Logo
AWS Certified Solutions Architect - Professional / Question #913 of 529

Question #913

A company operates a global SaaS application hosted on AWS, utilizing EC2 instances behind an Application Load Balancer (ALB) in an Auto Scaling group across multiple Availability Zones. The company is expanding into new AWS Regions and must provide customers with static IP addresses for allow lists while ensuring traffic is routed to the geographically closest Region. Which solution meets these requirements?

A

Create an Amazon CloudFront distribution with a CloudFront origin group. Add the ALB for each new Region to the origin group. Provide customers with the IP address ranges of the distribution\u2019s edge locations.
B

Create an AWS Global Accelerator standard accelerator. Configure a standard accelerator endpoint for the ALB in each new Region. Provide customers with the Global Accelerator IP addresses.
C

Create an Amazon CloudFront distribution. Define a custom origin for the ALB in each new Region. Provide customers with the IP address ranges of the distribution\u2019s edge locations.
D

Create an AWS Global Accelerator custom routing accelerator. Set up a listener for the accelerator and add the ALB IP addresses and ports for each new Region. Provide customers with the Global Accelerator IP addresses.

Explanation

Answer B is correct because AWS Global Accelerator provides static IP addresses that customers can add to their allow lists. It routes traffic to the closest AWS Region using AWS’s global network, ensuring optimal performance. Global Accelerator’s standard accelerator endpoints can be configured with ALBs in each Region, enabling automatic geo-proximity routing.

Options A and C are incorrect because CloudFront’s edge locations use dynamic IP ranges, which are impractical for static allow lists. Option D’s custom routing accelerator is designed for specific IP/port routing to EC2 instances, not ALBs. Global Accelerator’s standard accelerator (B) is the only solution that meets both static IP and geo-proximity requirements.

Key Points:
- Global Accelerator provides static anycast IPs for allow lists.
- Geo-proximity routing ensures traffic reaches the closest Region.
- ALB integration with Global Accelerator supports multi-Region scaling.

Answer

The correct answer is: B