AWS Certified SysOps Administrator – Associate — Question 95

A company is using Amazon Elastic Container Service (Amazon ECS) to run a containerized application on Amazon EC2 instances. A SysOps administrator needs to monitor only traffic flows between the ECS tasks.

Which combination of steps should the SysOps administrator take to meet this requirement? (Choose two.)

Answer options

• A. Configure Amazon CloudWatch Logs on the elastic network interface of each task.
• B. Configure VPC Flow Logs on the elastic network interface of each task.
• C. Specify the awsvpc network mode in the task definition.
• D. Specify the bridge network mode in the task definition.
• E. Specify the host network mode in the task definition.

Correct answer: B, C

Explanation

The correct answers are B and C. Configuring VPC Flow Logs (B) allows monitoring of traffic at the network interface level, which is necessary for tracking ECS task communications. Specifying the awsvpc network mode (C) ensures that each task has its own elastic network interface, enabling accurate traffic flow monitoring. The other options do not provide the required level of monitoring for traffic between tasks.