AWS Certified Solutions Architect – Professional — Question 871

A user is planning to host a web server as well as an app server on a single EC2 instance which is a part of the public subnet of a VPC.
How can the user setup to have two separate public IPs and separate security groups for both the application as well as the web server?

Answer options

• A. Launch VPC with two separate subnets and make the instance a part of both the subnets.
• B. Launch a VPC instance with two network interfaces. Assign a separate security group and elastic IP to them.
• C. Launch a VPC instance with two network interfaces. Assign a separate security group to each and AWS will assign a separate public IP to them.
• D. Launch a VPC with ELB such that it redirects requests to separate VPC instances of the public subnet.

Correct answer: B

Explanation

To host two services on a single EC2 instance with separate public IPs and security groups, you must attach two Elastic Network Interfaces (ENIs) to the instance and associate a separate Elastic IP (EIP) and security group with each. AWS does not automatically assign public IPs to secondary network interfaces, which makes option C incorrect. Additionally, a single EC2 instance cannot be placed in multiple subnets at the same time, ruling out option A.