How should they architect their solution?

A web company is looking to implement an external payment service into their highly available
application deployed in a VPC. Their application EC2 instances are behind a public facing ELB.
Auto Scaling is used to add additional instances as traffic Increases. Under normal load the
application runs 2 Instances in the Auto Scaling group but at peak it can scale 3x in size.
The application instances need to communicate with the payment service over the Internet, which
requires whitelisting of all public IP addresses used to communicate with it. A maximum of 4
whitelisted IP addresses are allowed at a time and can be added through an API.
How should they architect their solution?

A web company is looking to implement an external payment service into their highly available
application deployed in a VPC. Their application EC2 instances are behind a public facing ELB.
Auto Scaling is used to add additional instances as traffic Increases. Under normal load the
application runs 2 Instances in the Auto Scaling group but at peak it can scale 3x in size.
The application instances need to communicate with the payment service over the Internet, which
requires whitelisting of all public IP addresses used to communicate with it. A maximum of 4
whitelisted IP addresses are allowed at a time and can be added through an API.
How should they architect their solution?

A.
Whitelist the VPC Internet Gateway Public IP and route payment requests through the Internet
Gateway.

B.
Automatically assign public IP addresses to the application instances in the Auto Scaling group
and run a script on boot that adds each instances public IP address to the payment validation
whitelist API.

C.
Route payment requests through two NAT instances setup for High Availability and whitelist the
Elastic IP addresses attached to the NAT instances.

D.
Whitelist the ELB IP addresses and route payment requests from the Application servers through
the ELB.



Leave a Reply 0

Your email address will not be published. Required fields are marked *