Which set of actions will ensure that log files are copied to the central S3 bucket from the terminated EC2 instances?

By:
On:
In: SAP-C02
Tagged:
With: 0 Comments
A company is running an application on several Amazon EC2 instances in an Auto Scaling group behind an Application Load Balancer.The load on the application varies throughout the day, and EC2 instances are scaled in and out on a regular basis.Log files from the EC2 instances are copied to a central Amazon S3 bucket every 15 minutes.The security team discovers that log files are missing from some of the terminated EC2 instances.

Which set of actions will ensure that log files are copied to the central S3 bucket from the terminated EC2 instances?

Create a script to copy log files to Amazon S3, and store the script in a file on the EC2 instance. Create an Auto Scaling lifecycle hook and an Amazon EventBridge rule to detect lifecycle events from the Auto Scaling group. Invoke an AWS Lambda function on the autoscaling:EC2_INSTANCE_TERMINATING transition to send ABANDON to the Auto Scaling group to prevent termination, run the script to copy the log files, and terminate the instance using the AWS SDK.

Create an AWS Systems Manager document with a script to copy log files to Amazon S3. Create an Auto Scaling lifecycle hook and an Amazon EventBridge rule to detect lifecycle events from the Auto Scaling group. Invoke an AWS Lambda function on the autoscaling:EC2_INSTANCE_TERMINATING transition to call the AWS Systems Manager API SendCommand operation to run the document to copy the log files and send CONTINUE to the Auto Scaling group to terminate the instance.

Change the log delivery rate to every 5 minutes. Create a script to copy log files to Amazon S3, and add the script to EC2 instance user data. Create an Amazon EventBridge rule to detect EC2 instance termination. Invoke an AWS Lambda function from the EventBridge rule that uses the AWS CLI to run the user-data script to copy the log files and terminate the instance.

Create an AWS Systems Manager document with a script to copy log files to Amazon S3. Create an Auto Scaling lifecycle hook that publishes a message to an Amazon Simple Notification Service (Amazon SNS) topic. From the SNS notification, call the AWS Systems Manager API SendCommand operation to run the document to copy the log files and send ABANDON to the Auto Scaling group to terminate the instance.

Explanations:

This option involves invoking a Lambda function to prevent the termination of the instance, which complicates the process. The instance cannot be terminated until the log files are copied, leading to potential delays and inefficiencies.

This option correctly utilizes AWS Systems Manager to run a script that copies log files to S3 at the moment of termination. The lifecycle hook allows for seamless integration, and using CONTINUE allows for the termination to proceed after the logs are copied.

Changing the log delivery rate to every 5 minutes does not solve the problem of copying logs from terminated instances. The use of a user data script for copying logs during termination is also ineffective, as user data scripts are only executed during instance launch, not during termination.

Although this option suggests using AWS Systems Manager to copy logs, sending ABANDON to the Auto Scaling group will prevent the instance from terminating, which is not necessary once the logs are copied. It unnecessarily complicates the termination process.

Leave a Reply

Your email address will not be published. Required fields are marked *

11 + 19 =