Question #1113
A company wants to enable enhanced monitoring for their AWS Lambda functions using Amazon CloudWatch. Their application is deployed using an AWS Serverless Application Model (AWS SAM) template, which includes a Lambda function resource. What modification should the developer make to the SAM template to enable enhanced monitoring?
Add an output with the ARN of the CloudWatch Logs group and reference it in the Lambda function.
Add a parameter specifying the Log group name prefix and reference it in the CloudWatch Logs resource.
For each Lambda function, include the Lambda Insights layer and attach the CloudWatchLambdaInsightsExecutionRolePolicy.
Set the Lambda function's TracingConfig to Active and attach the AWSXRayDaemonWriteAccess policy.
Explanation
Option C is correct because AWS Lambda Enhanced Monitoring is enabled using Lambda Insights, which requires adding the Lambda Insights layer to the function. This layer collects and publishes detailed performance metrics (e.g., CPU, memory, disk I/O) to CloudWatch. Additionally, the Lambda function's execution role must have the CloudWatchLambdaInsightsExecutionRolePolicy to grant permissions for publishing metrics.
Other options are incorrect because:
- A: Outputting a CloudWatch Logs ARN relates to standard logging, not enhanced monitoring.
- B: Specifying a log group name prefix configures logging, not enhanced metrics collection.
- D: Enabling X-Ray tracing focuses on request tracing, not enhanced monitoring metrics.
Key Points:
1. Lambda Insights provides enhanced monitoring via a layer.
2. The execution role must include the CloudWatchLambdaInsightsExecutionRolePolicy.
3. Enhanced monitoring is distinct from basic logging or X-Ray tracing.
Answer
The correct answer is: C