Q18 — AWS DOP-C02 Ch.2
Question 18 of 100 | ← Chapter 2
A company’s security policy requires using hardened AMIs in production environments. A DevOps engineer used EC2 Image Builder to create a pipeline for building AMIs on a recurring schedule. The DevOps engineer must update the company’s Auto Scaling group launch template. During Amazon EC2 instance launches, the Auto Scaling group must use the latest AMI.
- A. Configure an Amazon EventBridge rule to receive new AMI events from Image Builder. Target an AWS Systems Manager Run Command document that updates the Auto Scaling group’s launch template with the latest AMI ID.
- B. Configure an Amazon EventBridge rule to receive new AMI events from Image Builder. Target an AWS Lambda function that updates the Auto Scaling group’s launch template with the latest AMI ID.
- C. Configure the launch template to use a value from AWS Systems Manager Parameter Store as the AMI ID. Configure the Image Builder pipeline to update the Parameter Store value with the latest AMI ID.
- D. Configure the Image Builder distribution settings to update the launch template with the latest AMI ID. Configure the Auto Scaling group to use the latest version of the launch template. ✓
Correct Answer: D. Configure the Image Builder distribution settings to update the launch template with the latest AMI ID. Configure the Auto Scaling group to use the latest version of the launch template.
Explanation
EC2 Image Builder supports configuring distribution settings during AMI pipeline creation to directly distribute the generated AMI to a specified launch template. Each time Image Builder builds a new AMI, it automatically creates a new version of the launch template. Configuring the Auto Scaling group to use the latest version ensures continuous deployment of the most recent AMI. Option D describes this native integration, eliminating the need for additional services such as EventBridge, Lambda, or Systems Manager Parameter Store. Other options introduce extra components, increasing complexity and maintenance overhead. Refer to AWS documentation on EC2 Image Builder and launch template integration.