DOP-C02 Exam Dumps : AWS Certified DevOps Engineer - Professional

 To optimize the Macie costs for the account without compromising the account’s functionality, the DevOps engineer needs to exclude S3 buckets that do not contain sensitive data from automated discovery. S3 buckets that contain CloudTrail logs are unlikely to have sensitive data, and Macie charges for scanning and monitoring data in S3 buckets. Therefore, excluding S3 buckets that contain CloudTrail logs from automated discovery can reduce Macie costs. Similarly, configuring discovery jobs to include S3 objects based on the last modified criterion can also reduce Macie costs, as it will only scan and monitor new or updated objects, rather than all objects in the bucket.

This solution meets the requirements in the most operationally efficient manner by automating the application restart process on the instances without restarting them. When the CloudWatch alarm enters the ALARM state, the EventBridge rule is triggered, which in turn invokes the Systems Manager Automation runbook that contains the script to restart the application on the instances.

Comprehensive and Detailed Explanation From Exact Extract:

AWS CodeDeploy supports automatic rollback capabilities, which allow the deployment to automatically revert to the last known good revision if a failure occurs during the deployment or if health checks fail.

You can enable automatic rollback on CodeDeploy deployments by configuring rollback settings in the deployment group.

Automatic rollback triggers can include failed deployments and alarms failing during the deployment lifecycle, which means if the health check fails, CodeDeploy will automatically roll back without manual intervention.

Lifecycle event hooks (Option A) provide custom scripting capabilities during deployment but do not provide built-in rollback automation.

CloudFormation (Option B) can deploy and manage infrastructure but does not control CodeDeploy rollback.

CloudWatch alarms (Option C) can trigger notifications but require manual or additional automation to trigger rollback.Hence, enabling CodeDeploy’s automatic rollback settings is the simplest and most reliable method for automatic rollback upon health check failure.

Reference from AWS Official Documentation and Study Guide:

AWS CodeDeploy Automatic Rollback:"You can configure automatic rollback in AWS CodeDeploy to roll back a deployment if it fails or if specified CloudWatch alarms are triggered."(AWS CodeDeploy User Guide - Automatic Rollbacks)

AWS Certified DevOps Engineer Professional Study Guide:"Leverage CodeDeploy automatic rollback features to reduce downtime and ensure application stability during deployments."