An ECS service with ALB integration is not routing traffic correctly. You find the security group attached to the ALB does not allow inbound traffic on port 80. What is the fix?

medium📝 Debug Q7 of 15

AWS - ECS and Fargate

AAdd an outbound rule to the ECS task security group allowing port 80.

BChange the ALB listener port to 443 without updating security groups.

CAdd an inbound rule to the ALB security group allowing TCP port 80 from client IPs.

DRemove all security groups from the ALB.

Step-by-Step Solution

Solution:

Step 1: Identify security group rules needed for ALB
The ALB security group must allow inbound traffic on the listener port (80) from clients.
Step 2: Evaluate options
Adding inbound rule on ALB SG for port 80 fixes the issue. Outbound rules on ECS tasks do not affect ALB inbound traffic. Changing listener port without SG update breaks traffic. Removing all SGs is insecure and impractical.
Final Answer:
Add an inbound rule to the ALB security group allowing TCP port 80 from client IPs. -> Option C
Quick Check:
ALB SG inbound port 80 must be open [OK]

Quick Trick: Open ALB security group inbound port for client traffic [OK]

Common Mistakes:

Modifying ECS task security group instead of ALB
Changing listener port without updating SG
Removing security groups entirely

Master "ECS and Fargate" in AWS

9 interactive learning modes - each teaches the same concept differently

Learn Why Deep Visual Try Challenge Project Recall Time

Want More Practice?

15+ quiz questions · All difficulty levels · Free

Free Signup - Practice All Questions

More AWS Quizzes

An ECS service with ALB integration is not routing traffic correctly. You find the security group attached to the ALB does not allow inbound traffic on port 80. What is the fix?

Step 1: Identify security group rules needed for ALB

Step 2: Evaluate options

Final Answer:

Quick Check:

Want More Practice?