A company has used infrastructure as code (IaC) to provision a set of two Amazon EC2 inst…

Question

A company has used infrastructure as code (IaC) to provision a set of two Amazon EC2 instances. The instances have remained the same for several years.
The company's business has grown rapidly in the past few months. In response the company's operations team has implemented an Auto Scaling group to manage the sudden increases in traffic. Company policy requires a monthly installation of security updates on all operating systems that are running.
The most recent security update required a reboot. As a result, the Auto Scaling group terminated the instances and replaced them with new, unpatched instances.
Which combination of steps should a solutions architect recommend to avoid a recurrence of this issue? (Choose two.)

Accepted Answer

Correct answer: C, D. C. Create an Elastic Load Balancer in front of the Auto Scaling group. Configure monitoring to ensure that target group health checks return healthy after the Auto Scaling group replaces the terminated instances. — D. Create automation scripts to patch an AMI, update the launch configuration, and invoke an Auto Scaling instance refresh. — To prevent the Auto Scaling group from replacing rebooted instances with outdated, unpatched ones, the underlying AMI must be kept up to date; automating the patching of the AMI, updating the launch configuration, and triggering an instance refresh (Option D) ensures all newly launched instances are pre-patched. Additionally, using an Elastic Load Balancer with properly configured health checks (Option C) ensures that traffic is only routed to healthy, fully booted instances during and after replacement events. Other options either fail to address the root cause of unpatched AMI templates or incorrectly apply termination protection which interferes with Auto Scaling operations.

AWS Certified Solutions Architect – Professional — Question 608

Answer options

Correct answer: C, D

Explanation