Which solution meets these requirements?

By:
On:
In: SAA-C03
Tagged:
With: 0 Comments
A company runs a public three-tier web application in a VPC.The application runs on Amazon EC2 instances across multiple Availability Zones.The EC2 instances that run in private subnets need to communicate with a license server over the internet.The company needs a managed solution that minimizes operational maintenance.

Which solution meets these requirements?

Provision a NAT instance in a public subnet. Modify each private subnet’s route table with a default route that points to the NAT instance.

Provision a NAT instance in a private subnet. Modify each private subnet’s route table with a default route that points to the NAT instance.

Provision a NAT gateway in a public subnet. Modify each private subnet’s route table with a default route that points to the NAT gateway.

Provision a NAT gateway in a private subnet. Modify each private subnet’s route table with a default route that points to the NAT gateway.

Explanations:

NAT instance must be in a public subnet for it to access the internet. Private subnets can’t route traffic to a NAT instance in a public subnet unless the NAT instance itself is in a public subnet.

NAT instance should be in a public subnet to allow internet access. Placing it in a private subnet restricts its ability to route internet traffic.

NAT gateway must be in a public subnet to allow access to the internet. The route table in private subnets should route traffic to the NAT gateway. NAT gateways are a managed service that minimizes operational overhead.

NAT gateway must be in a public subnet to route traffic to the internet. A NAT gateway in a private subnet cannot provide internet access.

Leave a Reply

Your email address will not be published. Required fields are marked *

two × two =