Firewall PBQs: AWS Certified CloudOps Engineer – Associate (SOA-C03)
easyQuestion 1 of 3
An Application Load Balancer (ALB) in the public subnet (10.0.1.0/24) cannot perform health checks on EC2 instances in the private subnet (10.0.2.0/24). The EC2 instances run a web application on port 80. After investigating, you find the EC2 security group only allows SSH from the admin subnet and has no rule for HTTP traffic from the ALB. Fix the security group to allow ALB health checks while maintaining SSH access.
Firewall Rules
| # | Direction | Source | Port | Protocol | Action | Order | |
|---|---|---|---|---|---|---|---|
| 1 | inbound | 10.0.1.0/24 | 22 | tcp | allow | ||
| 2 | inbound | any | any | any | deny |
Rules are evaluated top to bottom. Use ▲▼ to reorder.
Progress
0 of 3 rules correctEdit or add rules to configure the firewall, then mark complete
0 of 3 marked complete