Which solution will meet these requirements?

By:
On:
In: SAP-C02
Tagged:
With: 0 Comments
A company provides a software as a service (SaaS) application that runs in the AWS Cloud.The application runs on Amazon EC2 instances behind a Network Load Balancer (NLB).The instances are in an Auto Scaling group and are distributed across three Availability Zones in a single AWS Region.The company is deploying the application into additional Regions.The company must provide static IP addresses for the application to customers so that the customers can add the IP addresses to allow lists.The solution must automatically route customers to the Region that is geographically closest to them.

Which solution will meet these requirements?

Create an Amazon CloudFront distribution. Create a CloudFront origin group. Add the NLB for each additional Region to the origin group. Provide customers with the IP address ranges of the distribution’s edge locations.

Create an AWS Global Accelerator standard accelerator. Create a standard accelerator endpoint for the NLB in each additional Region. Provide customers with the Global Accelerator IP address.

Create an Amazon CloudFront distribution. Create a custom origin for the NLB in each additional Region. Provide customers with the IP address ranges of the distribution’s edge locations.

Create an AWS Global Accelerator custom routing accelerator. Create a listener for the custom routing accelerator. Add the IP address and ports for the NLB in each additional Region. Provide customers with the Global Accelerator IP address.

Explanations:

While CloudFront can provide static IP addresses through its edge locations, using an origin group with multiple NLBs in different Regions does not automatically route users to the nearest Region based on geography. Additionally, the IP address ranges for CloudFront’s edge locations are not static and can change, which may not meet the requirement for allow listing.

AWS Global Accelerator provides static IP addresses that can be used to route traffic to the nearest Region based on user geography. By creating a standard accelerator with endpoints for each NLB in different Regions, customers can be routed efficiently, and the static IP addresses of the Global Accelerator can be added to allow lists.

Similar to Option A, while CloudFront can create a distribution with a custom origin for the NLB, it does not provide a way to automatically route traffic based on user proximity to the Region. Additionally, the IP ranges for CloudFront edge locations can change, making it unsuitable for static allow listing.

AWS Global Accelerator’s custom routing feature is not necessary in this scenario since standard routing with static IPs is sufficient for the application. Custom routing is typically used for scenarios requiring specific routing behaviors, which does not apply here. The standard accelerator option (Option B) is more appropriate for the requirements.

Leave a Reply

Your email address will not be published. Required fields are marked *

5 × one =