A new zero-day vulnerability was found in OpenSSL requiring the immediate patching of a production web fleet running on Amazon Linux.
Currently, OS updates are performed manually on a monthly basis and deployed using updates to the production Auto Scaling Group’s launch configuration.
Which method should a DevOps Engineer use to update packages in-place without downtime?
A. Use AWS CodePipline and AWS CodeBuild to generate new copies of these packages, and update the Auto Scaling group’s launch configuration.
B. Use AWS Inspector to run “yum upgrade” on all running production instances, and manually update the AMI for the next maintenance window.
C. Use Amazon EC2 Run Command to issue a package update command to all running production instances, and update the AMI for future deployments.
D. Define a new AWS OpsWorks layer to match the running production instances, and use a recipe to issue a package update command to all running production instances.
Currently, OS updates are performed manually on a monthly basis and deployed using updates to the production Auto Scaling Group’s launch configuration.
Which method should a DevOps Engineer use to update packages in-place without downtime?
A. Use AWS CodePipline and AWS CodeBuild to generate new copies of these packages, and update the Auto Scaling group’s launch configuration.
B. Use AWS Inspector to run “yum upgrade” on all running production instances, and manually update the AMI for the next maintenance window.
C. Use Amazon EC2 Run Command to issue a package update command to all running production instances, and update the AMI for future deployments.
D. Define a new AWS OpsWorks layer to match the running production instances, and use a recipe to issue a package update command to all running production instances.