exam questions

Exam AWS Certified Solutions Architect - Professional All Questions

View all questions & answers for the AWS Certified Solutions Architect - Professional exam

Exam AWS Certified Solutions Architect - Professional topic 1 question 776 discussion

A company is running a legacy application on Amazon EC2 instances in multiple Availability Zones behind a software load balancer that runs on an active/standby set of EC2 instances. For disaster recovery, the company has created a warm standby version of the application environment that is deployed in another AWS
Region. The domain for the application uses a hosted zone from Amazon Route 53.
The company needs the application to use static IP addresses, even in the case of a failover event to the secondary Region. The company also requires the client's source IP address to be available for auditing purposes.
Which solution meets these requirements with the LEAST amount of operational overhead?

  • A. Replace the software load balancer with an AWS Application Load Balancer. Create an AWS Global Accelerator accelerator. Add an endpoint group for each Region. Configure Route 53 health checks. Add an alias record that points to the accelerator.
  • B. Replace the software load balancer with an AWS Network Load Balancer. Create an AWS Global Accelerator accelerator. Add an endpoint group for each Region. Configure Route 53 health checks. Add a CNAME record that points to the DNS name of the accelerator.
  • C. Replace the software load balancer with an AWS Application Load Balancer. Use AWS Global Accelerator to create two separate accelerators. Add an endpoint group for each Region. Configure Route 53 health checks. Add a record set that is configured for active-passive DNS failover. Point the record set to the DNS names of the two accelerators.
  • D. Replace the software load balancer with an AWS Network Load Balancer. Use AWS Global Accelerator to create two separate accelerators. Add an endpoint group for each Region. Configure Route 53 health checks. Add a record set that is configured for weighted round-robin DNS failover. Point the record set to the DNS names of the two accelerators.
Show Suggested Answer Hide Answer
Suggested Answer: A 🗳️

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
tvs
Highly Voted 3 years, 2 months ago
A. https://docs.aws.amazon.com/global-accelerator/latest/dg/preserve-client-ip-address.how-to-enable-preservation.html Global Accelerator does not support client IP address preservation for Network Load Balancer and Elastic IP address endpoints.
upvoted 11 times
sashenka
3 years ago
Furthermore, for those questioning that the GA will route to both endpoints in the endpoing group (Active region as well as the DR region ALB's), the GA can configure endpoints with weights for routing preference. By default they are set at 128 but one can configure one to send a tiny portion of your traffic to one endpoint and the rest to another endpoint, you might specify weights of 1 and 255. GA will route based on the weight unless to only healthy endpoints. Once the Primary region endpoint becomes unhealthy all traffic will route to the DR endpoint even though it has a weight of 1. The unhealthy endpoints assumes a weight of 0 during an unhealthy state. https://docs.aws.amazon.com/global-accelerator/latest/dg/about-endpoints-endpoint-weights.html
upvoted 2 times
sashenka
3 years ago
This clarifies it a bit more at the above link. So you can actually set the weight to 0's for the endpoint group in the DR and it will route to it in the event that Primary endpoint group becomes unhealthy. "If there are no healthy endpoints in an endpoint group that have a weight greater than zero, Global Accelerator tries to failover to a healthy endpoint with a weight greater than zero in another endpoint group. For this failover, Global Accelerator ignores the traffic dial setting. So if, for example, an endpoint group has a traffic dial set to zero, Global Accelerator still includes that endpoint group in the failover attempt."
upvoted 1 times
Millari
2 years, 5 months ago
There are two types of endpoints that can preserve the source IP address of the client in incoming packets: Application Load Balancers and Amazon EC2 instances. https://docs.aws.amazon.com/global-accelerator/latest/dg/preserve-client-ip-address.html
upvoted 1 times
...
...
Chuky64
2 years, 6 months ago
If Global Accelerator detects that your application endpoint is failing in the primary AWS Region, it instantly triggers traffic re-routing to your application endpoint in the next available, closest AWS Region.
upvoted 1 times
...
...
...
skywalker
Most Recent 2 years, 2 months ago
A . B and D are out coz : Global Accelerator does not support client IP address preservation for Network Load Balancer and Elastic IP address endpoints. C is also out coz it create two seperate accelerators.. It need seperate endpoint in same accelerators instead.. Thus answer is A
upvoted 1 times
...
asfsdfsdf
2 years, 4 months ago
GA does not need two separate accelerators in order to route traffic between regions so C and D are out. https://docs.aws.amazon.com/global-accelerator/latest/dg/introduction-how-it-works.html#introduction-traffic-dials-weights between A and B - A is out since GA with NLB cannot support IP preservation. Also its better to use alias records with AWS resources. https://docs.aws.amazon.com/global-accelerator/latest/dg/preserve-client-ip-address.how-to-enable-preservation.html
upvoted 1 times
asfsdfsdf
2 years, 4 months ago
my bad, B is out between A and B - the correct answer is A - GA with endpoints in each region pointing to the ALB + Alias record
upvoted 2 times
...
...
TechX
2 years, 5 months ago
Selected Answer: A
A for me
upvoted 2 times
...
kangtamo
2 years, 5 months ago
Selected Answer: A
A sounds better.
upvoted 2 times
...
azurehunter
2 years, 5 months ago
Answer is A. Both GC and R53 can be used for Regional Active-Passive Failover. One GC fulfills all requirements, and do not need to create two GC. Search keyword "Global Accelerator" in the link below: https://docs.aws.amazon.com/whitepapers/latest/disaster-recovery-workloads-on-aws/disaster-recovery-options-in-the-cloud.html
upvoted 1 times
azurehunter
2 years, 5 months ago
shall be "GA"
upvoted 1 times
...
...
cloudude
2 years, 7 months ago
Selected Answer: C
go with c
upvoted 1 times
...
pititcu667
2 years, 10 months ago
Selected Answer: C
going with c simply because of active failover. Not sure how you would do it with a.
upvoted 1 times
usmanbaigmughal
2 years, 9 months ago
Option A is right. you can manage Active passive in Global accelerator by adding passive endpoint weight to 0. https://docs.aws.amazon.com/global-accelerator/latest/dg/about-endpoints-endpoint-weights.html
upvoted 1 times
...
...
Clandestine60
2 years, 10 months ago
Selected Answer: A
You don`t need DNS failover for Global accelerators. It handles failover it by default based on dials and weights you set for endpoint groups and endpoints respectively. "Failover With a multi-Region active/active strategy, if your workload cannot operate in a Region, failover will route traffic away from the impacted Region to healthy Region(s). You can accomplish this with Route 53 by updating the DNS records. Make sure you set TTL (time to live) on these records low enough so that DNS resolvers will reflect your changes quickly enough to meet your RTO targets. Alternatively, you can use AWS Global Accelerator for routing and failover. It does not rely on DNS. Global Accelerator gives you two static IP addresses. You then configure which Regions user traffic goes to based on traffic dials and weights you set." From https://aws.amazon.com/blogs/architecture/disaster-recovery-dr-architecture-on-aws-part-iv-multi-site-active-active/
upvoted 2 times
...
AzureDP900
2 years, 12 months ago
A is right
upvoted 1 times
...
ryu10_09
3 years ago
***accelerator DOES NOT SUPPORT client ip address preservation for NLB***** answer is B
upvoted 1 times
...
Viper57
3 years, 1 month ago
An global accelerator supports multiple endpoints in different regions (which can be ALBs or NLBs, so two accelerators are not required. This leaves only A and B. Between A and B, A is the better option as its easier to preserve the client IP with an ALB. Answer: A See - https://docs.aws.amazon.com/global-accelerator/latest/dg/getting-started.html#getting-started-add-endpoints
upvoted 2 times
...
andylogan
3 years, 1 month ago
It's A - since one GA standard accelerator can config for multiple Regions
upvoted 1 times
andylogan
3 years, 1 month ago
And warm standby mean a scaled down, but fully functional, copy of your production environment in another Region, so it can handle fail-over request
upvoted 1 times
...
...
Pratap
3 years, 1 month ago
I will go with B https://aws.amazon.com/global-accelerator/?blogs-global-accelerator.sort-by=item.additionalFields.createdDate&blogs-global-accelerator.sort-order=desc&aws-global-accelerator-wn.sort-by=item.additionalFields.postDateTime&aws-global-accelerator-wn.sort-order=desc
upvoted 1 times
...
Bigbearcn
3 years, 1 month ago
A is correct. ALB preserve the source IP address of the client. So B is wrong. 1 GA is enough.
upvoted 3 times
...
AkanshaR91
3 years, 1 month ago
C - https://docs.aws.amazon.com/whitepapers/latest/disaster-recovery-workloads-on-aws/disaster-recovery-workloads-on-aws.pdf
upvoted 1 times
...
DerekKey
3 years, 1 month ago
In my opinion C is correct "needs ... to use static IP addresses, ... a failover event to the secondary Region" - means that primary is used and switched to secondary only if primary fails therefore you must use two separate GA and active-passive DNS failover
upvoted 3 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
Loading ...