A company is developing a centralized logging service on Amazon EC2 to collect and analyze logs from numerous AWS accounts. They are utilizing AWS PrivateLink for secure connectivity between client services and the logging service. In each client AWS account, an interface endpoint for the logging service has been established and is operational. The logging service, hosted on EC2 instances with a Network Load Balancer (NLB), is deployed across multiple subnets. However, clients are experiencing difficulties in sending logs through the VPC endpoint. What should a solutions architect do to address this connectivity issue? (Select two actions.)

Exam-Like

Ensure that the NACL associated with the logging service subnet permits traffic to and from the NLB subnets. Also, confirm that the NACL linked to the NLB subnet allows traffic to and from the logging service subnets where EC2 instances are running.

28.6%

Verify that the NACL attached to the logging service subnets enables traffic to and from the interface endpoint subnets. Additionally, check that the NACL connected to the interface endpoint subnet allows traffic to and from the logging service subnets hosting EC2 instances.

28.6%

Examine the security group settings for the EC2 instances running the logging service to ensure they accept incoming traffic from the NLB subnets.

35.7%

Review the security group configuration for the EC2 instances hosting the logging service to confirm they allow incoming traffic from the clients.

7.1%

Inspect the security group for the NLB to guarantee it accepts incoming traffic from the interface endpoint subnets.

AWS Certified Solutions Architect - Professional

Get started today

Comments