Find answers, ask questions, and connect with our
community around the world.

Home Forums AWS AWS Certified SysOps Administrator Associate set 1 questions Reply To: set 1 questions

  • jjreyn

    September 22, 2020 at 11:48 pm

    Without E, the system will be unable to initiate the connection through the sg to the third party APIs. Assuming E is in place, the responses from the third party APIs will come back in on ephemeral ports, so Ithose need to be opened up on the NACL (D).
    So the overall flow for the API communication should be:

    Outbound API call goes out through the SG (allowed by E), then out through the NACL (allowed by C), and reaches the destination whereupon a response is returned. The response is on an ephemeral port (allowed by D). The SG is stateful so “B” is not needed or desired.

    BTW — I’ve passed the sysops exam so this question isn’t really relevant for me any more.