A company hosts its web applications in the AWS Cloud. The company configures Elastic Load Balancers to use certificates that are imported into AWS certificate Manager (ACM). The company's security team must be noti ed 30 days before the expiration of each certificate.
What should a solutions architect recommend to meet this requirement?

A. Add a rule in ACM to publish a custom message to an Amazon Simple Noti cation Service (Amazon SNS) topic every day, beginning 30 days before any certificate will expire.

B. Create an AWS Con g rule that checks for certificates that will expire within 30 days. configure Amazon EventBridge (Amazon CloudWatch Events) to invoke a custom alert by way of Amazon Simple Noti cation Service (Amazon SNS) when AWS Con g reports a noncompliant resource.

C. Use AWS Trusted Advisor to check for certificates that will expire within 30 days. Create an Amazon CloudWatch alarm that is based on Trusted Advisor metrics for check status changes. configure the alarm to send a custom alert by way of Amazon Simple Noti cation Service (Amazon SNS).

D. Create an Amazon EventBridge (Amazon CloudWatch Events) rule to detect any certificates that will expire within 30 days. configure the rule to invoke an AWS Lambda function. configure the Lambda function to send a custom alert by way of Amazon Simple Noti cation Service (Amazon SNS).








 

Correct Answer: B

This question is in SAA-C03 exam
For getting AWS Certified Solutions Architect Associate Certificate

Disclaimers:
The website is not related to, affiliated with, endorsed or authorized by Amazon.
Trademarks, certification & product names are used for reference only and belong to Amazon.
The website does not contain actual questions and answers from Amazon's Certification Exams.