How can ExamKiller setup this scenario?

ExamKiller has created a multi-tenant Learning Management System (LMS). The application is
hosted for five different tenants (clients) in the VPCs of the respective AWS accounts of the

tenant. ExamKiller wants to setup a centralized server which can connect with the LMS of each
tenant upgrade if required. ExamKiller also wants to ensure that one tenant VPC should not be
able to connect to the other tenant VPC for security reasons. How can ExamKiller setup this
scenario?

ExamKiller has created a multi-tenant Learning Management System (LMS). The application is
hosted for five different tenants (clients) in the VPCs of the respective AWS accounts of the

tenant. ExamKiller wants to setup a centralized server which can connect with the LMS of each
tenant upgrade if required. ExamKiller also wants to ensure that one tenant VPC should not be
able to connect to the other tenant VPC for security reasons. How can ExamKiller setup this
scenario?

A.
ExamKiller has to setup one centralized VPC which will peer in to all the other VPCs of the
tenants.

B.
ExamKiller should setup VPC peering with all the VPCs peering each other but block the IPs from
CIDR of the tenant VPCs to deny them.

C.
ExamKiller should setup all the VPCs with the same CIDR but have a centralized VPC. This way
only the centralized VPC can talk to the other VPCs using VPC peering.

D.
ExamKiller should setup all the VPCs meshed together with VPC peering for all VPCs.

Explanation:
A Virtual Private Cloud (VPC) is a virtual network dedicated to the user’s AWS account. It enables
the user to launch AWS resources into a virtual network that the user has defined. A VPC peering
connection allows the user to route traffic between the peer VPCs using private IP addresses as if
they are a part of the same network.
This is helpful when one VPC from the same or different AWS account wants to connect with
resources of the other VPC. The organization wants to setup that one VPC can connect with all
the other VPCs but all other VPCs cannot connect among each other. This can be achieved by
configuring VPC peering where one VPC is peered with all the other VPCs, but the other VPCs
are not peered to each other. The VPCs are in the same or a separate AWS account and should
not have overlapping CIDR blocks.
http://docs.aws.amazon.com/AmazonVPC/latest/PeeringGuide/peering-configurations-fullaccess.html# many-vpcs-full-acces



Leave a Reply 1

Your email address will not be published. Required fields are marked *


Donathon Ong

Donathon Ong

A is the only possibility so that each tenant has no way of contacting the other tentants.
A VPC peering connection is a one to one relationship between two VPCs. You can create multiple VPC peering connections for each VPC that you own, but transitive peering relationships are not supported: you do not have any peering relationship with VPCs that your VPC is not directly peered with.
http://docs.aws.amazon.com/AmazonVPC/latest/PeeringGuide/vpc-peering-basics.html