Exam AWS Certified Solutions Architect - Associate SAA-C02 topic 1 question 368 discussion

D An egress-only internet gateway is for use with IPv6 traffic only. To enable outbound-only internet communication over IPv4, use a NAT gateway instead. https://docs.aws.amazon.com/vpc/latest/userguide/egress-only-internet-gateway.html

IPv6 not supported in NAT Gateway, https://docs.aws.amazon.com/vpc/latest/userguide/vpc-nat-gateway.html Ans. D

d-that's the whole purpose of an egress-only igw

Answer is D. IPv6 addresses are globally unique, and are therefore public by default. If you want your instance to be able to access the internet, but you want to prevent resources on the internet from initiating communication with your instance, you can use an egress-only internet gateway. https://docs.aws.amazon.com/vpc/latest/userguide/egress-only-internet-gateway.html

IPV6 equals D

Egress Only Internet Gateway • Egress only Internet Gateway is for IPv6 only • Similar function as a NAT, but a NAT is for IPv4 • Good to know: IPv6 are all public addresses • Therefore all our instances with IPv6 are publicly accessibly • Egress Only Internet Gateway gives our IPv6 instances access to the internet, but they won’t be directly reachable by the internet • After creating an Egress Only Internet Gateway, edit the route tables

https://docs.aws.amazon.com/vpc/latest/userguide/egress-only-internet-gateway.html: "An egress-only internet gateway is a horizontally scaled, redundant, and highly available VPC component that allows outbound communication over IPv6 from instances in your VPC to the internet, and prevents the internet from initiating an IPv6 connection with your instances." Answer is D

DDDDDD

D. Create an egress-only internet gateway and make it the destination of the subnetג€™s route table.