ExamTopics Logo
Mail Us[email protected]
Menu
Amazon Discussions
exam questions

Exam AWS Certified Solutions Architect - Professional All Questions

View all questions & answers for the AWS Certified Solutions Architect - Professional exam
Go to Exam

Exam AWS Certified Solutions Architect - Professional topic 1 question 955 discussion

Exam question from Amazon's AWS Certified Solutions Architect - Professional
Question #: 955
Topic #: 1
[All AWS Certified Solutions Architect - Professional Questions]

A company has migrated a legacy application to the AWS Cloud. The application runs on three Amazon EC2 instances that are spread across three Availability Zones. One EC2 instance is in each Availability Zone. The EC2 instances are running in three private subnets of the VPC and are set up as targets for an Application Load Balancer (ALB) that is associated with three public subnets.

The application needs to communicate with on-premises systems. Only traffic from IP addresses in the company's IP address range are allowed to access the on-premises systems. The company's security team is bringing only one IP address from its internal IP address range to the cloud. The company has added this IP address to the allow list for the company firewall. The company also has created an Elastic IP address for this IP address.

A solutions architect needs to create a solution that gives the application the ability to communicate with the on-premises systems. The solution also must be able to mitigate failures automatically.

Which solution will meet these requirements?

  • A. Deploy three NAT gateways, one in each public subnet. Assign the Elastic IP address to the NAT gateways. Turn on health checks for the NAT gateways. If a NAT gateway fails a health check, recreate the NAT gateway and assign the Elastic IP address to the new NAT gateway.
  • B. Replace the ALB with a Network Load Balancer (NLB). Assign the Elastic IP address to the NLB Turn on health checks for the NLIn the case of a failed health check, redeploy the NLB in different subnets.
  • C. Deploy a single NAT gateway in a public subnet. Assign the Elastic IP address to the NAT gateway. Use Amazon CloudWatch with a custom metric to monitor the NAT gateway. If the NAT gateway is unhealthy, invoke an AWS Lambda function to create a new NAT gateway in a different subnet. Assign the Elastic IP address to the new NAT gateway.
  • D. Assign the Elastic IP address to the ALB. Create an Amazon Route 53 simple record with the Elastic IP address as the value. Create a Route 53 health check. In the case of a failed health check, recreate the ALB in different subnets.
Show Suggested Answer Hide Answer
Suggested Answer: C 🗳️
by masetromain at Nov. 29, 2022, 3:58 p.m.
Disclaimers:
  • - ExamTopics website is not related to, affiliated with, endorsed or authorized by Amazon.
  • - Trademarks, certification & product names are used for reference only and belong to Amazon.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
coolt2
2 years, 3 months ago
Selected Answer: C
to connect out from the private subnet you need an NAT gateway and since only one Elastic IP whitelisted on firewall its one NATGateway at time and if AZ failure happens Lambda creates a new NATGATEWAY in a different AZ using the Same Elastic IP ,dont be tempted to select D since application that needs to connect is on a private subnet whose outbound connections use the NATGateway Elastic IP
upvoted 1 times
...
zozza2023
2 years, 3 months ago
Selected Answer: C
1 Elastic IP mean 1 NAT gateway
upvoted 1 times
...
Heer
2 years, 3 months ago
The ask in the question is to create a solution that gives the application(EC2 instances from all the 3 AZs the ability to communicate with the on-premises systems)i.e outgoing traffic Incoming traffic is handled by load balancers Outgoing traffic for Private subnet is handled by NAT Gateway So Its clear that the solution has to be with NAT gateway ,Now the confusion is that whether 3 NAT or 1 NAT ? So the question says that we have 1 company address created as 1Elastic IP So 1 Elastic IP can only be associated with 1 NAT gateway . SO the right answer is OPTION C
upvoted 1 times
...
ggrodskiy
2 years, 5 months ago
Correct C
upvoted 4 times
...
masetromain
2 years, 5 months ago
I think the answer is D.
upvoted 1 times
Spavanko
2 years, 5 months ago
How you plan to "Assign the Elastic IP address to the ALB."?
upvoted 1 times
masetromain
2 years, 5 months ago
You are right an Application Load Balancer cannot be assigned an Elastic IP address. what is the right answer for you?
upvoted 1 times
...
...
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago