A company has an Amazon EC2 instance running on a private subnet that needs to access a public website to download patches and updates. The company does not want external websites to see the EC2 instance IP address or initiate connections to it. How can a solutions architect achieve this objective? A. Create a site-to-site VPN connection between the private subnet and the network in which the public site is deployed. B. Create a NAT gateway in a public subnet. Route outbound traffic from the private subnet through the NAT gateway. C. Create a network ACL for the private subnet where the EC2 instance deployed only allows access from the IP address range of the public website. D. Create a security group that only allows connections from the IP address range of the public website. Attach the security group to the EC2 instance.  Suggested Answer: B Community Answer: B This question is in SAA-C02 AWS Certified Solutions Architect – Associate Exam For getting AWS Certified Solutions Architect – Associate Certificate Disclaimers: The website is not related to, affiliated with, endorsed or authorized by Amazon. Trademarks, certification & product names are used for reference only and belong to Amazon. The website does not contain actual questions and answers from Amazon's Certification Exam.
Please login or Register to submit your answer
