AWS Elastic Load Balancer FAQs

Questions and Answers

How do I decide which load balancer to select for my application?

You can select based on application needs: Application Load Balancer for flexible management and TLS termination, Network Load Balancer for extreme performance and static IP, Classic Load Balancer for EC2 Classic network.

Can I privately access Elastic Load Balancing APIs from my Amazon Virtual Private Cloud (VPC) without using public IPs?

True (A)

What does an Internet-facing load balancer need or have?

It has a public IP address and its DNS name is publicly resolvable to that IP address.

What does an internal-facing load balancer need or have?

It has only private IP addresses and its DNS name is resolvable to private IPs.

Which operating systems does an Application Load Balancer support?

Any operating system currently supported by the Amazon EC2 service.

Which protocols does an Application Load Balancer support?

HTTP and HTTPS.

Is HTTP/2 supported on an Application Load Balancer?

True (A)

What TCP ports can I use to load balance?

1-65535.

Is WebSockets supported on an Application Load Balancer?

True (A)

Is Request tracing supported on an Application Load Balancer?

True (A)

Will my existing Classic Load Balancers have the same features and benefits as an Application Load Balancer?

False (B)

Can I configure my Amazon EC2 instances to accept traffic only from my Application Load Balancers?

True (A)

Can I configure a security group for the front-end of an Application Load Balancer?

True (A)

Can I use the existing APIs that I use with my Classic Load Balancer with an Application Load Balancer?

False (B)

How do I manage both Application and Classic Load Balancers simultaneously?

You can use the ELB Console to manage both types from the same interface.

Can I convert my Classic Load Balancer to an Application Load Balancer (and vice versa)?

False (B)

Can I migrate to Application Load Balancer from Classic Load Balancer?

True (A)

Can I use an Application Load Balancer as a Layer-4 load balancer?

False (B)

Can I use a single Application Load Balancer for handling HTTP and HTTPS requests?

True (A)

Can I get a history of Application Load Balancing API calls made on my account for security analysis?

True (A)

Does an Application Load Balancer support HTTPS termination?

True (A)

What are the steps to get an SSL certificate for an Application Load Balancer?

Use AWS Certificate Manager or create and upload a certificate request.

Is back-end server authentication supported with an Application Load Balancer?

False (B)

How can I enable Server Name Indication (SNI) for my Application Load Balancer?

It is automatically enabled when associating more than one TLS certificate with a secure listener.

Can I associate multiple certificates for the same domain to a secure listener?

True (A)

Is IPv6 supported with an Application Load Balancer?

True (A)

How do you set up rules on an Application Load Balancer?

Configure rules with conditions and corresponding actions for listeners.

Are there limits on the resources for an Application Load Balancer?

True (A)

How can I protect my web applications behind a load balancer from web attacks?

Integrate your Application Load Balancer with AWS WAF.

For an Application Load Balancer, can I load balance to any arbitrary IP address?

Yes, from the load balancer's VPC CIDR and certain RFC ranges.

How can I load balance applications distributed across a VPC and on-premises location?

Add them to the same target group using their IPs or use separate groups for routing.

For Application Load Balancers, how can I load balance to EC2-Classic instances?

False (B)

How do I enable cross-zone load balancing in Application Load Balancer?

True (A)

When should I authenticate users using the Application Load Balancer's integration with Amazon Cognito?

When you need flexibility with multiple identity providers or social authentication.

What type of redirects does ALB support?

HTTP to HTTP, HTTP to HTTPS, and HTTPS to HTTPS.

What content types does ALB support for the message body of fixed-response action?

text/plain, text/css, text/html, application/javascript, application/json.

How does Application Load Balancer pricing work?

Billed for hours running and Load Balancer Capacity Units (LCU) used per hour.

What is a Application Load Balancer Load Balancer Capacity Unit (LCU)?

LCU defines the max resource consumed based on new connections, active connections, bandwidth, and rule evaluations.

Will I be billed on Classic Load Balancers by LCU?

False (B)

How do I know the number of LCUs an Application Load Balancer is using?

Usage is exposed via CloudWatch.

Will I be billed on all the dimensions in an LCU?

False (B)

Will I be billed on partial LCUs?

True (A)

Is a free tier offered on an Application Load Balancer for new AWS accounts?

True (A)

Can I use a combination of Application Load Balancer and Classic Load Balancer as part of my free tier?

True (A)

What are rule evaluations?

Defined as the product of number of rules processed and the request rate averaged over an hour.

How does the LCU billing work with different certificate types and key sizes?

Certificate key size affects only new connections per second in LCU computation.

Flashcards are hidden until you start studying

Study Notes

Load Balancers Overview

• Elastic Load Balancing offers three types: Application Load Balancer (ALB), Network Load Balancer (NLB), and Classic Load Balancer (CLB).
• Choose ALB for flexible application management and TLS termination; NLB for extreme performance and static IP; CLB for applications built within EC2 Classic network.

Private Access and Security

• Elastic Load Balancing APIs can be accessed privately via VPC Endpoints without public IPs.
• Internal load balancers utilize only private IP addresses, limiting routing to clients within the VPC.

Application Load Balancer (ALB) Features

• ALB supports any operating system compatible with Amazon EC2.
• Load balancing protocols include HTTP and HTTPS, with native support for HTTP/2 and WebSockets.
• Supports TCP port range of 1-65535 for load balancing.

SSL and Security Features

• HTTPS termination on ALB requires an installed SSL certificate.
• AWS Certificate Manager (ACM) simplifies SSL/TLS certificate handling and integration with ALB.

Load Balancer Management

• Manage ALBs and CLBs simultaneously via the ELB Console; different CLI commands are used for each.
• Limitation on resource configuration includes 20 load balancers and various grouping and listener restrictions.

Migration and Compatibility

• Existing CLBs do not have feature parity with ALBs; migration possible from CLB to ALB but not vice versa.
• ALB cannot be used as a Layer-4 load balancer; NLB is recommended for Layer-4 features.

Network and Communication

• Supports IPv6, cross-zone load balancing is enabled by default.
• Content-based routing allows for diverse application scenarios, including hybrid environments with both VPC and on-premises locations.

Authentication and User Management

• ALB integrates with Amazon Cognito for user authentication, allowing the use of multiple identity providers including social media accounts.

Redirection and Messaging

• ALB supports various types of URL redirection: HTTP to HTTP, HTTP to HTTPS, and HTTPS to HTTPS.
• Fixed-response actions are limited to specific content types like text/html and application/json.

Pricing and Resource Management

• Pricing for ALB is based on hourly usage and Load Balancer Capacity Units (LCUs).
• An LCU measures maximum resource consumption across connections and evaluations, with a free tier available for new accounts for up to 12 months.
• Rule evaluations are calculated based on the number of rules processed and request rates.

General Guidelines

• To protect applications, integrate ALB with AWS WAF for web application firewall capabilities.
• Enabling Server Name Indication (SNI) occurs automatically when multiple TLS certificates are configured on a secure listener.