Microsoft Exam AZ-305 Topic 5 Question 11 Discussion

Actual exam question for Microsoft's AZ-305 exam

Question #: 11
Topic #: 5

You are designing a microservices architecture that will be hosted in an Azure Kubernetes Service (AKS) cluster. Apps that will consume the microservices will be hosted on Azure virtual machines. The virtual machines and the AKS cluster will reside on the same virtual network.

You need to design a solution to expose the microservices to the consumer apps. The solution must meet the following requirements:

* Ingress access to the microservices must be restricted to a single private IP address and protected by using mutual TLS authentication.

* The number of incoming microservice calls must be rate-limited.

* Costs must be minimized.

What should you include in the solution?

AAzure API Management Premium tier with virtual network connection

BAzure Front Door with Azure Web Application Firewall (WAF)

CAzure API Management Standard tier with a service endpoint

DAzure App Gateway with Azure Web Application Firewall (WAF)

Show Suggested Answer

Suggested Answer: A

One option is to deploy APIM (API Management) inside the cluster VNet.

The AKS cluster and the applications that consume the microservices might reside within the same VNet, hence there is no reason to expose the cluster publicly as all API traffic will remain within the VNet. For these scenarios, you can deploy API Management into the cluster VNet. API Management Premium tier supports VNet deployment.

https://docs.microsoft.com/en-us/azure/api-management/api-management-kubernetes

by Amie at May 09, 2022, 02:42 PM

Limited Time Offer

25%

Off

Get Premium AZ-305 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Currently there are no comments in this discussion, be the first to comment!