Question 10: You are working with a startup in India which provides online mortgages to customer in India only. Hence, traffic is expected from Indian customer. Your web application is hosted on EC2 instance and all the ........................, which of the following will help for this requirement?

1. You will install CloudWatch Agent on EC2 instance and save traffic detail to the S3 bucket for further analysis.
2. You will be enabling CloudTrail logging for the ELB.
3. You will be creating a custom metric for the traffic received on EC2 instances.
4. You will be enabling access logs on the load balancer.

Correct Answer  : D

Detailed Explaination : You wanted to know that all the traffic received to your instances, which are behind the ELB should be monitored to check whether traffic is coming outside India or not.

Best solution for this requirement is to enable the ELB access logs. Read below more detail about ELB access logs

1. ELB will log all the requests made to it in a specified S3 bucket.
2. Logs will contain requester ip, latencies, request path, server response etc.
3. This log is very helpful to analyze the traffic patterns and troubleshoot back-end applications.
4. Remember it is disabled by default.
5. You have to specify time interval either 5 or 60(default) minutes when you enable the access logs.
6. If your site traffic is high then ELB can send more than one log file at the same time
7. Even in case of multiple ELB also you will get multiple logs for the same time period.
8. Bucket and load balancer should be in the same region.
9. Remember: If you delete the S3 bucket and does not disable the access logs and somebody else create the bucket with the same name (which has all the permissions). Then ELB access logs will be written in that new bucket.