AWS Certified Developer – Associate (DVA-C02) — Question 59

A developer is incorporating AWS X-Ray into an application that handles personal identifiable information (PII). The application is hosted on Amazon EC2 instances. The application trace messages include encrypted PII and go to Amazon CloudWatch. The developer needs to ensure that no PII goes outside of the EC2 instances.
Which solution will meet these requirements?

Answer options

• A. Manually instrument the X-Ray SDK in the application code.
• B. Use the X-Ray auto-instrumentation agent.
• C. Use Amazon Macie to detect and hide PII. Call the X-Ray API from AWS Lambda.
• D. Use AWS Distro for Open Telemetry.

Correct answer: A

Explanation

The correct answer is A because manually instrumenting the X-Ray SDK allows the developer to control exactly how and when PII is traced, ensuring it remains within the EC2 environment. The other options either automate the instrumentation process or involve additional services that could inadvertently expose PII outside the EC2 instances.