Q27 — AWS DOP-C02 Ch.2

Question 27 of 100 | ← Chapter 2

A developer maintains a fleet of 50 Amazon EC2 Linux servers. These servers are part of an Amazon EC2 Auto Scaling group and use Elastic Load Balancing for load distribution. Occasionally, some application servers are terminated after failing ELB HTTP health checks. The developer wants to perform root cause analysis but cannot access application logs before the servers terminate.

Correct Answer: D. Use an Auto Scaling lifecycle hook to place the instance in Terminating:Wait state. Create an Amazon EventBridge rule for EC2 instance termination lifecycle operations and trigger an AWS Lambda function to invoke SSM Run Command to collect logs, push them to Amazon S3, and complete the lifecycle action after collection.

Explanation

To automate log collection before EC2 instance termination, use an Auto Scaling lifecycle hook to place the instance in `Terminating:Wait` state—pausing termination until logs are collected. To trigger the collection logic, create an Amazon EventBridge rule for the `EC2 Instance Terminate Lifecycle Action` event. When triggered, this rule invokes an AWS Lambda function, which uses SSM Run Command to execute a log collection script and upload logs to Amazon S3. Finally, the Lambda function completes the lifecycle action to allow termination. Thus, Option D is correct.