AWS Certified SysOps Administrator – Associate (legacy) — Question 102

A user has configured a VPC with a new subnet. The user has created a security group. The user wants to configure that instances of the same subnet communicate with each other. How can the user configure this with the security group?

Answer options

• A. There is no need for a security group modification as all the instances can communicate with each other inside the same subnet
• B. Configure the subnet as the source in the security group and allow traffic on all the protocols and ports
• C. Configure the security group itself as the source and allow traffic on all the protocols and ports
• D. The user has to use VPC peering to configure this

Correct answer: C

Explanation

The correct answer is C, as configuring the security group itself as the source allows for the necessary traffic rules to permit communication between instances. Option A is incorrect because while instances can communicate within the same subnet, security groups can still impose restrictions. Option B suggests configuring the subnet as a source, which is not how security groups operate. Option D is also wrong because VPC peering is unnecessary for communication within the same subnet.