Explanation:
The Amazon CloudWatch unified agent requires appropriate AWS IAM permissions to publish metrics (such as memory usage) to CloudWatch. The AWS best practice is to attach an IAM instance profile with the necessary permissions (e.g., the CloudWatchAgentServerPolicy managed policy) to the EC2 instance. If the permissions are missing, the agent runs but cannot write metric data, leading the alarm to stay in the INSUFFICIENT_DATA state.
Ultimate access to all questions.
A company observes that a newly created Amazon CloudWatch alarm is not transitioning out of the INSUFFICIENT_DATA state. The alarm was created to track the mem_used_percent metric from an Amazon EC2 instance that is deployed in a public subnet. A review of the EC2 instance shows that the unified CloudWatch agent is installed and is running. However, the metric is not available in CloudWatch. A SysOps administrator needs to implement a solution to resolve this problem. Which solution will meet these requirements?
A
Enable CloudWatch detailed monitoring for the EC2 instance
B
Create an IAM instance profile that contains CloudWatch permissions. Add the instance profile to the EC2 instance
C
Migrate the EC2 instance into a private subnet
D
Create an IAM user that has an access key ID and a secret access key. Update the unified CloudWatch agent configuration file to use those credentials
No comments yet.