AWS Certified SysOps Administrator – Associate (legacy) — Question 633

A SysOps Administrator is troubleshooting Amazon EC2 connectivity issues to the internet. The EC2 instance is in a private subnet. Below is the route table that is applied to the subnet of the EC2 instance.

Destination `" 10.2.0.0/16 -

Target `" local -

Status `" Active -

Propagated `" No -

Destination `" 0.0.0.0/0 -

Target `" nat-xxxxxxx -

Status `" Blackhole -

Propagated `" No -
What has caused the connectivity issue?

Answer options

• A. The NAT gateway no longer exists.
• B. There is no route to the internet gateway.
• C. The routes are no longer propagating.
• D. There is no route rule with a destination for the internet.

Correct answer: A

Explanation

The 'Blackhole' status in an Amazon VPC route table indicates that the target of the route is no longer available, which typically happens when the NAT gateway has been deleted. Since the route for internet traffic (0.0.0.0/0) points to a non-existent NAT gateway target, all outbound internet traffic from the private subnet is dropped. The other options are incorrect because the route to the internet does exist in the table, but its target is invalid, and route propagation is not required for static NAT gateway routes.