A user has created a subnet in VPC and launched an EC2 instance within it. The user has not
selected the option to assign the IP address while launching the instance. Which of the below
mentioned statements is true with respect to this scenario?
A.
The instance will always have a public DNS attached to the instance by default
B.
The user can directly attach an elastic IP to the instance
C.
The instance will never launch if the public IP is not assigned
D.
The user would need to create an internet gateway and then attach an elastic IP to the instance
to
connect from internet
Explanation:
A Virtual Private Cloud (VPC. is a virtual network dedicated to the user’s AWS account. A user can
create a subnet with VPC and launch instances inside that subnet. When the user is launching an
instance he needs to select an option which attaches a public IP to the instance. If the user has
not selected the option to attach the public IP then it will only have a private IP when launched.
The user cannot connect to the instance from the internet. If the user wants an elastic IP to
connect to the instance from the internet he should create an internet gateway and assign an
elastic IP to instance.
D
D
The answer is B.
In D, the user did not ensure that the subnet’s route table points to the Internet gateway.
The internet gateway is not only used as a route out to the internet, but also in routing and translating traffic from the internet to your instance. Your instance is only aware of the private (internal) IP address space defined within the VPC and subnet. Traffic that’s destined for the public IPv4 address or Elastic IP address of your instance has its destination address translated into the instance’s private IPv4 address before the traffic is delivered to the VPC.
https://aws.amazon.com/premiumsupport/knowledge-center/connect-vpc/
Internet Gateway
An Internet gateway allows communication between instances in your VPC and the Internet. To enable Internet access for instances in a VPC subnet, follow these steps:
Attach an Internet gateway to your VPC.
Add a route to the Internet gateway in the route table of the VPC subnet.
Ensure that instances in your subnet have public IP addresses or Elastic IP addresses.
Verify that your network ACL and security group rules allow the relevant traffic to flow to and from your instance.
also: http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_Internet_Gateway.html
Agreed. It’s B.