Which solution will meet these requirements with the LEAST operational overhead?
Replace the ALB with a Network Load Balancer (NLB). Assign an Elastic IP address to the NLB.
Allocate an Elastic IP address. Assign the Elastic IP address to the ALProvide the Elastic IP address to the customer.
Create an AWS Global Accelerator standard accelerator. Specify the ALB as the accelerator’s endpoint. Provide the accelerator’s IP addresses to the customer.
Configure an Amazon CloudFront distribution. Set the ALB as the origin. Ping the distribution’s DNS name to determine the distribution’s public IP address. Provide the IP address to the customer.
Explanations:
Replacing the ALB with an NLB and assigning an Elastic IP (EIP) would provide a static IP address, but it requires more operational overhead. NLBs are better suited for TCP/UDP traffic, and transitioning from an ALB may involve changes to application architecture, security groups, and routing.
An Elastic IP cannot be directly assigned to an ALB, as ALBs do not support direct attachment of Elastic IPs. This option would not work because the IP address cannot be provided to the external customer without a valid method to attach it to the ALB.
Creating an AWS Global Accelerator and specifying the ALB as the endpoint allows for providing static IP addresses to external customers. Global Accelerator provides two static IP addresses that can be used to route traffic to the ALB, thus meeting the requirement with low operational overhead.
While configuring a CloudFront distribution can provide a stable DNS name and potentially reduce latency, CloudFront does not guarantee static IP addresses, as its edge locations can change. Customers would not be able to rely on a single IP address, which does not meet the requirement.
From what I’ve seen, the answer is:
Create an AWS Global Accelerator standard accelerator. Specify the ALB as the accelerator’s endpoint. Provide the accelerator’s IP addresses to the customer.