The operation team in the company has recently initiated an audit to ensure that all major AWS components used are properly monitored with necessary logs, alarms and notifications.
The company has also set up an on-call team to receive AWS alerts and notifications and react accordingly when necessary.
The AWS service of CodePipeline has been used as well by the development team for the new feature development.
Relevant CodePipeline activities should be monitored such as the time and date of actions, the source IP address for an action, etc.
What should the operation team do to ensure that CodePipeline is being properly monitored with enough logging? Select 2.
Click on the arrows to vote for the correct answer
A. B. C. D.Correct Answer -A, D.
Option A and D are Correct:
Logging and monitoring for AWS services are very important to ensure that the services are running smoothly.
For CodePipeline, the below features are available in the following AWS services:
AWS CloudTrail can be used to log AWS API calls and related events made by or on behalf of an AWS account.
For more information, see ?Logging AWS CodePipeline API Calls with AWS CloudTrail?.
Amazon CloudWatch Events can be used to monitor your AWS Cloud resources and.
the applications you run on AWS.
You can create alerts in Amazon CloudWatch Events based on metrics that you define.
For more information, see Detect and React to Changes in Pipeline State with Amazon CloudWatch Events.
They are also the AWS CodePipeline Best Practices which are clearly stated in https://docs.aws.amazon.com/codepipeline/latest/userguide/best-practices.html.
According to this, options A and D are correct as Cloudtrail and Cloudwatch Events are the proper tools to monitor CodePipeLine activities.
Option B is incorrect: because there is no AWS/CodePipeline namespace in Cloudwatch Metrics.
CodePipeline is not supported in Cloudwatch metrics as well.
Refer to https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/aws-services-cloudwatc h-metrics.html?.
Option C is incorrect: because there is no CodePipeline Logging feature.
To trace the logging events, Cloudtrail/Cloudwatch Event is needed.
Sure, I'll explain each option in detail for you.
A. AWS CloudTrail is a service that enables governance, compliance, operational auditing, and risk auditing of your AWS account. CloudTrail can be used to log AWS CodePipeline API calls and related events made by or on behalf of an AWS account. By using CloudTrail, users can determine the request that was made to AWS CodePipeline, the IP address from which the request was made, who made the request, when it was made, and additional details. This means that the operation team can use CloudTrail logs to monitor CodePipeline activities and identify any issues.
B. AWS CloudWatch is a monitoring and observability service that provides data and actionable insights for AWS resources, applications, and services. In CloudWatch Metrics, there are CodePipeline events in the namespace of AWS/CodePipeline. Users can also create a dashboard to understand the CodePipeline status based on the metrics. This means that the operation team can use CloudWatch Metrics to monitor the CodePipeline status and identify any issues.
C. The CodePipeline Logging feature in the console allows you to save logs in real-time to an S3 bucket that the operation team chooses. The operation team can use an editor or analytic tool to open the txt files in the S3 bucket to analyze and monitor CodePipeline activities. This means that the operation team can use the CodePipeline Logging feature to monitor CodePipeline activities and identify any issues.
D. Amazon CloudWatch Events is a service that enables you to respond to state changes in your AWS resources. CloudWatch Events can be used to monitor the AWS Cloud resources including CodePipeline. The operation team can create a rule in Amazon CloudWatch Events based on CodePipeline metrics that they define such as “CodePipeline Pipeline Execution State Change”. Then, they can use a SNS topic as the target of this CloudWatch Event rule. This means that the operation team can use CloudWatch Events to monitor CodePipeline activities and receive alerts when any issues occur.
So, to ensure that CodePipeline is being properly monitored with enough logging, the operation team should use both A and D options. By using CloudTrail logs, they can monitor CodePipeline API calls and related events, and by using CloudWatch Events, they can receive alerts when any issues occur.