AWS Certified Solutions Architect Professional SAP-C02 Practice Question

The correct answer is the single NAT instance. A single NAT instance represents a classic single point of failure (SPOF). If the EC2 instance itself fails or the Availability Zone it resides in (us-east-1a) experiences an issue, all outbound internet connectivity for the EC2 instances in all three private subnets will be lost. This directly explains the intermittent connectivity failures. The most reliable solution is to replace the self-managed NAT instance with AWS-managed NAT Gateways. To achieve high availability, a NAT Gateway should be deployed in each Availability Zone, and the route tables for the private subnets in each AZ should be configured to direct outbound traffic to the NAT Gateway in their respective AZ.

• The Auto Scaling group is configured correctly across multiple AZs, which is a design pattern for high availability, not a point of failure.
• Amazon S3 is an inherently highly available and durable regional service that replicates data across a minimum of three AZs by default for standard storage classes. It does not represent a SPOF in this context.
• Amazon SQS is a fully managed, distributed message queue service that redundantly stores messages across multiple AZs to ensure high availability. It is a component that increases reliability, not one that introduces a SPOF.