Comprehensive and Detailed Explanation:
This question is testing the correct load balancing design for a stateful web application that:
runs on multiple EC2 instances,
must scale horizontally,
uses browser cookies for session management,
requires session affinity.
The correct solution is to place the EC2 instances in an Auto Scaling group behind an Application Load Balancer and enable sticky sessions on the target group. This allows the application to scale out across multiple instances while ensuring that repeat requests from the same client are routed to the same target for the duration of the stickiness configuration.
Why C is correct
An Application Load Balancer is designed for Layer 7 HTTP/HTTPS traffic, which is exactly what a browser-based web application uses. Because the application uses cookies and requires session affinity, ALB is the correct AWS service since it supports sticky sessions for target groups. The EC2 instances can be placed in an Auto Scaling group so the application can add or remove instances as demand changes. This directly satisfies the horizontal scaling requirement.
ALB also integrates natively with Auto Scaling groups, health checks, and target groups. For web applications that rely on session persistence, ALB stickiness is the standard design choice. The application is third-party, so changing the application to externalize sessions may not be possible. Therefore, keeping requests bound to the same backend instance is the appropriate architecture.
Why A is incorrect
Route 53 does not provide cookie-based session affinity to specific EC2 instances. Multivalue answer routing can return multiple healthy records, but it is a DNS-level mechanism, not an HTTP session persistence mechanism. Route 53 Resolver rules also do not inspect browser cookies and do not ensure that a given cookie value maps consistently to one EC2 instance.
In addition, exposing each EC2 instance with a public IP is not the right scalable architecture for a horizontally scaled web application. This option lacks proper load balancer behavior and does not provide real application-layer stickiness.
Why B is incorrect
CloudFront cannot use an Auto Scaling group directly as an origin. CloudFront origins are typically an Application Load Balancer, Network Load Balancer, S3 bucket, custom HTTP origin, or similar endpoint. An Auto Scaling group itself is not a valid origin endpoint for CloudFront.
Also, CloudFront Functions are used for lightweight request and response manipulation at the edge. They are not the correct mechanism to implement instance-level session affinity for a fleet of EC2 instances. Even if cookies are forwarded, CloudFront is not the service that should manage sticky routing among application servers. That role belongs to the load balancer.
Why D is incorrect
Gateway Load Balancer is designed for deploying, scaling, and managing third-party virtual appliances such as firewalls, IDS, and deep packet inspection systems. It is not intended to front standard web applications for browser traffic.
Flow stickiness on GWLB is not the same as HTTP cookie-based session affinity for a web application. GWLB operates for appliance insertion use cases, not for traditional user-facing web application request distribution. Therefore, it does not meet the application requirement appropriately.
