AWS Certified DevOps Engineer - Professional
Get started today
Ultimate access to all questions.
Ultimate access to all questions.
A company's developers utilize Amazon EC2 instances as remote workstations. The company has identified a security concern where users can potentially create or modify EC2 security groups to allow unrestricted inbound access. To address this, a DevOps engineer has been tasked with developing a solution that can detect the creation of unrestricted security group rules in near real-time. The solution must also automatically remove these unrestricted rules and subsequently send email notifications to the security team. The engineer has already created an AWS Lambda function that is capable of checking for security group IDs from input, removing rules that grant unrestricted access, and sending notifications via Amazon Simple Notification Service (Amazon SNS). What additional steps should the DevOps engineer take to implement this solution effectively?
Explanation:
Option C is correct because it leverages Amazon EventBridge's capability to detect events in near real-time. The default event bus in EventBridge captures events generated by AWS services, including EC2 security group creation and modification events. By creating an EventBridge event rule with an event pattern that matches security group creation and modification events, and configuring this rule to invoke the Lambda function, the engineer can ensure that any changes to security group rules are detected and managed promptly. Other options either do not meet the real-time requirement or misuse services (like SNS), making them less appropriate for this scenario.