Q18 — AWS SAA-C03 Ch.1

Question 18 of 65 | ← Chapter 1

Q18. A company has an Amazon EC2 instance running on a private subnet that needs to access a public websites to download patches and updates. The company does not want external websites to see the EC2 instance IP address or initiate connection to it.How can a solution architect achieve this objective?

Correct Answer: B. Create a NAT gateway in a public subnet Route outbound traffic from the private subnet through the NAI gateway

Explanation

You can use a network address translation (NAT) gateway to enable instances in a private subnet to connect to the internet or other AWS services, but prevent the internet from initiating a connection with those instancesNAT gateway is like proxy server and connect EC2 instances in a private subnet to internet.