AWS Certified SysOps Administrator – Associate — Question 37

A SysOps administrator migrates NAT instances to NAT gateways. After the migration, an application that is hosted on Amazon EC2 instances in a private subnet cannot access the internet.
Which of the following are possible reasons for this problem? (Choose two.)

Answer options

• A. The application is using a protocol that the NAT gateway does not support.
• B. The NAT gateway is not in a security group.
• C. The NAT gateway is in an unsupported Availability Zone.
• D. The NAT gateway is not in the Available state.
• E. The port forwarding settings do not allow access to internal services from the internet.

Correct answer: A, D

Explanation

Option A is correct because certain protocols may not be supported by NAT gateways, impacting the application's internet access. Option D is also correct as the NAT gateway must be in the Available state to function properly; if it's not, it won't facilitate internet connectivity. The other options do not directly affect the NAT gateway's ability to provide internet access.