AWS Certified CloudOps Engineer Associate SOA-C03 Practice Question
An operations team manages an Amazon ECS cluster that uses the EC2 launch type. They need to collect host-level CPU, memory, disk, and network metrics and forward all container application logs to Amazon CloudWatch Logs. The solution must start automatically on every new container instance without requiring changes to existing application task definitions. Which approach meets these requirements with the least operational effort?
Add the CloudWatch agent as a sidecar container to every existing and future application task definition so it starts alongside each application task.
Create a task definition that runs the unified CloudWatch agent (with Fluent Bit) and deploy it as an ECS service that uses the DAEMON scheduling strategy. Store the agent configuration in Parameter Store and grant the task IAM permissions to write to CloudWatch.
Edit the configuration file of the Amazon ECS agent on every container instance so that it emits host metrics and container logs directly to CloudWatch.
Use EC2 user data to install and start the CloudWatch agent on each container instance when it boots.
Running the unified CloudWatch agent as its own task with the DAEMON scheduling strategy ensures that one copy of the agent (and optional Fluent Bit container) is launched on every container instance in the cluster. The agent configuration can be stored in AWS Systems Manager Parameter Store, and the task's IAM role needs permissions such as CloudWatchAgentServerPolicy. Because the agent is deployed independently of the application task definitions, no modification of those tasks is required, and every new EC2-based container instance automatically starts collecting and publishing the required metrics and logs.
Embedding the agent as a sidecar in each application task would meet the functional requirement but would require editing every task definition and updating them whenever new services are added. Installing the agent once with user data or by manually updating the ECS agent does not guarantee that future instances receive the agent without additional steps and does not automatically collect container logs. Therefore, deploying the CloudWatch agent as a DAEMON task is the most operationally efficient solution.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is the DAEMON scheduling strategy in ECS?
Open an interactive chat with Bash
How does the unified CloudWatch agent work with Fluent Bit?
Open an interactive chat with Bash
Why is storing the CloudWatch agent configuration in Parameter Store beneficial?
Open an interactive chat with Bash
What is the DAEMON scheduling strategy in Amazon ECS?
Open an interactive chat with Bash
What is the difference between Fluent Bit and the CloudWatch agent?
Open an interactive chat with Bash
How does AWS Systems Manager Parameter Store support this solution?
Open an interactive chat with Bash
AWS Certified CloudOps Engineer Associate SOA-C03
Monitoring, Logging, Analysis, Remediation, and Performance Optimization
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
Pass with Confidence.
IT & Cybersecurity Package
You have hit the limits of our free tier, become a Premium Member today for unlimited access.
Military, Healthcare worker, Gov. employee or Teacher? See if you qualify for a Community Discount.
Monthly
$19.99
$19.99/mo
Billed monthly, Cancel any time.
3 Month Pass
$44.99
$14.99/mo
One time purchase of $44.99, Does not auto-renew.
MOST POPULAR
Annual Pass
$119.99
$9.99/mo
One time purchase of $119.99, Does not auto-renew.
BEST DEAL
Lifetime Pass
$189.99
One time purchase, Good for life.
What You Get
All IT & Cybersecurity Package plans include the following perks and exams .