SOA-C02: Which solution stop EC2 instances has non-production environment type tag with the MOST operational efficiency

Question

A company decides to stop non-production Amazon EC2 instances during the EC2 instances. The company’s IT manager must receive notification in near real time whenever an EC2 instance that has an environment type tag value of non-production is started during the night. Which solution will meet this requirement with the MOST operational efficiency?

A. Configure an AWS Lambda function with an SMTP client library. Subscribe the Lambda function to the AWS Health Dashboard to receive notification whenever an EC2 instance is in the running state. Configure the Lambda function to use Amazon Pinpoint to send email notifications to the IT manager. Deploy a second Lambda function to throttle calls from the first Lambda function during the daytime.
B. Deploy an AWS Lambda function that queries the Amazon EC2 API to determine the state of each EC2 instance. Use the EC2 instance scheduler to configure the Lambda function to run every minute during the night and to send an email notification to the IT manager for each non-production EC2 instance that is in the running state.
C. Create an Amazon EventBridge rule that includes the EC2 Instance State-change Notification event type. Filter the event to capture only the running state. Create an AWS Lambda function as a target of the rule. Configure the Lambda function to check the current time and the EC2 instances’ tags to determine the environment type. Create an Amazon Simple Notification Service (Amazon SNS) topic as a target of the Lambda function for notifications. Subscribe the IT manager’s email address to the SNS topic.
D. Store the EC2 instance metadata, including the environment type, in an Amazon DynamoDB table. Deploy a custom application to an EC2 instance. Configure the custom application to poll the DynamoDB data every minute during the night and to query the Amazon EC2 API to determine the state of each instance. Additionally, configure the custom application to send an email notification to the IT manager for each non-production EC2 instance that is in the running state.

Answer

C. Create an Amazon EventBridge rule that includes the EC2 Instance State-change Notification event type. Filter the event to capture only the running state. Create an AWS Lambda function as a target of the rule. Configure the Lambda function to check the current time and the EC2 instances’ tags to determine the environment type. Create an Amazon Simple Notification Service (Amazon SNS) topic as a target of the Lambda function for notifications. Subscribe the IT manager’s email address to the SNS topic.

Explanation

The correct answer is C. Create an Amazon EventBridge rule that includes the EC2 Instance State-change Notification event type. Filter the event to capture only the running state. Create an AWS Lambda function as a target of the rule. Configure the Lambda function to check the current time and the EC2 instances’ tags to determine the environment type. Create an Amazon Simple Notification Service (Amazon SNS) topic as a target of the Lambda function for notifications. Subscribe the IT manager’s email address to the SNS topic.

This solution can meet the requirement with the most operational efficiency because:

• It can provide near real-time notification whenever a non-production EC2 instance is started during the night. Amazon EventBridge is a service that allows you to connect your applications with AWS services, SaaS applications, or custom events. You can use Amazon EventBridge to create rules that match specific events and trigger actions based on those events. In this case, you can create a rule that matches the EC2 Instance State-change Notification event type, which is an event that occurs when an EC2 instance changes its state, such as from stopped to running. You can filter the event to capture only the running state, which means that the rule will only be triggered when an EC2 instance is started.
• It can leverage AWS Lambda and Amazon SNS to send email notifications to the IT manager. AWS Lambda is a service that allows you to run code without provisioning or managing servers. You can use AWS Lambda as a target of your Amazon EventBridge rule, which means that a Lambda function will be invoked when the rule is triggered. You can configure the Lambda function to check the current time and the EC2 instances’ tags to determine if the instance has an environment type tag value of non-production and if it is started during the night. If both conditions are met, you can create an Amazon SNS topic as another target of your Lambda function for notifications. Amazon SNS is a service that allows you to send messages to multiple subscribers using topics. You can subscribe the IT manager’s email address to the SNS topic, which means that they will receive an email notification whenever a non-production EC2 instance is started during the night.
• It does not require any additional services or configurations. This solution uses only three AWS services: Amazon EventBridge, AWS Lambda, and Amazon SNS. These services are fully managed by AWS and do not require any servers, storage, or network infrastructure. You only need to create and configure the resources and permissions for your solution.

The other options are incorrect because:

• Option A is incorrect because using an SMTP client library in a Lambda function would not be as efficient or reliable as using Amazon SNS for email notifications. SMTP stands for Simple Mail Transfer Protocol, which is a protocol for sending and receiving email messages over the internet. An SMTP client library is a software component that allows you to send email messages programmatically using SMTP. However, using an SMTP client library in a Lambda function would require you to manage your own SMTP server or use a third-party SMTP service, which would add complexity and cost to your solution. Additionally, using an SMTP client library would not provide any delivery guarantees or retries for your email messages, which could result in missed or delayed notifications.
• Option B is incorrect because using the EC2 instance scheduler to run a Lambda function every minute during the night would not provide near real-time notification for your scenario. The EC2 instance scheduler is a solution that allows you to automatically start and stop your EC2 instances based on a schedule that you define. You can use the EC2 instance scheduler to invoke a Lambda function at specific times or intervals, such as every minute during the night. However, this solution would not be able to detect when an EC2 instance changes its state from stopped to running in between those intervals, which could result in delayed or missed notifications.
• Option D is incorrect because storing the EC2 instance metadata in a DynamoDB table and deploying a custom application to an EC2 instance would not be as efficient or scalable as using Amazon EventBridge and AWS Lambda for your scenario. Amazon DynamoDB is a service that provides fast and flexible NoSQL database tables. You can use DynamoDB to store your EC2 instance metadata, such as their tags and environment type. However, this would require you to synchronize your DynamoDB data with your EC2 data whenever there are any changes, which would add overhead and complexity to your solution. Additionally, deploying a custom application to an EC2 instance would require you to provision, manage, and monitor your own server, which would increase your operational effort and cost. Moreover, this solution would not be able to scale well with increasing number of EC2 instances or events.

Overall, Option C leverages the event-driven architecture of Amazon EventBridge and the scalability of AWS Lambda to efficiently process EC2 instance state changes. It applies filtering at various levels to reduce unnecessary processing and notifications, ensuring that only non-production instances started during the night trigger notifications to the IT manager. This solution minimizes operational overhead and provides near real-time notifications with high efficiency.

Amazon AWS Certified SysOps Administrator – Associate certification exam practice question and answer (Q&A) dump with detail explanation and reference available free, helpful to pass the Amazon AWS Certified SysOps Administrator – Associate exam and earn Amazon AWS Certified SysOps Administrator – Associate certification.