Which two steps should an administrator take to allow HTTPS access to a specific virtual machine (VM) through the public Internet for VMware Cloud on AWS? (Choose two.)

Which two steps should an administrator take to allow HTTPS access to a specific virtual machine (VM) through the public Internet for VMware Cloud on AWS? (Choose two.)
A . Create a custom service called HTTPS using port 443.
B . Configure AWS Direct Connect.
C . Configure a SNAT rule translating an internal IP address to a public IP address.
D . Request a public IP address in the VMware Cloud console.
E . Configure a DNAT rule translating a public IP address to an internal IP address.

View Answer

Answer: DE

Explanation:

https://docs.vmware.com/en/VMware-Cloud-on-AWS/services/com.vmware.vmc-aws-networking-security/GUID-0E34C56D-C49C-49B6-A9CF-FBFAF14A126C.html

To allow HTTPS access to a specific VM through the public Internet for VMware Cloud on AWS, the administrator should take the following two steps:

Request a public IP address in the VMware Cloud console. This is required because the VM needs a public IP address to be reachable from the Internet1. The administrator can request a public IP address from the Networking & Security tab in the VMware Cloud console1. The public IP address is allocated from the AWS pool and is associated with the SDDC1.

Configure a DNAT rule translating a public IP address to an internal IP address. This is required because the VM has an internal IP address assigned by the SDDC DHCP server, and the DNAT rule maps the public IP address to the internal IP address of the VM2. The administrator can configure a DNAT rule from the Networking & Security tab in the VMware Cloud console2. The DNAT rule must specify the public IP address as the source, the internal IP address as the destination, and the HTTPS service (TCP 443) as the applied to2.

Reference: 1: Request a Public IP Address – VMware Docs, 2: Configure NAT Rules – VMware Docs