A company deploys its application as a service on an Amazon Elastic Container Service (Amazon ECS) cluster with theAWS Fargate launch type. A security engineer suspects that some incoming requests are malicious. The security engineer needs to inspect the running container by retrieving log files and memory dump flies.
Which solution will meet these requirements with the LEAST operational effort?
To inspect a running container and retrieve log files and memory dumps with the least operational effort, enabling the ECS Exec feature is the most efficient solution. This allows direct and secure access to the container's runtime environment without needing to modify the application or infrastructure setup significantly. It also leverages existing AWS services, reducing operational complexity.
My answer is B. https://docs.aws.amazon.com/whitepapers/latest/replatform-dotnet-apps-with-windows-containers/logging-and-monitoring.html
The question asks to inspect the container and retrieve files, so ECS Exec sounds reasonable.
Option D is the most efficient solution as it allows for direct and secure access to the container's runtime environment without significant modifications to the application or infrastructure setup. It leverages existing AWS services and features, reducing operational overhead and complexity.
It has to be either B or C because these types of logs are a function of CloudWatch. Would you not agree?
Answer: D - see link below https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-exec.html