AWS Certified CloudOps Engineer Associate SOA-C03 Practice Question
A Linux-based EC2 instance in a private subnet runs a Java workload. The CloudWatch agent already publishes the custom metric mem_used_percent every 30 seconds. When this metric remains above 90% for 5 minutes, the application becomes unresponsive; restarting the Java service resolves the issue. The operations team must implement an automated remediation that requires no inbound network access to the instance, keeps operational overhead low, and records an auditable history of each remediation action. Which solution meets these requirements?
Create a CloudWatch alarm for mem_used_percent > 90% for 5 minutes. Configure an EventBridge rule that targets a Systems Manager Automation runbook that uses AWS-RunShellScript to restart the Java service on the instance.
Place the instance in an Auto Scaling group with desired capacity 1 and attach a scaling policy that terminates and replaces the instance when the alarm threshold is breached.
Publish the alarm to an SNS topic subscribed by a Lambda function that uses SSH through a bastion host to restart the Java process on the instance.
Install a cron job on the instance to monitor memory usage locally and restart the service when it exceeds 90%; forward the script's output to CloudWatch Logs for auditing.
A CloudWatch alarm can monitor the mem_used_percent metric and automatically emit a state-change event to Amazon EventBridge when the threshold is breached. An EventBridge rule that filters for the alarm's ALARM state can invoke an AWS Systems Manager Automation runbook. The runbook (for example, one that uses the AWS-RunShellScript document) runs on the instance through the SSM Agent, which communicates outbound to the Systems Manager service without needing inbound SSH access. Every step of an Automation execution is logged in Systems Manager, providing the required audit trail.
The Lambda-via-SSH approach introduces extra components, inbound connectivity, and key management. A local cron script provides no centralized audit and increases maintenance burden. Terminating and replacing the instance with Auto Scaling is unnecessary for a simple process restart and produces no step-by-step audit of the remediation.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is Amazon CloudWatch and how does it work?
Open an interactive chat with Bash
What role does Amazon EventBridge play in automation?
Open an interactive chat with Bash
How does Systems Manager Automation ensure secure and auditable operations?
Open an interactive chat with Bash
AWS Certified CloudOps Engineer Associate SOA-C03
Monitoring, Logging, Analysis, Remediation, and Performance Optimization
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
Pass with Confidence.
IT & Cybersecurity Package
You have hit the limits of our free tier, become a Premium Member today for unlimited access.
Military, Healthcare worker, Gov. employee or Teacher? See if you qualify for a Community Discount.
Monthly
$19.99 $11.99
$11.99/mo
Billed monthly, Cancel any time.
$19.99 after promotion ends
3 Month Pass
$44.99 $26.99
$8.99/mo
One time purchase of $26.99, Does not auto-renew.
$44.99 after promotion ends
Save $18!
MOST POPULAR
Annual Pass
$119.99 $71.99
$5.99/mo
One time purchase of $71.99, Does not auto-renew.
$119.99 after promotion ends
Save $48!
BEST DEAL
Lifetime Pass
$189.99 $113.99
One time purchase, Good for life.
Save $76!
What You Get
All IT & Cybersecurity Package plans include the following perks and exams .