ExamTopics Logo
Mail Us[email protected]
Menu
Amazon Discussions
exam questions

Exam AWS Certified Solutions Architect - Professional All Questions

View all questions & answers for the AWS Certified Solutions Architect - Professional exam
Go to Exam

Exam AWS Certified Solutions Architect - Professional topic 1 question 628 discussion

Exam question from Amazon's AWS Certified Solutions Architect - Professional
Question #: 628
Topic #: 1
[All AWS Certified Solutions Architect - Professional Questions]

A solutions architect is migrating an existing workload to AWS Fargate. The task can only run in a private subnet within the VPC where there is no direct connectivity from outside the system to the application. When the Fargate task is launched, the task fails with the following error:
CannotPullContainerError: API error (500): Get https://111122223333.dkr.ecr.us-east-1.amazonaws.com/v2/: net/http: request canceled while waiting for connection
How should the solutions architect correct this error?

  • A. Ensure the task is set to ENABLED for the auto-assign public IP setting when launching the task.
  • B. Ensure the task is set to DISABLED for the auto-assign public IP setting when launching the task. Configure a NAT gateway in the public subnet in the VPC to route requests to the internet.
  • C. Ensure the task is set to DISABLED for the auto-assign public IP setting when launching the task. Configure a NAT gateway in the private subnet in the VPC to route requests to the internet.
  • D. Ensure the network mode is set to bridge in the Fargate task definition.
Show Suggested Answer Hide Answer
Suggested Answer: B 🗳️
by Gmail78 at Nov. 3, 2020, 9:59 a.m.
Disclaimers:
  • - ExamTopics website is not related to, affiliated with, endorsed or authorized by Amazon.
  • - Trademarks, certification & product names are used for reference only and belong to Amazon.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
asldavid
Highly Voted 3 years, 7 months ago
B. https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task_cannot_pull_image.html
upvoted 22 times
...
liono
Highly Voted 3 years, 7 months ago
B is the correct answer. The NAT needs to be in public subnet. https://stackoverflow.com/questions/48368499/stopped-cannotpullcontainererror-api-error-500
upvoted 12 times
porlarowl
3 years, 7 months ago
I understand that "Configure a NAT GW in the private subnet" dose not mean Creating a NAT GW. If it means creating a NAT GW, the answer should be B. On the other hand, it means attaching a NAT GW to subnet, the answer should be C. I am not sure, cause I am not a English native speaker.
upvoted 2 times
petebear55
3 years, 6 months ago
THINK YOUR RIGHT .. however because they have asked you to choose between public and private in the answers .. knowing aws this leads to one of these being the answer .. so in exam i would put b .. for public
upvoted 2 times
...
...
Kelvin1477
3 years, 7 months ago
yes agree, NAT gw always public facing caused need public IP to communicate with ECR
upvoted 1 times
...
...
SkyZeroZx
Most Recent 1 year, 10 months ago
Selected Answer: B
yes agree, NAT gw always public facing caused need public IP to communicate with ECR Similar question in tutorials Dojos
upvoted 1 times
...
aws0909
2 years, 3 months ago
Selected Answer: B
NAT gateway in the public subnet in the VPC to route requests to the internet.
upvoted 1 times
...
kangtamo
2 years, 10 months ago
Selected Answer: B
Agree with B.
upvoted 1 times
...
AzureDP900
3 years, 5 months ago
B is right When a Fargate task is launched, its elastic network interface requires a route to the internet to pull container images. If you receive an error similar to the following when launching a task, it is because a route to the internet does not exist: CannotPullContainerError: API error (500): Get https://111122223333.dkr.ecr.us-east-1.amazonaws.com/v2/: net/http: request canceled while waiting for connection” To resolve this issue, you can: o For tasks in public subnets, specify ENABLED for Auto-assign public IP when launching the task. o For tasks in private subnets, specify DISABLED for Auto-assign public IP when launching the task, and configure a NAT gateway in your VPC to route requests to the internet.
upvoted 5 times
...
andylogan
3 years, 5 months ago
It's B
upvoted 1 times
...
nsei
3 years, 6 months ago
Answer is B. NAT gateway should be in the public subnet.
upvoted 1 times
...
tgv
3 years, 6 months ago
BBB ---
upvoted 1 times
...
blackgamer
3 years, 6 months ago
B. NAT gateway needs to be in public subnet.
upvoted 2 times
...
AndyTokyo608
3 years, 6 months ago
I go with C For tasks in public subnets, specify ENABLED for Auto-assign public IP when launching the task
upvoted 1 times
DerekKey
3 years, 6 months ago
Strange. Read the question again. "The task can only run in a private subnet within the VPC where there is no direct connectivity from outside the system to the application"
upvoted 1 times
...
...
WhyIronMan
3 years, 6 months ago
I'll go with B
upvoted 2 times
...
Waiweng
3 years, 6 months ago
it's B
upvoted 3 times
...
Waiweng
3 years, 6 months ago
it's B
upvoted 2 times
...
Kian1
3 years, 6 months ago
going with B
upvoted 2 times
...
Ebi
3 years, 6 months ago
B is my choice
upvoted 4 times
...
kopper2019
3 years, 6 months ago
B, NAT GW must in a public subnet in order to work
upvoted 1 times
kopper2019
3 years, 6 months ago
https://aws.amazon.com/blogs/compute/task-networking-in-aws-fargate/ https://docs.aws.amazon.com/AmazonECS/latest/developerguide/service-configure-network.html
upvoted 1 times
...
...
Load full discussion...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago