A company has a message queue application that is based on Apache Kafka. The company runs the application across a fleet of Amazon EC2 instances in a VPC. The EC2 instances are deployed across multiple Availability Zones.
A network engineer must ensure that the application is highly available and scalable. Additionally, the load on the EC2 instances must be automatically distributed. For security compliance, application clients must be able to create an allow list of the IP addresses for the application.
Which solution meets these requirements?

A. Add an Application Load Balancer (ALB) in front of the EC2 instances. Provide the ALB IP addresses to the application clients to create an allow list.
B. Add a Network Load Balancer (NLB) in front of the EC2 instances. Provide the NLB IP addresses to the application clients to create an allow list.
C. Add an Application Load Balancer in front of the EC2 instances. Provide the CNAME to the application clients to create an allow list.
D. Add a Network Load Balancer (NLB) in front of the EC2 instances. Provide the NLB's default alias to the application clients to create an allow list.