A company operates a website hosted on Amazon EC2 instances behind an Application Load Balancer (ALB), which is part of an Auto Scaling group and is protected by an AWS WAF web ACL. The website frequently experiences application-layer attacks causing abrupt spikes in traffic, with each attack originating from unique IP addresses. A solutions architect is tasked with implementing a mitigation strategy that minimizes operational overhead. Which solution is most effective?

Exam-Like

Set up an Amazon CloudWatch alarm to monitor access patterns, establish a threshold based on IP address activity, and configure the alarm to automatically add offending IP addresses to the web ACL’s deny list.

0.0%

Enhance protection by deploying AWS Shield Advanced alongside AWS WAF, ensuring the ALB is designated as a protected resource.

100.0%

Create an Amazon CloudWatch alarm to track IP address usage, set a threshold for unusual activity, and program the alarm to trigger an AWS Lambda function that inserts a deny rule into the application server’s subnet route table for any suspicious IP addresses.

0.0%

Analyze access logs to identify patterns from attacking IP addresses and utilize an Amazon Route 53 geolocation routing policy to block traffic from the countries associated with these IP addresses.

0.0%

AWS Certified Solutions Architect - Professional

Get started today

Comments