A company has deployed a new web application on Amazon EC2 instances within private subnets across three Availability Zones, fronted by an Application Load Balancer (ALB). Security auditors mandate encryption for all connections. The company utilizes Amazon Route 53 for DNS and AWS Certificate Manager (ACM) for automated SSL/TLS certificate provisioning, with SSL/TLS termination occurring at the ALB.

During testing with a single EC2 instance, no issues were observed. However, after deploying to production, users report being able to log in but are unable to use the application, as each new web request forces a restart of the login process.

What steps should a network engineer take to resolve this issue?

Exam-Like

Modify the ALB listener configuration. Edit the rule that forwards traffic to the target group. Change the rule to enable group-level stickiness. Set the duration to the maximum application session length.

0.0%

Replace the ALB with a Network Load Balancer. Create a TLS listener. Create a new target group with the protocol type set to TLS Register the EC2 instances. Modify the target group configuration by enabling the stickiness attribute.

0.0%

Modify the ALB target group configuration by enabling the stickiness attribute. Use an application-based cookie. Set the duration to the maximum application session length.

100.0%

Remove the ALB. Create an Amazon Route 53 rule with a failover routing policy for the application name. Configure ACM to issue certificates for each EC2 instance.

0.0%

AWS Certified Advanced Networking - Specialty

Get started today

Comments