How should this be achieved within a VPC?
Create one public subnet for the Application Load Balancer, one public subnet for the web servers, and one private subnet for the database servers.
Create one public subnet for the Application Load Balancer, two public subnets for the web servers, and two private subnets for the database servers.
Create two public subnets for the Application Load Balancer, two private subnets for the web servers, and two private subnets for the database servers.
Create two public subnets for the Application Load Balancer, two public subnets for the web servers, and two public subnets for the database servers.
Explanations:
This option places the database servers in a private subnet, which is correct. However, it places the web servers in a public subnet, which is not recommended as it exposes the EC2 instances directly to the internet. The web servers should be in private subnets to limit exposure.
This option places both the web servers and the database servers in public subnets, which is incorrect. The web servers should be in private subnets to limit direct access, and the database servers should also be in private subnets for security and proper isolation.
This option correctly places the Application Load Balancer (ALB) in public subnets for internet access, web servers in private subnets (no direct access from the internet), and database servers in private subnets (no direct access from the internet), ensuring high availability and proper security.
This option places the database servers in public subnets, which is not recommended as they should be isolated in private subnets for security. It also places both the web servers and the database servers in public subnets, which is incorrect.
From my point of view, the answer is:
Create two public subnets for the Application Load Balancer, two private subnets for the web servers, and two private subnets for the database servers.