Which solution will meet these requirements?

By:
In: DOP-C01
Tagged:
With: 1 Comment
A company has an application that runs on current-generation Amazon EC2 instances in a VPC.The EC2 instances run Amazon Linux and are launched in an Amazon EC2 Auto Scaling group.The application retrieves data from an Amazon S3 bucket, processes the data, and uploads the processed data to a different S3 bucket.Recently, the application’s performance worsened.A manual investigation identified that outbound network bandwidth utilization was too high for the type of EC2 instance.The company updated the EC2 instances to a larger EC2 instance size.The company’s DevOps team needs to receive notification from an Amazon CloudWatch alarm if the application attempts to use more outbound network bandwidth than is available to the EC2 instances.

Which solution will meet these requirements?

Configure EC2 detailed monitoring for the EC2 instances. Create an AWS Lambda function to create a CloudWatch alarm for the bw_out_allowance_exceeded CloudWatch metric for each EC2 instance Configure the alarm to notify the DevOps team.

Configure the unified CloudWatch agent on the EC2 instances to export the bw_out_allowance_exceeded metric to CloudWatch metrics. Create a CloudWatch composite alarm to monitor all bw_out_allowance_exceeded metrics. Configure the alarm to notify the DevOps team.

Configure VPC flow logging to Amazon CloudWatch Logs for the EC2 instances. Create a CloudWatch Logs metric filter to match events in which bandwidth allowance is exceeded. Create a CloudWatch composite alarm to monitor all bw_out_allowance_exceeded metrics. Configure the alarm to notify the DevOps team.

Configure the unified CloudWatch agent on the EC2 instances to export the bw_out_allowance_exceeded metric to CloudWatch metrics. Create an AWS Lambda function to create a CloudWatch alarm for the bw_out_allowance_exceeded CloudWatch metric for each EC2 instance. Configure the alarm to notify the DevOps team.

Explanations:

EC2 detailed monitoring does not include thebw_out_allowance_exceededmetric, and there is no way to directly create CloudWatch alarms for this metric without using an agent.

The unified CloudWatch agent can collect thebw_out_allowance_exceededmetric, and a CloudWatch composite alarm can aggregate this metric across instances to notify the DevOps team if any instance exceeds the bandwidth allowance.

VPC flow logs track IP traffic but do not includebw_out_allowance_exceededas a metric, so they cannot detect bandwidth allowance exceedance directly.

The Lambda function to create CloudWatch alarms is unnecessary here, as the unified CloudWatch agent already provides thebw_out_allowance_exceededmetric, making the Lambda function redundant.

2025-10-07

1 Comment

  1. Frank
    Author

    I map out that the answer is:
    Configure the unified CloudWatch agent on the EC2 instances to export the bw_out_allowance_exceeded metric to CloudWatch metrics. Create a CloudWatch composite alarm to monitor all bw_out_allowance_exceeded metrics. Configure the alarm to notify the DevOps team.

Leave a Reply

Your email address will not be published. Required fields are marked *

2 × 5 =