Which combination of steps will meet these requirements?
(Choose two.)
Create a public Network Load Balancer. Specify the application target group.
Create a Gateway Load Balancer. Specify the application target group.
Create a public Application Load Balancer. Specify the application target group.
Create a second target group. Add Elastic IP addresses to the EC2 instances.
Create a web ACL in AWS WAF. Associate the web ACL with the endpoint
Explanations:
A Network Load Balancer operates at the transport layer (Layer 4) and does not support sticky sessions, which require application layer (Layer 7) features. Additionally, it is not suitable for applying WAF as it does not support web application firewall functionalities.
A Gateway Load Balancer is primarily designed to handle virtual appliances (like firewalls and intrusion detection systems) and does not support application-level features such as sticky sessions or WAF integration. It is not suitable for serving as a public endpoint for an application.
An Application Load Balancer (ALB) operates at the application layer (Layer 7), supports sticky sessions via session cookies, and can be integrated with AWS WAF for enhanced security. It is the appropriate choice for providing a public endpoint for the web application.
Adding Elastic IP addresses to EC2 instances does not facilitate sticky sessions or WAF capabilities and does not meet the requirements for creating a public endpoint or configuring session affinity effectively. Elastic IPs do not inherently provide load balancing or session management features.
Creating a web ACL in AWS WAF and associating it with the endpoint provides additional security to the web application, allowing for the implementation of rules to filter and monitor HTTP requests. This step is essential for meeting the security requirements of the application.