AWS Certified Solutions Architect - Associate
Get started today
Ultimate access to all questions.
Comments
Loading comments...
Ultimate access to all questions.
A solutions architect is tasked with designing a two-tier architecture comprising a public and a database subnet. The requirement is for web servers in the public subnet to be accessible via the internet on port 443, while ensuring that the MySQL DB instance in the database subnet is only accessible to these web servers on port 3306. Identify the necessary steps to achieve this configuration.
A
Implement a network ACL on the public subnet to restrict outbound traffic on port 3306 to all IP addresses.
B
Configure a security group for the DB instance to permit traffic from the public subnet's CIDR block on port 3306.
C
Establish a security group for the public subnet web servers to allow inbound traffic from any IP address on port 443.
D
Set up a security group for the DB instance to allow inbound traffic from the security group associated with the web servers on port 3306.