Deploy Application in AWS EC2 | CloudFormation Template | AWS Certified Developer Exam

CloudFormation Template for Deploying Application in AWS EC2

Q: You need to deploy an application in AWS EC2A CloudFormation template is required to prepare for the infrastructure including VPC, public subnet, and private subnet.The EC2 instances should be placed into private subnets.The application needs to connect to the internet to download software packages.Which resources should be included in the CloudFormation template? (Select TWO).

Route table for NAT Gateway.Internet Gateway.

Prev Question Next Question

Question

You need to deploy an application in AWS EC2

A CloudFormation template is required to prepare for the infrastructure including VPC, public subnet, and private subnet.

The EC2 instances should be placed into private subnets.

The application needs to connect to the internet to download software packages.

Which resources should be included in the CloudFormation template? (Select TWO).

Answers

A. VPC endpoint

B. Route table for NAT Gateway.

C. DHCP option set

D. Internet Gateway.

E. Transit gateway route table.

Show Answer

Explanations

Click on the arrows to vote for the correct answer

A. B. C. D. E.

Correct Answer - B, D.

Option A is incorrect: Because the VPC endpoint is not required as EC2 in the private subnet needs to connect with the internet.

Option B is CORRECT: Because a route table of the private subnet is required that routes the traffic to the NAT Gateway.

Option C is incorrect: Because the DHCP option set is used to configure DHCP, which is unnecessary in this scenario.

Option D is CORRECT: Because Internet Gateway is necessary for the public subnet.

Option E is incorrect: Because a Transit Gateway is a network transit hub that interconnects attachments (VPCs and VPNs), which is not mentioned in the question.

Reference:

https://docs.aws.amazon.com/codebuild/latest/userguide/cloudformation-vpc-template.html

To deploy an application in AWS EC2, a CloudFormation template is required to prepare the infrastructure, which includes VPC, public subnet, and private subnet. The EC2 instances should be placed in private subnets.

The application needs to connect to the internet to download software packages, so two resources should be included in the CloudFormation template:

NAT Gateway: Since the EC2 instances are in a private subnet, they can't access the internet directly. NAT Gateway acts as a proxy server to allow instances in the private subnet to connect to the internet. A route table for NAT Gateway should also be included, which routes traffic from the private subnet to the NAT Gateway.
Internet Gateway: An Internet Gateway is required to allow traffic to and from the internet. It should be attached to the VPC and have a route table that directs traffic to it.

Hence, options B and D are the correct answers: B. Route table for NAT Gateway. D. Internet Gateway.

Option A - VPC endpoint is used to connect to services such as S3 and DynamoDB without requiring an internet gateway, but it is not required for this scenario.

Option C - DHCP option set is used to configure DHCP options for instances in the VPC, but it is not required for this scenario.

Option E - Transit Gateway route table is used to route traffic between VPCs and on-premises networks via a Transit Gateway, but it is not required for this scenario.

Prev Question Next Question