You want to design a VPC with public and private subnets. Which setup ensures instances in private subnets can access the internet but are not reachable from the internet?

hard📝 Architecture Q8 of 15

AWS - VPC Fundamentals

APrivate subnets with no routes; public subnets with no IGW.

BPrivate subnets with IGW route; public subnets with NAT Gateway route.

CBoth subnets with IGW routes and public IPs assigned.

DPrivate subnets with route to NAT Gateway in public subnet; public subnets with IGW route.

Step-by-Step Solution

Solution:

Step 1: Understand subnet roles
Public subnets have IGW routes for inbound/outbound internet access; private subnets do not.
Step 2: Enable private subnet internet access
Private subnets use NAT Gateway in public subnet to access internet outbound only, preventing inbound access.
Final Answer:
Private subnets with route to NAT Gateway in public subnet; public subnets with IGW route. -> Option D
Quick Check:
Private subnet internet via NAT, public subnet via IGW [OK]

Quick Trick: Private subnet internet via NAT Gateway [OK]

Common Mistakes:

Assigning IGW route to private subnet
Reversing NAT and IGW roles
Not assigning public IPs correctly

Master "VPC Fundamentals" in AWS

9 interactive learning modes - each teaches the same concept differently

Learn Why Deep Visual Try Challenge Project Recall Time

Want More Practice?

15+ quiz questions · All difficulty levels · Free

Free Signup - Practice All Questions

More AWS Quizzes

You want to design a VPC with public and private subnets. Which setup ensures instances in private subnets can access the internet but are not reachable from the internet?

Step 1: Understand subnet roles

Step 2: Enable private subnet internet access

Final Answer:

Quick Check:

Want More Practice?