AWS Certified Solutions Architect – Professional SAP-C01 – Question349 - AWS Certified Solutions Architect

A user has created a VPC with two subnets: one public and one private. The user is planning to run the patch update for the instances in the private subnet.
How can the instances in the private subnet connect to the internet?

A. The private subnet can never connect to the internet
B. Use NAT with an elastic IP
C. Use the internet gateway with a private IP
D. Allow outbound traffic in the security group for port 80 to allow internet updates

Correct Answer: B

Explanation:

Explanation: A Virtual Private Cloud (VPC) is a virtual network dedicated to the user’s AWS account. A user can create a subnet with VPC and launch instances inside that subnet. If the user has created two subnets (one private and one public), they would need a Network Address Translation (NAT) instance with the elastic IP address. This enables the instances in the private subnet to send requests to the internet (for example, to perform software updates).
Reference:
http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_Scenario2…