AWS Certified Solutions Architect - Professional 2020

Sign Up Free or Log In to participate!

Exam question feedback – VPC A peering to VPC B & VPC C (B & C have overlapping CIDR)

So I just failed the CSA Pro 2019 exam and I’m taking another shot at it. One of the questions that stuck in my mind was about 3 VPCs peered together (B & C to A). VPC B and VPC C have overlapping CIDRs. I am pretty sure this is the exact image used from the exam –

(That image is from here, near the bottom –

So the situation involved only needing to route from VPC A to VPC B to get to the one instance, but still needing access to all of VPC C .

I totally guess at the answer, I think I picked an answer that mentioned a specific route for the instance in VPC B? I am not very strong in this area, if it isn’t obvious. Even reading over the AWS documentation is just confusing to me. I think the documentation tells me that I picked the right answer since I only remember one answer mentioning a specific route for the instance in VPC B.

3 Answers

hey Josh, sorry to hear you didn’t make it. My exam is this Saturday and your post will be helpful for me. Aside from this VPC question, could you share more tips about the exam? I know there will be lots of AWS Organizations, Systems Manager, Shield/WAF/Config questions but would like to know more from you who recently took it.

Josh Griswell

Actually the other post about the journey to the 2019 exam is a pretty stellar summary.

Josh Griswell

But to summarize my experience. It took me about 2 hours and 15 minutes for my initial pass through the exam. Then I went back and thought heavily about any questions I had flagged. I don’t know if that actually helped me or not though. I remember some questions about Organizations and SCPs, a couple of Snowball questions, troubleshooting 504 errors with API Gateways, 1 AppStream question, a few that involved Kinesis, another with Athena and another with Kibana. How to provision Direct Connect and VIFs caught me off-guard, I remember at least 2 or 3 questions like that, at least they were "deep dives" in Direct Connect in my opinion. Hope this helps.

Mukul Gopal

Thanks a lot Josh! I have been posting in the ACG forum for a while and I am happy that someone finally shared helpful insights. I’ll review these things including the VPC issue.

Thanks for posting this question, I ended up getting a 730 and didn’t have time to break this question down. Frustrated but hopefully it comes up on my next attempt. Basically you want /32 to declare the individual IP you want in B, and then the full subnet from C pointing to the /16. Pretty sure this breaks down to most specific route wins "VPC route tables use longest prefix match to select the most specific route across the intended VPC peering connection. All other traffic is routed through the next matching route, in this case, across the VPC peering connection pcx-aaaacccc."

Mukul Gopal

sorry to hear that Nick, seems that this new CSA Pro exam is really difficult. You missed it by a mere 20 points since 750 is the passing rate. Thank you so much for sharing, it’s my turn to take the exam this Saturday and your post is helpful

Josh Griswell

I have been rather heavily reviewing the material, watching this course for certain and trying to fit in the severless course acloudguru offers as well. Diving deeper into the costs around S3, EBS, EFS, etc as well. I know there was also one question specifically asking if additional gp disk or PIOPS was the cheapest solution. That one surprised me as well, it was so specific around remembering those costs. I have also reviewed re:invent videos around Step Functions, and storage gateways. Really a lot of stuff around severless and systems manager, a podcast around systems manager parameter store, secrets manager and ACM as well. Good luck on your next round, please post a triage!

Mukul Gopal

Hey Josh, thanks again for this tidbit of info about gp disk/PIOPS, my exam is tomorrow so you are an angel to me sharing the good news from the actual AWS exam. I study so hard too but it is more strategic to know which points I should focus more on, I don’t want to waste my $300 USD exam fee!


@Nick, shake hands, buddy. Both of us are the not-so-lucky ones. I failed yesterday with 730. I had to admit that I was completely on a wrong track of preparation baed on the old study material from passleader. I didn’t know there are 75 questions till 60 minutes passed and with less than 20 questions completed. Time management became my top issue besides the surprisingly new terms, e.g. Rekognition, Athena and etc. I tried to recall all the names appeared in the exam, and the list below should be pretty comprehensive.


EC2 Elatic Beanstalk Lambda Serverless Application Model S3 EBS EFS S3 Glacier Snowball Storage Gateway Aurora DynamoDB ElastiCache RDS Redshift CodeDeploy X-Ray Identity & Access Management Artifact Cognito Single Sign-on CloudHSM Key Management Service Certificate Manager Rekognition Auto Scaling CloudFormation CloudTrail CloudWatch Management Console OpsWorks Organizations Service Catalog Systems Manager Trusted Advisor Application Discovery Service Database Migration Service Server Migration Service Snowball API Gateway CloudFront Direct Connect Elastic Load Balancing Route 53 VPC VPN AppStream 2.0 Athena Data Pipeline Kinesis Redshift MQ SNS SQS Step Functions SWF


Some questions I could remember are:

  1. Lamda@edge to improve performance; 2. Migrate metadata of video tapes on-prem to cloud with storage gateway; 3. CloudHSM cluster

I also encountered a question asking the migration strategy: replatform or re-architect (

Hey Josh, I just want to thank you again for sharing your tips. I passed my AWS SA Pro exam, all thanks to this post! I am so happy! 

Here is my exam feedback:

Sign In
Welcome Back!

Psst…this one if you’ve been moved to ACG!

Get Started
Who’s going to be learning?