ABC has created a multi-tenant Learning Management System (LMS). The application is hosted for five different tenants (clients) in the VPCs of the respective AWS accounts of the tenant. ABC wants to setup a centralized server which can connect with the LMS of each tenant upgrade if required. ABC also wants to ensure that one tenant VPC should not be able to connect to the other tenant VPC for security reasons. How can ABC setup this scenario?
A) ABC has to setup one centralized VPC which will peer in to all the other VPCs of the tenants.
B) ABC should setup VPC peering with all the VPCs peering each other but block the IPs from CIDR of the tenant VPCs to deny them.
C) ABC should setup all the VPCs with the same CIDR but have a centralized VPC. This way only the centralized VPC can talk to the other VPCs using VPC peering.
D) ABC should setup all the VPCs meshed together with VPC peering for all VPCs.

Question

Quizplus · Accepted Answer

Setting up a centralized VPC that peers with each tenant's VPC allows the centralized server to connect to each LMS while maintaining isolation between tenant VPCs, as VPC peering is not transitive.

ABC Has Created a Multi-Tenant Learning Management System (LMS)