Your company plans to host a set of web applications in the AWS Cloud. Each application should be accessible over the internet but must be isolated from one another to prevent potential security issues. As the Solutions Architect, you need to design a strategy that enforces the isolation while allowing HTTPS traffic to each application. Which approach satisfies these requirements?
Deploy all applications to a single EC2 instance and control access using the instance's security group to only allow inbound traffic on port 443.
Create a VPC with multiple public subnets and associate each application with a separate security group that only allows inbound traffic on port 443.
Create a VPC with a single public subnet and deploy a Network Access Control List (NACL) that allows inbound traffic on port 22 to ensure secure communication.
Configure a single public subnet within a VPC and associate all applications to one security group that allows all inbound traffic.