC and configure the route tables so traffic is sent over the public internet through the NAT gateways.
Migrate all workloads into a single VPC and use security groups to control east-west traffic between application tiers.
Delete the Transit Gateway attachments and establish a VPC peering connection between the two VPCs, then update the route tables to use the peering link.
Create an AWS PrivateLink interface endpoint in each VPC and route all traffic through the endpoints.
Creating a VPC peering connection between the two VPCs is the most cost-effective option when only two VPCs need full, private connectivity in the same Region. VPC peering has no hourly attachment fee, and cross-AZ traffic is billed at $0.01 per GB in each direction-half of the $0.02 per-GB Transit Gateway data-processing fee. Peering uses the existing VPC infrastructure, so there is no single point of failure or bandwidth cap beyond the instance network limits.
AWS PrivateLink would require a Network Load Balancer in one VPC and interface endpoints in the other. Although the per-GB rate is also $0.01, PrivateLink adds endpoint-hour charges and NLB LCU fees, so the total monthly cost would exceed peering. NAT gateways add $0.045 per GB plus hourly charges and would force traffic onto public IP paths, increasing both cost and attack surface. Consolidating both VPCs into one would eliminate inter-VPC charges but entails a complex migration that the scenario does not allow.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is VPC Peering in AWS?
Open an interactive chat with Bash
What are the cost differences between Transit Gateway and VPC Peering?
Open an interactive chat with Bash
What are the limitations of NAT gateways for inter-VPC connectivity?
Open an interactive chat with Bash
AWS Certified CloudOps Engineer Associate SOA-C03
Networking and Content Delivery
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
Pass with Confidence.
IT & Cybersecurity Package
You have hit the limits of our free tier, become a Premium Member today for unlimited access.
Military, Healthcare worker, Gov. employee or Teacher? See if you qualify for a Community Discount.
Monthly
$19.99
$19.99/mo
Billed monthly, Cancel any time.
3 Month Pass
$44.99
$14.99/mo
One time purchase of $44.99, Does not auto-renew.
MOST POPULAR
Annual Pass
$119.99
$9.99/mo
One time purchase of $119.99, Does not auto-renew.
BEST DEAL
Lifetime Pass
$189.99
One time purchase, Good for life.
What You Get
All IT & Cybersecurity Package plans include the following perks and exams .