🔥 3-day streak
AWS Certified CloudOps Engineer - Associate157 / 159
Question 157 of 159

A CloudOps engineer is troubleshooting connectivity for an EC2 instance in a private subnet running a web service on port 8080. Instances in the same subnet can reach the service, but a bastion host in a different subnet within the same VPC cannot connect. The instance's security group allows inbound TCP 8080 from the VPC CIDR. The subnet's network ACL has an inbound rule allowing TCP 8080 from the VPC CIDR, but its only outbound rule allows TCP 443 to 0.0.0.0/0. What is the most likely cause of the failure?

Reviewed for accuracy · Report an issueNext question