AWS Certified Solutions Architect - Associate

Get started today

Ultimate access to all questions.

Deep dive into the quiz with AI chat providers.

We prepare a focused prompt with your quiz and certificate details so each AI can offer a more tailored, in-depth explanation.

A company runs its two-tier ecommerce website on AWS. The web tier consists of a load balancer that sends traffic to Amazon EC2 instances. The database tier uses an Amazon RDS DB instance. The EC2 instances and the RDS DB instance should not be exposed to the public internet. The EC2 instances require internet access to complete payment processing of orders through a third-party web service. The application must be highly available.

Which combination of configuration options will meet these requirements? (Choose two.)

Other

Community

UAnonymous

Last updated: February 23, 2026 at 11:39

Use an Auto Scaling group to launch the EC2 instances in private subnets. Deploy an RDS Multi-AZ DB instance in private subnets.

Configure a VPC with two private subnets and two NAT gateways across two Availability Zones. Deploy an Application Load Balancer in the private subnets.

Use an Auto Scaling group to launch the EC2 instances in public subnets across two Availability Zones. Deploy an RDS Multi-AZ DB instance in private subnets.

Configure a VPC with one public subnet, one private subnet, and two NAT gateways across two Availability Zones. Deploy an Application Load Balancer in the public subnet.

Configure a VPC with two public subnets, two private subnets, and two NAT gateways across two Availability Zones. Deploy an Application Load Balancer in the public subnets.

Explanation:

Explanation

Correct Answers: A and E

Why A is correct:

EC2 instances in private subnets - This ensures EC2 instances are not exposed to the public internet
RDS Multi-AZ DB instance in private subnets - This ensures the database is not exposed to the public internet and provides high availability through Multi-AZ deployment
Auto Scaling group - Provides scalability and high availability for the web tier

Why E is correct:

Two public subnets and two private subnets across two AZs - Provides high availability across multiple Availability Zones
Two NAT gateways across two AZs - Provides internet access for EC2 instances in private subnets (required for payment processing) with high availability (NAT gateway in each AZ)
Application Load Balancer in public subnets - Load balancers should be in public subnets to receive traffic from the internet, while EC2 instances remain in private subnets
EC2 instances would be deployed in private subnets (implied by the architecture)

Why other options are incorrect:

B: Incorrect because Application Load Balancers should be deployed in public subnets to receive internet traffic. Deploying ALB in private subnets would prevent external access to the application.

C: Incorrect because placing EC2 instances in public subnets exposes them to the public internet, which violates the requirement that EC2 instances should not be exposed to the public internet.

D: Incorrect because having only one public subnet and one private subnet across two AZs doesn't provide proper high availability. The architecture should have at least one public and one private subnet in each AZ for proper high availability.

Key Requirements Met:

EC2 instances not exposed to public internet - Achieved by placing them in private subnets
RDS DB instance not exposed to public internet - Achieved by placing it in private subnets
EC2 instances require internet access - Achieved through NAT gateways in public subnets
High availability - Achieved through Multi-AZ RDS, Auto Scaling, and resources distributed across multiple AZs
Load balancer accessible from internet - Achieved by placing ALB in public subnets

Powered ByGPT-5.2

Comments

Loading comments...