AWS Certified Solutions Architect – Associate (SAA-C02) — Question 206

A company uses Application Load Balancers (ALBs) in different AWS Regions. The ALBs receive inconsistent traffic that can spike and drop throughout the year.
The company's networking team needs to allow the IP addresses of the ALBs in the on-premises firewall to enable connectivity.
Which solution is the MOST scalable with minimal configuration changes?

Answer options

• A. Write an AWS Lambda script to get the IP addresses of the ALBs in different Regions. Update the on-premises firewall's rule to allow the IP addresses of the ALBs.
• B. Migrate all ALBs in different Regions to the Network Load Balancer (NLBs). Update the on-premises firewall's rule to allow the Elastic IP addresses of all the NLBs.
• C. Launch AWS Global Accelerator. Register the ALBs in different Regions to the accelerator. Update the on-premises firewall's rule to allow static IP addresses associated with the accelerator.
• D. Launch a Network Load Balancer (NLB) in one Region. Register the private IP addresses of the ALBs in different Regions with the NLB. Update the on- premises firewall's rule to allow the Elastic IP address attached to the NLB.

Correct answer: C

Explanation

The correct answer is C because AWS Global Accelerator provides static IP addresses that can be used to route to the ALBs, making it a scalable solution that requires minimal ongoing configuration. Option A requires continuous updates to the firewall as ALB IPs change, B involves migrating to a different load balancer type which may not be necessary, and D requires managing private IPs which complicates connectivity across regions.