Application servers currently deployed in a private subnet require the ability to integrate with a third-party service accessible through the Internet.
Which changes are required to provide outbound Internet connectivity in the VPC without providing inbound Internet connectivity to the application servers?
The following diagram illustrates the architecture of a VPC with a NAT gateway. The main route table sends internet traffic from the instances in the private subnet to the NAT gateway. The NAT gateway sends the traffic to the internet gateway using the NAT gateway’s Elastic IP address as the source IP address.
而第4个答案中的Virtual Private Gate是Site-to-Site VPN的终结点。可以很容易排除。Written on September 19th, 2019 by Ken Lai