AWS Direct Connect Extension
Question
Your company currently has VPCs located in us-west and us-east.
The company has an AWS Direct Connect connection in the US East region.
They want to have the ability to extend the connection to the us-west.
They also need to minimize time and effort to have this in place.
What two things you need here to satisfy the above requirement?
Answers
Explanations
Click on the arrows to vote for the correct answer
A. B. C. D.Answer - B and C.
The AWS Documentation mentions the following.
You can use an AWS Direct Connect gateway to connect your AWS Direct Connect connection over a private virtual interface to one or more VPCs in your account that are located in the same or different regions.
You associate a Direct Connect gateway with the virtual private gateway for the VPC and then create a private virtual interface for your AWS Direct Connect connection to the Direct Connect gateway.
You can attach multiple private virtual interfaces to your Direct Connect gateway.
The below diagram from the AWS Documentation shows how this can be achieved.
Option A is incorrect since creating another connection would be an overhead.
Option C is CORRECT since we also need a Private Virtual Interface, as shown in the above diagram.
Option D is incorrect since there is no mention of encryption required.
For more information on the Direct Connect gateway, one can visit the below URL.
https://docs.aws.amazon.com/directconnect/latest/UserGuide/direct-connect-gateways.html
The requirement is to extend the AWS Direct Connect connection from the US East region to the US West region while minimizing time and effort. Here are two possible solutions:
Create another AWS Direct Connect connection in us-west: This solution involves creating a new Direct Connect connection in the us-west region. The connection will be established between the customer router and the Direct Connect location in the us-west region. The advantage of this solution is that it provides a dedicated and private connection between the on-premises data center and the VPCs in the us-west region. However, it requires additional configuration and maintenance efforts to set up a new connection.
Make use of the Direct Connect gateway: The Direct Connect gateway is a new feature that allows customers to connect multiple VPCs in different regions to a single Direct Connect connection. This solution involves creating a Direct Connect gateway and associating it with the Direct Connect connection in the us-east region. Then, creating a VPC attachment for the VPCs located in the us-west region and associating them with the Direct Connect gateway. This solution offers a simplified approach that enables the customer to extend their on-premises network to multiple VPCs in different regions using a single Direct Connect connection.
Therefore, the two things that can satisfy the requirement to extend the Direct Connect connection to the us-west region while minimizing time and effort are:
B. Make use of the Direct Connect gateway.
C. Create a private VIF using the current connection.