Elastic Load Balancer Client IP Addresses | AWS SysOps Exam Question

Elastic Load Balancer Client IP Addresses

Question

A company has a set of EC2 Instances placed behind an Elastic Load Balancer.

There is a requirement from the IT Security department to get a list of the client's IP addresses which establishes a connection with the load balancer.

Which of the following can help with this requirement?

Answers

Explanations

Click on the arrows to vote for the correct answer

A. B. C. D.

Correct Answer: C.

The AWS Documentation mentions the following.

Elastic Load Balancing provides access logs that capture detailed information about requests sent to your load balancer.

Each log contains information such as the time the request was received, the client's IP address, latencies, request paths, and server responses.

You can use these access logs to analyze traffic patterns and troubleshoot issues.

Access logging is an optional feature of Elastic Load Balancing that is disabled by default.

After you enable access logging for your load balancer, Elastic Load Balancing captures the logs and stores them in the Amazon S3 bucket that you specify as compressed files.

You can disable access logging at any time.

Option A is incorrect since CloudTrail captures all API calls for Elastic Load Balancing as events.

The calls captured include calls from the AWS Management Console and code calls to the Elastic Load Balancing API operations.

Option B is incorrect since the CloudWatch metrics will not provide the required data.

Elastic Load Balancing publishes data points to Amazon CloudWatch for the load balancers and the targets.

Option D is incorrect since AWS Config is a service that enables you to assess, audit, and evaluate the configurations of your AWS resources.

For more information on the Classic Load Balancer, please visit the below URL-

https://docs.aws.amazon.com/elasticloadbalancing/latest/application/load-balancer-access-logs.html https://aws.amazon.com/config/

The correct answer to this question is option C, which suggests enabling access logs for the Elastic Load Balancer (ELB).

Explanation: When a client establishes a connection with the load balancer, the load balancer acts as a middleman between the client and the backend EC2 instances. The client's IP address is not directly visible to the backend instances. However, to fulfill the IT Security department's requirement, we can enable access logs for the ELB. Access logs record detailed information about each request that the load balancer receives, including the source IP address of the client making the request.

CloudTrail logs, option A, do not provide information about client IP addresses connecting to the ELB. CloudTrail logs capture API calls made to AWS services and do not provide detailed information about network traffic.

CloudWatch metrics for the ELB, option B, provide data about the performance of the ELB, such as the number of requests it receives, the number of healthy and unhealthy instances, and latency. However, they do not provide information about the client IP addresses.

AWS Config, option D, is a service that provides a detailed inventory of AWS resources and configuration history. It is not relevant to this requirement of getting the client IP addresses from the ELB.

Therefore, option C is the correct answer. By enabling access logs for the ELB and analyzing the log files, we can extract the client IP addresses that establish connections with the ELB.