A cloud engineer recently used a deployment script template to implement changes on a cloud-hosted web application. The web application communicates with a managed database on the back end. The engineer later notices the web application is no longer receiving data from the managed database. Which of the following is the MOST likely cause of the issue?
Correct Answer: C
Explanation
The most likely cause of the issue is C. Misconfiguration in the network ACL. A network ACL (access control list) is a set of rules that controls the inbound and outbound traffic for a subnet or a virtual network in a cloud environment. A misconfiguration in the network ACL can block the communication between the web application and the managed database, resulting in data loss or unavailability. For example, according to the Azure SQL Database documentation1, if you use a virtual network service endpoint to secure your database, you need to configure the network ACL to allow traffic from the web application subnet to the database subnet. Otherwise, the web application will not be able to connect to the database. Similarly, according to the DigitalOcean tutorial2, if you use a managed database cluster, you need to add the web application's IP address or Droplet to the cluster's trusted sources list. Otherwise, the web application will not be able to access the database.
A misconfiguration in the user permissions, the routing traffic, or the firewall can also cause connectivity issues between the web application and the managed database, but they are less likely than a misconfiguration in the network ACL. A misconfiguration in the user permissions can prevent the web application from authenticating or authorizing with the database, but it will not affect the data transmission. A misconfiguration in the routing traffic can cause packets to be lost or delayed, but it will not block the communication entirely.
A misconfiguration in the firewall can filter out unwanted traffic, but it will not affect the traffic that is allowed by the network ACL. Therefore, these are not the most likely causes of the issue. For more information on how to troubleshoot connectivity issues between a cloud-hosted web application and a managed database, you can refer to the AWS documentation3 or the Google Cloud documentation.