AWS Solutions Architect - Monitoring and Notification Options

Configuring Notifications for EC2 Instances and ELB

Prev Question Next Question

Question

A company has an application hosted in AWS.

This application consists of EC2 Instances that sit behind an ELB.

The following are the requirements from an administrative perspective: a) Ensure that notifications are sent when the read requests go beyond 1000 requests per minute. b) Ensure that notifications are sent when the latency goes beyond 10 seconds. c)Monitor all AWS API request activities on the AWS resources. Which of the following can be used to satisfy these requirements? (SELECT TWO)

Answers

Explanations

Click on the arrows to vote for the correct answer

A. B. C. D.

Correct Answer - A and C.

Option A is correct.

CloudTrail is a web service that records AWS API calls for all the resources in your AWS account.

It also delivers log files to an Amazon S3 bucket.

The recorded information includes the identity of the user, the start time of the AWS API call, the source IP address, the request parameters, and the response elements returned by the service.

https://docs.aws.amazon.com/awscloudtrail/latest/APIReference/Welcome.html

Option B is incorrect because CloudWatch Logs can be used to monitor log files from other services.

CloudWatch Logs and CloudWatch are different.

Amazon CloudWatch Logs are used to monitor, store, and access your log files from Amazon Elastic Compute Cloud (Amazon EC2) instances, AWS CloudTrail, Route 53, and other sources.

CloudWatch Logs reports the data to a CloudWatch metric.

Rather you can monitor Amazon EC2 API requests using Amazon CloudWatch.

https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/WhatIsCloudWatchLogs.html

Option C is correct.

Use Cloudwatch Metrics for the metrics that need to be monitored as per the requirement.

Set up an alarm activity to send out notifications when the metric reaches the set threshold limit.

https://docs.aws.amazon.com/elasticloadbalancing/latest/classic/elb-cloudwatch-metrics.html

Option D is incorrect because there is no need to use custom log software as you can set up CloudWatch alarms based on CloudWatch Metrics.

To meet the administrative requirements mentioned in the question, two options are required from the given choices. Here's a detailed explanation of each choice:

A. Use CloudTrail to monitor the API Activity. CloudTrail is a service that records and monitors all API activity on AWS resources. It captures all API calls made to AWS resources in the account and saves them in S3 buckets or CloudWatch Logs for auditing and compliance purposes. CloudTrail enables organizations to identify security threats, troubleshoot operational issues, and ensure compliance with regulatory standards. Therefore, it is an ideal choice to meet the requirement of monitoring all AWS API request activities on the AWS resources.

B. Use CloudWatch Logs to monitor the API Activity. CloudWatch Logs is a log management service that enables customers to collect, monitor, and analyze log data from EC2 instances, AWS services, and custom applications. It provides real-time analysis of log data to monitor and troubleshoot application and system issues. CloudWatch Logs can be used to track API activity by configuring logging for the AWS services that are being used. CloudTrail is a better option for monitoring API activity; however, CloudWatch Logs can be used as a fallback option if CloudTrail is not sufficient.

C. Use CloudWatch Metrics for the metrics that need to be monitored as per the requirement and set up an alarm activity to send out notifications when the metric reaches the set threshold limit. CloudWatch Metrics is a monitoring service that provides metrics for AWS resources and applications. It can collect metrics from various AWS resources, such as EC2 instances, ELB, and RDS. CloudWatch Metrics can be used to monitor metrics such as read requests per minute and latency. To meet the requirements mentioned in the question, CloudWatch Metrics can be used to monitor these metrics, and an alarm can be set up to send notifications when the metric reaches the set threshold limit.

D. Use custom log software to monitor the latency and read requests to the EL. Using custom log software can be a valid option to monitor the latency and read requests to the EL. However, it would require additional setup and maintenance efforts. Using CloudWatch Metrics is a more straightforward and efficient solution to monitor these metrics, as it is a built-in AWS service and can easily integrate with ELB.

Therefore, the two recommended options to meet the requirements mentioned in the question are A. Use CloudTrail to monitor the API Activity and C. Use CloudWatch Metrics for the metrics that need to be monitored as per the requirement and set up an alarm activity to send out notifications when the metric reaches the set threshold limit.