Answer-first summary for fast verification
Answer: Place the EC2 instances in private subnets. Create an Amazon Route 53 private hosted zone for the AWS reserved domain name. Associate the private hosted zone with the VPCreate a Route 53 Resolver inbound endpoint. Configure conditional forwarding in the on-premises DNS resolvers to forward all DNS queries for the AWS domain to the inbound endpoint IP address for Route 53 Resolver. In the private hosted zone, configure primary and failover records that point to the IP addresses of the EC2 instances. Create an Amazon CloudWatch metric and alarm to monitor the application's health. Set up a health check on the alarm for the primary application endpoint.
The correct solution must ensure that the application is not exposed to the internet, supports automatic failover, and uses private domain names for the application endpoint. Option A is incorrect because it suggests assigning public IP addresses to the EC2 instances, which would expose the application to the internet. Option B is incorrect because it suggests creating a public hosted zone, which is not suitable for a private application. Option D is incorrect because it does not mention setting up a health check on the alarm for the primary application endpoint, which is crucial for automatic failover. Option C is the correct answer because it places the EC2 instances in private subnets, uses a private hosted zone for the AWS reserved domain name, and correctly configures primary and failover records, along with health checks, to ensure automatic failover without exposing the application to the internet.
Author: LeetQuiz Editorial Team
Ultimate access to all questions.
No comments yet.
A company is migrating an internal application to the AWS Cloud, where it will operate on Amazon EC2 instances within a single VPC. Users will access the application from the company's on-premises data center via AWS VPN or AWS Direct Connect, using private domain names for the application endpoint from a domain reserved exclusively for AWS Cloud use. Each EC2 instance must support automatic failover to another instance within the same AWS account and VPC. A network engineer must design a DNS solution that ensures the application remains inaccessible from the internet.
Which solution meets these requirements?
A
Assign public IP addresses to the EC2 instances. Create an Amazon Route 53 private hosted zone for the AWS reserved domain name. Associate the private hosted zone with the VPC. Create a Route 53 Resolver outbound endpoint. Configure conditional forwarding in the on-premises DNS resolvers to forward all DNS queries for the AWS domain to the outbound endpoint IP address for Route 53 Resolver. In the private hosted zone, configure primary and failover records that point to the public IP addresses of the EC2 instances. Create an Amazon CloudWatch metric and alarm to monitor the application's health. Set up a health check on the alarm for the primary application endpoint.
B
Place the EC2 instances in private subnets. Create an Amazon Route 53 public hosted zone for the AWS reserved domain name. Associate the public hosted zone with the VPC. Create a Route 53 Resolver inbound endpoint. Configure conditional forwarding in the on-premises DNS resolvers to forward all DNS queries for the AWS domain to the inbound endpoint IP address for Route 53 Resolver. In the public hosted zone, configure primary and failover records that point to the IP addresses of the EC2 instances. Create an Amazon CloudWatch metric and alarm to monitor the application's health. Set up a health check on the alarm for the primary application endpoint.
C
Place the EC2 instances in private subnets. Create an Amazon Route 53 private hosted zone for the AWS reserved domain name. Associate the private hosted zone with the VPCreate a Route 53 Resolver inbound endpoint. Configure conditional forwarding in the on-premises DNS resolvers to forward all DNS queries for the AWS domain to the inbound endpoint IP address for Route 53 Resolver. In the private hosted zone, configure primary and failover records that point to the IP addresses of the EC2 instances. Create an Amazon CloudWatch metric and alarm to monitor the application's health. Set up a health check on the alarm for the primary application endpoint.
D
Place the EC2 instances in private subnets. Create an Amazon Route 53 private hosted zone for the AWS reserved domain name. Associate the private hosted zone with the VPC. Create a Route 53 Resolver inbound endpoint. Configure conditional forwarding in the on-premises DNS resolvers to forward all DNS queries for the AWS domain to the inbound endpoint IP address for Route 53 Resolver. In the private hosted zone, configure primary and failover records that point to the IP addresses of the EC2 instances. Set up Route 53 health checks on the private IP addresses of the EC2 instances.