AWS Certified Advanced Networking - Specialty
Get started today
Ultimate access to all questions.
A company is developing new features for its ecommerce platform, utilizing multiple microservices accessed via distinct paths. These microservices will be hosted on Amazon Elastic Container Service (Amazon ECS). The company mandates HTTPS for all public-facing websites and requires access to customer source IP addresses.
Which two actions should the network engineer implement to achieve a load balancing strategy that fulfills these requirements?
A company is developing new features for its ecommerce platform, utilizing multiple microservices accessed via distinct paths. These microservices will be hosted on Amazon Elastic Container Service (Amazon ECS). The company mandates HTTPS for all public-facing websites and requires access to customer source IP addresses.
Which two actions should the network engineer implement to achieve a load balancing strategy that fulfills these requirements?
Explanation:
To meet the requirements of using HTTPS for all public websites and needing the customer’s source IP addresses, the network engineer should use a Network Load Balancer (NLB) and retrieve client IP addresses by using the X-Forwarded-For header. A Network Load Balancer (Option A) is suitable because it preserves the source IP address of the client, which is essential for the application's requirement. Additionally, the X-Forwarded-For header (Option B) is a standard method used by load balancers to pass the original client IP address to the backend servers. AWS App Mesh load balancing (Option C) is not directly related to the requirements mentioned. The X-IP-Source header (Option D) is not a standard or recognized method for retrieving client IP addresses. An Application Load Balancer (Option E) could be used for HTTPS traffic, but it does not preserve the source IP address in the same way a Network Load Balancer does, making it less suitable for this specific requirement.