AWS Certified SysOps Administrator – Associate (legacy) — Question 523

A SysOps Administrator is deploying a test site running on Amazon EC2 instances. The application requires both incoming and outgoing connectivity to the
Internet.
Which combination of steps are required to provide internet connectivity to the EC2 instances? (Choose two.)

Answer options

• A. Add a NAT gateway to a public subnet
• B. Attach a private address to the elastic network interface on the EC2 instance
• C. Attach an Elastic IP address to the internet gateway
• D. Add an entry to the route table for the subnet that points to an internet gateway
• E. Create an internet gateway and attach it to a VPC

Correct answer: D, E

Explanation

To enable bidirectional internet access for EC2 instances in a VPC, you must provision an internet gateway and attach it to the VPC, and then configure the subnet's route table to route external traffic to that gateway. A NAT gateway only allows outbound-initiated communication, making it unsuitable for applications requiring inbound internet connectivity. Assigning a private IP or attempting to attach an Elastic IP to an internet gateway does not establish the required routing paths.