A sysops administrator is managing an application on AWS that uses Amazon EC2 instances and Amazon Aurora MySQL. The EC2 instances and Aurora instances are in two different subnets. The application servers running in EC2 cannot connect to the Aurora database.
The EC2 subnet is 192.168.87.0/24 and has a security group named sg-123456 with the following configuration.

The Aurora subnet is 192.168.88.0/24 and has a security group named sg-abcdef with the following configuration.

Which action should the sysops administrator take to allow the EC2 instances to connect to the Aurora database?

A. In the inbound rules table of the Aurora security group, add an inbound TCP rule with the MySQL port and sg-123456 as the traffic source.
B. In the inbound rules table of the EC2 security group, add an inbound TCP rule with the MySQL port and 192.168.88.0/24 as the traffic source.
C. In the outbound rules table of the Aurora security group, add an outbound TCP rule with the MySQL port and 192.168.87.0/24 as the destination.
D. In the outbound rules table of the EC2 security group, add an outbound TCP rule with the MySQL port and sg-abcdef as the destination.