A company has used infrastructure as code (IaC) to provision a set of two Amazon EC2 inst…

Question

A company has used infrastructure as code (IaC) to provision a set of two Amazon EC2 instances. The instances have remained the same for several years. The company's business has grown rapidly in the past few months. In response, the company’s operations team has implemented an Auto Scaling group to manage the sudden increases in traffic. Company policy requires a monthly installation of security updates on all operating systems that are running. The most recent security update required a reboot. As a result, the Auto Scaling group terminated the instances and replaced them with new, unpatched instances. Which combination of steps should a solutions architect recommend to avoid a recurrence of this issue? (Choose two.)

Accepted Answer

Correct answer: C, D. C. Create an Elastic Load Balancer in front of the Auto Scaling group. Configure monitoring to ensure that target group health checks return healthy after the Auto Scaling group replaces the terminated instances. — D. Create automation scripts to patch an AMI, update the launch configuration, and invoke an Auto Scaling instance refresh. — To prevent the Auto Scaling group from replacing rebooted instances with unpatched ones, the optimal strategy is to automate AMI patching, update the launch configuration, and perform an instance refresh to roll out the pre-patched instances. Additionally, deploying an Elastic Load Balancer with correctly configured target group health checks ensures that instances undergoing updates or replacements do not receive traffic until they are fully healthy. Other methods, such as enabling termination protection or manually managing dual Auto Scaling groups, fail to address the root issue of outdated source AMIs and disrupt standard Auto Scaling operations.

AWS Certified Solutions Architect – Professional (SAP-C02) — Question 336

Answer options

Correct answer: C, D

Explanation