NAT Gateway is used to provide indirect internet access for EC2 instances. The concept is fairly simple, but it is often misunderstood and deployed incorrectly because of its name.
This quiz is conceptual, and does not provide terraform file for you to try. But it is easy enough that you should be able to spot the misconfiguration by just looking at the above diagram.
[Server] VPC > VPC
[Server] VPC > Subnets
[Server] VPC > NAT Gateway
[Server] VPC > Network ACL
[Server] EC2 > Instances
[Server] EC2 > Security Group
In this case, in order to configure NAT Gateway you need to follow below steps:
- Create another subnet in the same VPC.
- Attach Internet Gateway to the subnet's route table.
- Procure NAT Gateway in the subnet which you created in above steps.
- Change the private subnets route table entry. - Target of the destination "0.0.0.0/0" to the NAT Gateway you just created.
So the diagram at the top of this page is not correct. And it should be deployed like below: