What is the MOST operationally efficient solution that meets these requirements?

By:
On:
In: SOA-C02
Tagged:
With: 0 Comments
A SysOps administrator is preparing to deploy an application to Amazon EC2 instances that are in an Auto Scaling group.The application requires dependencies to be installed.Application updates are issued weekly.The SysOps administrator needs to implement a solution to incorporate the application updates on a regular basis.The solution also must conduct a vulnerability scan during Amazon Machine Image (AMI) creation.

What is the MOST operationally efficient solution that meets these requirements?

Create a script that uses Packer. Schedule a cron job to run the script.

Install the application and its dependencies on an EC2 instance. Create an AMI of the EC2 instance.

Use EC2 Image Builder with a custom recipe to install the application and its dependencies.

Invoke the EC2 CreateImage API operation by using an Amazon EventBridge scheduled rule.

Explanations:

While Packer can create AMIs with custom scripts, using a cron job for regular updates is less efficient than other automated solutions. Packer does not inherently include vulnerability scanning, requiring additional steps.

Creating an AMI from a configured EC2 instance can be manual and may not incorporate regular updates efficiently. It also does not automate the process of vulnerability scanning during AMI creation.

EC2 Image Builder automates the creation and management of AMIs, including installing applications, dependencies, and conducting vulnerability scans as part of the pipeline. This meets both requirements efficiently.

Using the CreateImage API with an EventBridge rule can automate AMI creation but does not provide an integrated solution for installing applications, dependencies, or conducting vulnerability scans automatically during the process.

Leave a Reply

Your email address will not be published. Required fields are marked *

3 × 4 =