Exam AWS Certified Solutions Architect - Associate SAA-C03 topic 1 question 744 discussion

A for sure. The same question was in "AWS Certified Solutions Architect Associate Practice Test 3" on Udemy. There was an explaination that NLB needs to be before ALB because only NLB can have static IP.

B -> Application Load Balancer cannot be assigned an Elastic IP address (static IP address). C -> Its DNS after all, "Associated elastic IP" is what IP? Makes no sense D -> "If you require a persistent public IP address that can be associated to and from instances as you require, use an Elastic IP address instead." PUBLIC IP of an EC2 is not persistent, although we can give an Elastic Ip, Using EC2 in front of a Load Balancer is tooooo much. What if it gets a million request? So to scale that EC2 you use another LB and an ASG>? This makes no sense A is correct because a NLB can have an elastic IP and we can use this in our firewall as per the use case

Both A and C are correct: A Uses an NLB because it supports Elastic IP addresses, which are static IPs that can be whitelisted by clients. C : Create an Alias record in Route 53 that points to the NLB. An Alias record is a Route 53-specific feature that allows you to map a domain name (e.g., webservice.example.com) directly to the NLB without needing to use the NLB's IP address in the DNS record. Clients can access the web service using the domain name (e.g., webservice.example.com), which resolves to the NLB's IP address. However, in the context of exam, I will select A since the question explicitly mentions the use of an Elastic Load Balancer (ELB), and A directly addresses this by recommending a Network Load Balancer (NLB) with an Elastic IP address.

AnswerA

A - correct (Static ip can thereafter be used for client whitelisting) Using a Network Load Balancer instead of a Classic Load Balancer has the following benefits: Support for static IP addresses for the load balancer. https://docs.aws.amazon.com/elasticloadbalancing/latest/network/introduction.html

Option A Please look into the below for detailed explaination https://www.scalefactory.com/blog/2021/12/13/aws-network-load-balancers-new-features/img/previously-firewall-egress.png

Option C

Setting up an EC2 instance with a public IP address to act as a proxy in front of the load balancer allows clients with restricted IP access to connect to the web service. The EC2 instance can handle IP address whitelisting and proxy requests to the ELB load balancer, ensuring that only authorized clients can access the service. This solution provides flexibility and control over access while leveraging the scalability and availability benefits of ELB.

Option C