Topic 1 Question 470
A company has applications hosted on Amazon EC2 instances with IPv6 addresses. The applications must initiate communications with other external applications using the internet. However the company’s security policy states that any external service cannot initiate a connection to the EC2 instances.
What should a solutions architect recommend to resolve this issue?
Create a NAT gateway and make it the destination of the subnet's route table
Create an internet gateway and make it the destination of the subnet's route table
Create a virtual private gateway and make it the destination of the subnet's route table
Create an egress-only internet gateway and make it the destination of the subnet's route table
ユーザの投票
コメント(2)
- 正解だと思う選択肢: D
An egress-only internet gateway (EIGW) is specifically designed for IPv6-only VPCs and provides outbound IPv6 internet access while blocking inbound IPv6 traffic. It satisfies the requirement of preventing external services from initiating connections to the EC2 instances while allowing the instances to initiate outbound communications.
👍 4LONGMEN2023/05/18 - 正解だと思う選択肢: D
Egress-Only internet Gateway
👍 3radev2023/05/15
シャッフルモード