AWS Certified DevOps Engineer – Professional — Question 95

A company's primary AWS Region contains the following infrastructure:

• An Amazon S3 bucket that contains an object package that is used in instance user data to configure an application.
• Amazon EC2 instances in an Auto Scaling group behind an Application Load Balancer (ALB) with an instance profile that grants s3:Get* access on the S3 bucket.

The company has the following infrastructure in a backup Region:

• An S3 bucket with the same configuration as the S3 bucket in the primary AWS Region, but without any objects.
• EC2 instances in an Auto Scaling group behind an ALB that run with the same configuration as in the primary AWS Region.

To simulate a disaster recovery scenario, the company turns off all access to Amazon S3 and sets the Auto Scaling group's minimum, maximum, and desired instances to 0 in the primary Region. When the instances in the backup Region scale out, they do not pass Amazon Route 53 health checks.

Which combination of steps should the company take to resolve this issue? (Choose three.)

Answer options

• A. Update the Amazon EC2 Auto Scaling service-linked role to allow access to both S3 buckets.
• B. Set up S3 Cross-Region Replication from the S3 bucket in the primary Region to the S3 bucket in the backup Region.
• C. Update the instance user data to reference the S3 bucket in the primary Region.
• D. Increase the timeout for the target group health check.
• E. Update the EC2 instance profile to allow s3:list* actions.
• F. Update the EC2 instance profile to allow read access to both S3 buckets.

Correct answer: B, D, F

Explanation

The correct answer includes B, D, and F because B ensures that the objects needed for instance configuration are available in the backup Region, D allows more time for health checks to succeed, and F grants the necessary permissions to access both S3 buckets. Options A, C, and E do not directly address the health check failures related to the lack of accessible S3 objects in the backup Region.