AWS Certified Advanced Networking – Specialty (ANS-C00) — Question 161

You manage a webserver that serves a webpage on AWS infrastructure. You utilize an Application Load Balancer, CloudFront, S3, and some other AWS services for this site. You are only responsible for the server and you don't have access to the AWS console or API.
You need to find out what IPs are accessing your website. What is the best way to achieve this?

Answer options

• A. Ask someone with IAM permissions to view the Flow Logs to give you access.
• B. View the access logs. They already show this information.
• C. Run "curl http://169.254.169.254/latest/meta-data/access_log
• D. Add "X-Forwarded For" to the access logs and view the access logs.

Correct answer: D

Explanation

The correct answer is D because adding 'X-Forwarded For' to the access logs enables the logging of the original client's IP address, which is essential for identifying visitors. Option A is incorrect since it does not provide direct access to IP information. Option B is misleading as standard access logs may not include the original IP without 'X-Forwarded For'. Option C is not applicable since it attempts to access metadata that does not exist in that context.