Exam AWS Certified Solutions Architect - Associate SAA-C02 topic 1 question 236 discussion

C is correct. Use AWS Global Accelerator, get a static IP for whitelisting on firewalls. No need to replace ALBs with NLBs ! "You can associate these addresses to regional AWS resources or endpoints, such as Application Load Balancers, Network Load Balancers,..."

C is OK

Can I use AWS Global Accelerator for my on-premises services? A: You can't directly configure on-premises resources as endpoints for your static IP addresses, but you can configure a Network Load Balancer (NLB) in each AWS Region to address your on-premises endpoints.

The question says register ALBs IP address which is definitely a typo. I guess they mean NLB. GA is the way to go, no doubt. 1) Traffic is fluctuating 2)Static 3) Global

C looks right

C is correct!

GA provides static IP which we can bind in the firewall, and GA can be associated with ALB.

D would also be an option, if it was in multiple regions. This is actually also a recommendation by AWS. put an elastic IP NLB in front of your ALB

Answer is C https://aws.amazon.com/global-accelerator/faqs/: "Associate the static IP addresses provided by AWS Global Accelerator to regional AWS resources or endpoints, such as Network Load Balancers, Application Load Balancers, EC2 Instances, and Elastic IP addresses"

When you need static IP think GA

Ans=C. Launch AWS Global Accelerator. Register the ALBs in different Regions to the accelerator. Update the on-premises firewall's rule to allow static IP addresses associated with the accelerator.

it is came and answer is C

I think it is C as Global accelerator will provide a static ip which can be used on the Firewall "When you create an Application Load Balancer in the AWS Management Console, you can optionally add an accelerator at the same time. Elastic Load Balancing and Global Accelerator work together to transparently add the accelerator for you. The accelerator is created in your account, with the load balancer as an endpoint.### Using an accelerator provides static IP addresses and improves the availability and performance of your applications.###"

I am going with B. The primary requirement is to get connectivity to the ALBs via on-prem firewall. But for IP we need NLB & hence replace that and configure firewall. Why get global accelerator to get a set of IP? - the functionality of global accelerator is way big that that, which is not part of the requirement here. Also NLB will help with performing better with spikes (which is a mention, but not a requirement)

CCCCCCCCCCCCCCCCCCC

I think the answer is C because By using AWS Global Accelerator, you can: “Associate the static IP addresses provided by AWS Global Accelerator to regional AWS resources or endpoints, such as Network Load Balancers, Application Load Balancers,” “Corporate proxies can also whitelist your application’s static IP addresses in their firewalls.” https://aws.amazon.com/global-accelerator/faqs/

C is Okay