Question 338:
A big SaaS provider migrated one of its on-premises products to AWS since many customers (over 300) already have their own Virtual Private Clouds (VPCs) in AWS. Due to certain product features, one key requirement is that all traffic between the service provider and customers should be private without being exposed to the internet. The company’s operation team already configured a VPC. What is the best solution that can be recommended here?
Answer options:
A.Set up a virtual private gateway in this VPC. To communicate with customer VPCs, set up a private VPN connection. Therefore, a highly available and private link is created between customers and the service provider. B.Create a VPC peering between this VPC and each customer’s VPC so that all connections are secure and private. C.Configure an AWS endpoint service (PrivateLink) in the VPC. Other AWS customer accounts can create a connection from their VPC to the endpoint service using an interface VPC endpoint. D.Create a NAT Gateway in the VPC. Modify the main route table to allow traffic to other VPCs only through this gateway to ensure that the traffic is not public.
