AWS Certified CloudOps Engineer Associate SOA-C03 Practice Question
An auto-scaling script sometimes goes out of control and issues a flood of RunInstances API requests, quickly exhausting the AWS account's service quotas. You need an AWS-native mechanism that detects the abnormal surge in RunInstances call rate and immediately invokes a Lambda function that disables the script's IAM role. Which solution provides the required automation with the least ongoing operational overhead?
Enable CloudTrail Insights for management events and create an EventBridge rule that matches "AWS Insight via CloudTrail" events where insightType is ApiCallRateInsight; set the rule's target to the Lambda function that disables the IAM role.
Send CloudTrail logs to CloudWatch Logs, build a metric filter to count RunInstances calls per minute, add a CloudWatch alarm on the metric, and configure the alarm to invoke the Lambda function through SNS.
Enable AWS Config and write a custom rule that counts RunInstances API calls; have the rule invoke the Lambda function when the count exceeds the allowed limit.
Turn on VPC Flow Logs and use CloudWatch Contributor Insights to detect traffic spikes; create an EventBridge rule that triggers the Lambda function when flow-log entries exceed a threshold.
CloudTrail Insights analyzes write-management events such as RunInstances. When the RunInstances call rate deviates from the baseline, CloudTrail generates an Insight event whose detail-type is "AWS Insight via CloudTrail" with insightType set to ApiCallRateInsight. EventBridge can match this event and invoke a Lambda target. Enabling CloudTrail Insights plus a single EventBridge rule needs no manual thresholds or extra infrastructure.
Streaming CloudTrail logs to CloudWatch Logs with a metric filter would work but requires hand-tuned thresholds and ongoing maintenance. VPC Flow Logs and Contributor Insights monitor network traffic, not API frequencies. AWS Config evaluates resource configurations on a schedule and cannot track API call rates in near real time. Therefore, CloudTrail Insights with an EventBridge rule is the most operationally efficient choice.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is CloudTrail Insights and how does it work?
Open an interactive chat with Bash
How does EventBridge integrate with CloudTrail Insights?
Open an interactive chat with Bash
Why are alternatives like CloudWatch metric filters less efficient for detecting API anomalies?
Open an interactive chat with Bash
What is CloudTrail Insights and how does it detect API anomalies?
Open an interactive chat with Bash
What does EventBridge do in this solution?
Open an interactive chat with Bash
Why are the other solutions less efficient for this use case?
Open an interactive chat with Bash
AWS Certified CloudOps Engineer Associate SOA-C03
Monitoring, Logging, Analysis, Remediation, and Performance Optimization
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
Pass with Confidence.
IT & Cybersecurity Package
You have hit the limits of our free tier, become a Premium Member today for unlimited access.
Military, Healthcare worker, Gov. employee or Teacher? See if you qualify for a Community Discount.
Monthly
$19.99
$19.99/mo
Billed monthly, Cancel any time.
3 Month Pass
$44.99
$14.99/mo
One time purchase of $44.99, Does not auto-renew.
MOST POPULAR
Annual Pass
$119.99
$9.99/mo
One time purchase of $119.99, Does not auto-renew.
BEST DEAL
Lifetime Pass
$189.99
One time purchase, Good for life.
What You Get
All IT & Cybersecurity Package plans include the following perks and exams .