Prev Question
Next Question

You’ve been brought in as solutions architect to assist an enterprise customer with their migration of an ecommerce platform to Amazon Virtual Private Cloud (VPC) The previous architect has already deployed a 3-
tier VPC.
The configuration is as follows:
VPC vpc-2f8t>C447

IGVV ig-2d8bc445
NACL acl-2080c448
Subnets and Route Tables:
Web server’s subnet-258Dc44d
Application server’s suDnet-248bc44c
Database server’s subnet-9189c6f9
Route Tables:
subnet-258bc44d: rtb-2i8bc449
Subnet-248DC44C rtb-238tX44b
subnet-9189c6f9 rtb-238Dc 44b
You are now ready to begin deploying EC2 instances into the VPC Web servers must have direct access to the
internet Application and database servers cannot have direct access to the internet.
Which configuration below will allow you the ability to remotely administer your application and database
servers, as well as allow these servers to retrieve updates from the Internet?

Create a bastion and NAT Instance in subnet-248bc44c and add a route from rtb-238bc44b to subnet-

Add a route from rtD-238bc44D to igw-2d8bc445 and add a bastion and NAT instance within suonet-

Create a bastion and MAT Instance In subnet-258bc44d. Add a route from rtb-238bc44b to igw-2d8bc445.
And a new NACL that allows access between subnet-258bc44d and subnet-248bc44c.

Create a bastion and mat instance in suDnet-258Dc44d and add a route from rtD-238Dc44D to the mat

Prev Question
Next Question

Leave a Reply

Your email address will not be published. Required fields are marked *