Question 3
Domain 1: Design Secure ArchitecturesSebuah perusahaan memiliki arsitektur multi-region dengan VPC di `us-east-1` dan `ap-southeast-1`. Mereka ingin **EC2 di kedua region** bisa berkomunikasi satu sama lain dengan **routing yang simpel dan centralized**, tanpa setup VPC Peering point-to-point yang makin kompleks seiring bertambahnya VPCs.
Correct answer: B
Explanation
AWS Transit Gateway is built for centralized routing because it supports “network routing, topology, and peering,” letting multiple VPCs attach to one hub instead of many point-to-point links. For multi-region communication, “Transit Gateway Peering” connects the regional TGWs, so EC2 in `us-east-1` and `ap-southeast-1` can route through a simple hub-and-spoke design.
Why each option is right or wrong
A. VPC Peering antara kedua VPC — simpel untuk dua VPC
B. **AWS Transit Gateway** di setiap region, dihubungkan dengan **Transit Gateway Peering** antar region — semua VPC cukup attach ke TGW lokal mereka
AWS Transit Gateway is the AWS-managed hub for network routing and peering, and it is designed to attach multiple VPCs to a single regional gateway instead of building many VPC peering links. For cross-Region connectivity, each Region needs its own TGW and the TGWs are linked with Transit Gateway Peering, which provides transitive routing between `us-east-1` and `ap-southeast-1` without the non-transitive, point-to-point scaling limits of VPC peering.
C. AWS Direct Connect antara kedua region
D. VPN Site-to-Site antara kedua region