Agreed. It is a must-watch for sitting the exam. There is one outdated point regarding CloudHub. You used to be able to use the same ASN for the spokes. The current VPN implementation does not support this. The AWS docs are correct in that there is a requirement for a unique ASN. See docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPN_CloudHub.html.
Hi in this presentation you state " we actually provision two tunnels and those two tunnels give you your resilience into the AWS environment each of those tunnel endpoints terminates in a different availability zone " the implication is that if we only configure one tunnel (not two) and lose one availability zone we lose the VPC. This is an important point - can you point me to official AWS online documentation where this is stated clearly as I need to make reference to it in my design document to justify setting up the required number of VPNs. Thanks!
Andrew, I believe the issue is the router itself not the actual AVZ: aws.amazon.com/directconnect/faqs/ - Q. Are connections to AWS Direct Connect redundant? Each connection consists of a single dedicated connection between ports on your router and an Amazon router. We recommend establishing a second connection if redundancy is required. When you request multiple ports at the same AWS Direct Connect location, they will be provisioned on redundant Amazon routers. If you are talking about only VPN...the two different tunnels are required for redundancy due to IF an end-point fails. With only a single tunnel, the failure of the end-point will result in a single point of failure. docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_VPN.html#VPNConnections