Which combination of configuration options will meet these requirements?
(Choose two.)
Use an Auto Scaling group to launch the EC2 instances in private subnets. Deploy an RDS Multi-AZ DB instance in private subnets.
Configure a VPC with two private subnets and two NAT gateways across two Availability Zones. Deploy an Application Load Balancer in the private subnets.
Use an Auto Scaling group to launch the EC2 instances in public subnets across two Availability Zones. Deploy an RDS Multi-AZ DB instance in private subnets.
Configure a VPC with one public subnet, one private subnet, and two NAT gateways across two Availability Zones. Deploy an Application Load Balancer in the public subnet.
Configure a VPC with two public subnets, two private subnets, and two NAT gateways across two Availability Zones. Deploy an Application Load Balancer in the public subnets.
Explanations:
Launching EC2 instances in private subnets enhances security by restricting public internet access. Multi-AZ RDS deployment in private subnets supports high availability.
Deploying an ALB in private subnets does not allow the web tier to be accessible to users, as it would not have public internet access.
EC2 instances in public subnets expose them to the public internet, which contradicts the requirement that they should not be exposed.
Only one public subnet would not ensure high availability across two Availability Zones. Additionally, the ALB should be deployed in public subnets, not private.
Using both public and private subnets across two Availability Zones with NAT gateways allows EC2 instances in private subnets to access the internet while ensuring availability.
I arrange that the answer is:
Use an Auto Scaling group to launch the EC2 instances in private subnets. Deploy an RDS Multi-AZ DB instance in private subnets.