What should be done to ensure that the incoming traffic to the host instances is from the ALB only?

– by 2

A Solutions Architect is designing an application that will run on Amazon ECS behind an Application Load Balancer (ALB). For security reasons, the Amazon EC2 host instances for the ECS cluster are in a private subnet.
What should be done to ensure that the incoming traffic to the host instances is from the ALB only?
A. Create network ACL rules for the private subnet to allow incoming traffic on ports 32768 through 61000 from the IP address of the ALB only.
B. Update the EC2 cluster security group to allow incoming access from the IP address of the ALB only.
C. Modify the security group used by the EC2 cluster to allow incoming traffic from the security group used by the ALB only.
D. Enable AWS WAF on the ALB and enable the ECS rule.

How To Pass SAA-C02 Exam?

Amazon SAA-C02 PDF dumps.

High quality SAA-C02 pdf and software. VALID exam to help you pass.
amazon-exams

2 thoughts on “What should be done to ensure that the incoming traffic to the host instances is from the ALB only?

Leave a Reply

Your email address will not be published. Required fields are marked *


The reCAPTCHA verification period has expired. Please reload the page.