AWS Certified SysOps Administrator – Associate (SOA-C03) — Question 34

A company uses Amazon EC2 Auto Scaling across multiple Availability Zones. The company must ensure that EC2 instances are provisioned in private subnets.
The company recently optimized its cloud infrastructure by reducing the number of NAT gateways in the company’s VPC to one. Some EC2 instances lost internet connectivity after the infrastructure update. A CloudOps engineer must resolve the connectivity issue.
Which solution will meet this requirement?

Answer options

• A. Replace the existing NAT gateway with a NAT instance in the same subnet.
• B. Update VPC route tables to target the existing NAT gateway for internet traffic.
• C. Update VPC route tables to target an internet gateway for internet traffic.
• D. Add secondary IP addresses to the existing NAT gateway.

Correct answer: B

Explanation

The correct answer is B because updating the VPC route tables to target the existing NAT gateway ensures that private subnets can route internet-bound traffic correctly. Option A is incorrect as using a NAT instance instead of a NAT gateway does not solve the routing issue. Option C is invalid because internet traffic from private subnets cannot go directly to an internet gateway. Option D does not address the connectivity issue, as adding secondary IP addresses to the NAT gateway does not change the routing for outbound traffic.