ExamTopics Logo
Mail Us[email protected]
Menu
Amazon Discussions
exam questions

Exam AWS Certified Solutions Architect - Professional All Questions

View all questions & answers for the AWS Certified Solutions Architect - Professional exam
Go to Exam

Exam AWS Certified Solutions Architect - Professional topic 1 question 62 discussion

Exam question from Amazon's AWS Certified Solutions Architect - Professional
Question #: 62
Topic #: 1
[All AWS Certified Solutions Architect - Professional Questions]

A web company is looking to implement an external payment service into their highly available application deployed in a VPC Their application EC2 instances are behind a public facing ELB. Auto scaling is used to add additional instances as traffic increases under normal load the application runs 2 instances in the Auto
Scaling group but at peak it can scale 3x in size. The application instances need to communicate with the payment service over the Internet which requires whitelisting of all public IP addresses used to communicate with it. A maximum of 4 whitelisting IP addresses are allowed at a time and can be added through an
API.
How should they architect their solution?

  • A. Route payment requests through two NAT instances setup for High Availability and whitelist the Elastic IP addresses attached to the MAT instances.
  • B. Whitelist the VPC Internet Gateway Public IP and route payment requests through the Internet Gateway.
  • C. Whitelist the ELB IP addresses and route payment requests from the Application servers through the ELB.
  • D. Automatically assign public IP addresses to the application instances in the Auto Scaling group and run a script on boot that adds each instances public IP address to the payment validation whitelist API.
Show Suggested Answer Hide Answer
Suggested Answer: A 🗳️
by ppshein at April 12, 2021, 3:11 p.m.
Disclaimers:
  • - ExamTopics website is not related to, affiliated with, endorsed or authorized by Amazon.
  • - Trademarks, certification & product names are used for reference only and belong to Amazon.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
amministrazione
8 months, 3 weeks ago
A. Route payment requests through two NAT instances setup for High Availability and whitelist the Elastic IP addresses attached to the NAT instances.
upvoted 1 times
...
TigerInTheCloud
2 years, 4 months ago
Selected Answer: A
A. Kind of old answers. Now we normally whitelist EIPs associated with NAT Gateway. Have not used NAT instance for quite a while. B. No public IP for IGW, IGW is the kind of many-to-many NAT mapping private IPs to public IPs. C. Wrong direction D. At max, 6 instances running, we are over the 4-IP limit
upvoted 1 times
...
bobsmith2000
3 years ago
Why not D? ASG: 2 at normal load, 6 at max. 4 instances can be added at a time. Add a script in user data for whitelisting.
upvoted 2 times
kaushik9845
2 years, 7 months ago
public ip changes when instance restarts . So you need Elastic IP assigned to ec2. But only 4 ip can be whitelisted. But at peak there can be 6 instances.
upvoted 1 times
...
...
cldy
3 years, 4 months ago
A. Route payment requests through two NAT instances setup for High Availability and whitelist the Elastic IP addresses attached to the MAT instances.
upvoted 1 times
...
Akhil254
3 years, 6 months ago
A Correct
upvoted 2 times
...
01037
3 years, 6 months ago
Definitely A
upvoted 1 times
...
Malcnorth59
3 years, 7 months ago
Has to be A
upvoted 1 times
...
ppshein
3 years, 7 months ago
C is good choice for me
upvoted 4 times
Malcnorth59
3 years, 6 months ago
Elb is for ingress traffic and as NLB not specifically mentioned could be dynamic IP
upvoted 3 times
...
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago