A company wants to run a custom network analysis software package to inspect traffic as t…

Question

A company wants to run a custom network analysis software package to inspect traffic as traffic leaves and enters a VPC. The company has deployed the solution by using AWS CloudFormation on three Amazon EC2 instances in an Auto Scaling group. All network routing has been established to direct traffic to the EC2 instances. Whenever the analysis software stops working, the Auto Scaling group replaces an instance. The network routes are not updated when the instance replacement occurs. Which combination of steps will resolve this issue? (Choose three.)

Accepted Answer

Correct answer: B, D, E. B. Update the CloudFormation template to install the Amazon CloudWatch agent on the EC2 instances. Configure the CloudWatch agent to send process metrics for the application. — D. Create an alarm for the custom metric in Amazon CloudWatch for the failure scenarios. Configure the alarm to publish a message to an Amazon Simple Notification Service (Amazon SNS) topic. — E. Create an AWS Lambda function that responds to the Amazon Simple Notification Service (Amazon SNS) message to take the instance out of service. Update the network routes to point to the replacement instance. — To detect application-level failures, the CloudWatch agent must be installed on the EC2 instances to publish custom process metrics (Option B). When a failure is detected, a CloudWatch alarm can trigger an Amazon SNS notification (Option D). An AWS Lambda function subscribed to this SNS topic can then programmatically update the VPC route tables to point to the newly created healthy instance (Option E).

AWS Certified Solutions Architect – Professional (SAP-C02) — Question 272

Answer options

Correct answer: B, D, E

Explanation