Answer-first summary for fast verification
Answer: Use an Auto Scaling group to launch the EC2 instances in private subnets. Deploy an RDS Multi-AZ DB instance in private subnets., Configure a VPC with two public subnets, two private subnets, and two NAT gateways across two Availability Zones. Deploy an Application Load Balancer in the public subnets.
## Explanation **Correct Answers: A and E** ### Why A is correct: 1. **EC2 instances in private subnets** - This ensures EC2 instances are not exposed to the public internet 2. **RDS Multi-AZ DB instance in private subnets** - This ensures the database is not exposed to the public internet and provides high availability through Multi-AZ deployment 3. **Auto Scaling group** - Provides scalability and high availability for the web tier ### Why E is correct: 1. **Two public subnets and two private subnets across two AZs** - Provides high availability across multiple Availability Zones 2. **Two NAT gateways across two AZs** - Provides internet access for EC2 instances in private subnets (required for payment processing) with high availability (NAT gateway in each AZ) 3. **Application Load Balancer in public subnets** - Load balancers should be in public subnets to receive traffic from the internet, while EC2 instances remain in private subnets 4. **EC2 instances would be deployed in private subnets** (implied by the architecture) ### Why other options are incorrect: **B:** Incorrect because Application Load Balancers should be deployed in public subnets to receive internet traffic. Deploying ALB in private subnets would prevent external access to the application. **C:** Incorrect because placing EC2 instances in public subnets exposes them to the public internet, which violates the requirement that EC2 instances should not be exposed to the public internet. **D:** Incorrect because having only one public subnet and one private subnet across two AZs doesn't provide proper high availability. The architecture should have at least one public and one private subnet in each AZ for proper high availability. ### Key Requirements Met: 1. **EC2 instances not exposed to public internet** - Achieved by placing them in private subnets 2. **RDS DB instance not exposed to public internet** - Achieved by placing it in private subnets 3. **EC2 instances require internet access** - Achieved through NAT gateways in public subnets 4. **High availability** - Achieved through Multi-AZ RDS, Auto Scaling, and resources distributed across multiple AZs 5. **Load balancer accessible from internet** - Achieved by placing ALB in public subnets
Author: LeetQuiz Editorial Team
Ultimate access to all questions.
No comments yet.
A company runs its two-tier ecommerce website on AWS. The web tier consists of a load balancer that sends traffic to Amazon EC2 instances. The database tier uses an Amazon RDS DB instance. The EC2 instances and the RDS DB instance should not be exposed to the public internet. The EC2 instances require internet access to complete payment processing of orders through a third-party web service. The application must be highly available.
Which combination of configuration options will meet these requirements? (Choose two.)
A
Use an Auto Scaling group to launch the EC2 instances in private subnets. Deploy an RDS Multi-AZ DB instance in private subnets.
B
Configure a VPC with two private subnets and two NAT gateways across two Availability Zones. Deploy an Application Load Balancer in the private subnets.
C
Use an Auto Scaling group to launch the EC2 instances in public subnets across two Availability Zones. Deploy an RDS Multi-AZ DB instance in private subnets.
D
Configure a VPC with one public subnet, one private subnet, and two NAT gateways across two Availability Zones. Deploy an Application Load Balancer in the public subnet.
E
Configure a VPC with two public subnets, two private subnets, and two NAT gateways across two Availability Zones. Deploy an Application Load Balancer in the public subnets.