AWS Certified SysOps Administrator – Associate — Question 198

A SysOps administrator is preparing to deploy an application to Amazon EC2 instances that are in an Auto Scaling group. The application requires dependencies to be installed. Application updates are issued weekly.

The SysOps administrator needs to implement a solution to incorporate the application updates on a regular basis. The solution also must conduct a vulnerability scan during Amazon Machine Image (AMI) creation.

What is the MOST operationally efficient solution that meets these requirements?

Answer options

• A. Create a script that uses Packer. Schedule a cron job to run the script.
• B. Install the application and its dependencies on an EC2 instance. Create an AMI of the EC2 instance.
• C. Use EC2 Image Builder with a custom recipe to install the application and its dependencies.
• D. Invoke the EC2 CreateImage API operation by using an Amazon EventBridge scheduled rule.

Correct answer: C

Explanation

The correct answer is C because EC2 Image Builder automates the creation of AMIs with the necessary dependencies and allows for vulnerability scanning, making it the most operationally efficient choice. Option A requires manual scripting and maintenance of a cron job, which is less efficient. Option B involves a manual process of creating an AMI after installation, lacking automation. Option D simply triggers an image creation without incorporating the application installation or vulnerability scanning.