A subnet can have multiple route tables associated with it.

A network ACL can be associated with multiple subnets.

A route with target “local” on the route table can be edited to restrict traffic within VPC.

Subnet’s IP CIDR block can be same as the VPC CIDR block.

2

5

1

By default 1. But it can be attached to any VPC peered with its belonging VPC.

Policy attached to IAM user does not have access to remove routes.

A route with the target as local cannot be deleted.

You cannot add/delete routes when associated with the subnet. Remove associated, add/delete routes and associate again with the subnet.

There must be at least one route on the route table. Add a new route to enable delete option on existing routes.

AWS S3 bucket is in the different region than your VPC.

EC2 security group outbound rules not allowing traffic to S3 prefix list.

VPC endpoint might have a restrictive policy and does not contain the new S3 bucket.

S3 bucket CORS configuration does not have EC2 instance as the origin.

Internet Gateway

Gateway VPC Endpoints

Elastic IP Addresses

NAT Gateway

Cross region peering is not supported in AWS

CIDR blocks of both VPCs might be overlapping.

Routes not configured in route tables for peering connections.

VPC A security group default outbound rules not allowing traffic to VPC B IP range.

In a Network ACL, for a successful HTTPS connection, add an inbound rule with HTTPS type, IP range in source and ALLOW traffic.

In a Network ACL, for a successful HTTPS connection, you must add an inbound rule and outbound rule with HTTPS type, IP range in source and destination respectively and ALLOW traffic.

In a Security Group, for a successful HTTPS connection, add an inbound rule with HTTPS type and IP range in the source.

In a Security Group, for a successful HTTPS connection, you must add an inbound rule and outbound rule with HTTPS type, IP range in source and destination respectively.