AWS Certified Advanced Networking - Specialty
Get started today
Ultimate access to all questions.
Comments
Loading comments...
Ultimate access to all questions.
A company is deploying a new stateless web application on AWS, hosted on Amazon EC2 instances in private subnets behind an Application Load Balancer. The EC2 instances are part of an Auto Scaling group. A stateful management application for administration will run on separate EC2 instances in a different Auto Scaling group. The company intends to access the management application using the same URL as the web application, with a /management path prefix, while maintaining identical protocol, hostname, and port number for both applications. Access to the management application must be limited to the company's on-premises IP address range, and the web application will be secured with an SSL/TLS certificate from AWS Certificate Manager (ACM).
Which two steps should a network engineer implement to fulfill these requirements?
A
Insert a rule for the load balancer HTTPS listener. Configure the rule to check the path-pattern condition type for the /management prefix and to check the source-ip condition type for the on-premises IP address space. Forward requests to the management application target group if there is a match. Edit the management application target group and enable stickiness.
B
Modify the default rule for the load balancer HTTPS listener. Configure the rule to check the path-pattern condition type for the /management prefix and to check the source-ip condition type for the on-premises IP address space. Forward requests to the management application target group if there is not a match. Enable group-level stickiness in the rule attributes.
C
Insert a rule for the load balancer HTTPS listener. Configure the rule to check the path-pattern condition type for the /management prefix and to check the X-Forwarded-For HTTP header for the on-premises IP address space. Forward requests to the management application target group if there is a match. Enable group-level stickiness in the rule attributes.
D
Modify the default rule for the load balancer HTTPS listener. Configure the rule to check the path-pattern condition type for the /management prefix and to check the source-ip condition type for the on-premises IP address space. Forward requests to the web application target group if there is not a match.
E
Forward all requests to the web application target group. Edit the web application target group and disable stickiness.