AWS Certified SysOps Administrator – Associate (legacy) — Question 268

A user has created a VPC with CIDR 20.0.0.0/16 using the wizard. The user has created a public subnet CIDR (20.0.0.0/24. and VPN only subnets CIDR
(20.0.1.0/24. along with the VPN gateway (vgw-12345. to connect to the user's data center. Which of the below mentioned options is a valid entry for the main route table in this scenario?

Answer options

• A. Destination: 20.0.0.0/24 and Target: vgw-12345
• B. Destination: 20.0.0.0/16 and Target: ALL
• C. Destination: 20.0.1.0/16 and Target: vgw-12345
• D. Destination: 0.0.0.0/0 and Target: vgw-12345

Correct answer: D

Explanation

When creating a VPC with a public subnet and a VPN-only subnet using the wizard, the main route table is associated with the VPN-only subnet. To direct all outbound internet and corporate-bound traffic from this subnet through the virtual private gateway, a default route of 0.0.0.0/0 pointing to vgw-12345 is added. The VPC's local route (20.0.0.0/16 to local) is automatically created, making the other options incorrect.