A company mandates that all Amazon Elastic Block Store (EBS) volumes within an account must be tagged to indicate their desired backup frequency, including those that do not require backups. The company employs a custom tag named Backup_Frequency with values of 'none', 'daily', or 'weekly' to signify the backup frequency. An audit reveals that developers occasionally fail to apply these tags. To ensure compliance with the backup policy, which solution should a DevOps engineer implement to guarantee that all EBS volumes are consistently tagged with the Backup_Frequency tag, defaulting to a weekly backup unless otherwise specified?

Exam-Like

Set up AWS Config in the account. Create a custom rule that returns a compliance failure for all Amazon EC2 resources that do not have a Backup Frequency tag applied. Configure a remediation action that uses a custom AWS Systems Manager Automation runbook to apply the Backup_Frequency tag with a value of weekly._

25.0%

Set up AWS Config in the account. Use a managed rule that returns a compliance failure for EC2::Volume resources that do not have a Backup Frequency tag applied. Configure a remediation action that uses a custom AWS Systems Manager Automation runbook to apply the Backup_Frequency tag with a value of weekly._

75.0%

Turn on AWS CloudTrail in the account. Create an Amazon EventBridge rule that reacts to EBS CreateVolume events. Configure a custom AWS Systems Manager Automation runbook to apply the Backup_Frequency tag with a value of weekly. Specify the runbook as the target of the rule._

0.0%

Turn on AWS CloudTrail in the account. Create an Amazon EventBridge rule that reacts to EBS CreateVolume events or EBS ModifyVolume events. Configure a custom AWS Systems Manager Automation runbook to apply the Backup_Frequency tag with a value of weekly. Specify the runbook as the target of the rule._

0.0%

AWS Certified DevOps Engineer - Professional

Comments

Get started today