MemberOctober 13, 2023 at 5:14 am
In this question:
A company that manages hundreds of AWS client accounts has created a central logging service running on an Auto Scaling group of Amazon EC2 instances. The logging service receives logs from the client AWS accounts through the connectivity provided by AWS PrivateLink. The interface endpoint for this is available on each of the client AWS accounts. The EC2 instances hosting the logging service are spread on multiple subnets with a Network Load Balancer in front to spread the incoming load. Upon testing, the clients are unable to submit logs through the VPC endpoint.
Which of the following solutions will most likely resolve the issue? (Select TWO.)
One of the possible answers is marked as wrong because:
The option that says: Ensure that the security group attached to the NLB allows inbound traffic from the interface endpoint subnet is incorrect because Network Load Balancers do not have associated security groups. The security groups for your targets must use IP addresses to allow traffic from the load balancer.
Note that since August 2023 NLB do support Security Group
Still very new but some people might get tricked by it.
AdministratorOctober 17, 2023 at 1:24 am
Thank you for your feedback.
Please note that this update is relatively new and may still take some time before it is reflected in the actual exam. As per the AWS Certification FAQ, new features or services are typically incorporated into the exam after being generally available for 6 months. We strive to ensure our content is as current and aligned with exam standards as possible. With this said, we’ll review this particular item to ensure it remains clear and doesn’t lead to confusion.
We appreciate your understanding. Let me know if you have any further clarifications.
Carlo @ Tutorials Dojo
Log in to reply.