Q26 — AWS SAA-C03 Ch.1
Question 26 of 65 | ← Chapter 1
Q26. A company that hosts its web application on AWS wants to ensure all Amazon EC2 instances. Amazon RDS DB instances and Amazon Redshift clusters are configured with tags. The company wants to minimize the effort of configuring and operating this check. What should a solutions architect do to accomplish this''
- A. Use AWS Config rules to define and detect resources that are not property tagged ✓
- B. Use Cost Explorer to display resources that are not properly tagged Tag those resources manually.
- C. Write API calls to check all resources for proper tag allocation.Periodically run the code on an EC2 instance.
- D. Write API calls to check all resources for proper tag allocation.Schedule an AWS Lambda function through Amazon CloudWatch to periodically run the code
Correct Answer: A. Use AWS Config rules to define and detect resources that are not property tagged
Explanation
AWS Config provides a managed service that enables continuous monitoring of the configuration of AWS resources, including EC2 instances, RDS DB instances, and Redshift clusters. AWS Config rules can be created to govern resource configurations, including tagging compliance. By defining a rule that checks for proper tag allocation on these resources, AWS Config will periodically evaluate the resource tags and report any noncompliant resources, minimizing the effort required to configure and operate this check. This option is also scalable and does not require manual intervention. Option B is incorrect because while Cost Explorer can display resources that are not properly tagged, manually tagging resources can be labor-intensive and error-prone. Option C is incorrect because writing API calls to check all resources for proper tag allocation requires ongoing maintenance to keep the code up-to-date with new and existing resources. Additionally, running the code on an EC2 instance may not be scalable for larger environments. Option D is also incorrect because scheduling an AWS Lambda function through Amazon CloudWatch to periodically run the code also requires ongoing maintenance to keep the code up-to-date with new and existing resources. AWS Config provides a managed service that can handle this task more efficiently.