AWS Certified Solutions Architect Professional SAP-C02 Practice Question

The correct answer is to use AWS Fault Injection Simulator (FIS). FIS is a fully managed service specifically designed for running controlled fault injection experiments to test an application's resilience. It allows for targeting a specific percentage of resources, such as EC2 instances, and provides pre-configured actions like 'aws:ec2:terminate-instances'. Crucially, FIS integrates directly with Amazon CloudWatch alarms, which can be configured as stop conditions. If a CloudWatch alarm is triggered, FIS automatically stops the experiment, providing an essential safety mechanism that directly fulfills the key requirement to halt the test if performance degrades.

The other options are less suitable. Using an AWS Systems Manager Automation runbook is possible but more complex; you would need to manually build the stop-condition logic using a separate Lambda function and EventBridge, whereas FIS provides this natively. AWS Resilience Hub is used to assess, track, and provide recommendations on application resilience, often integrating with FIS for testing, but it does not execute the fault injection experiments itself. Modifying the CI/CD pipeline to update the Auto Scaling group's launch template to an invalid AMI is a heavy-handed approach that doesn't simulate the specific failure of a percentage of running instances and lacks the granular control and safety features of FIS.