This solution correctly implements the standard AWS pattern for performing actions on an instance before it is terminated by an Auto Scaling group. An Auto Scaling lifecycle hook for the autoscaling:EC2INSTANCETERMINATING event pauses the termination process, placing the instance in a Terminating:Wait state. An Amazon EventBridge rule detects this state change and triggers an AWS Lambda function. The Lambda function uses the AWS Systems Manager (SSM) SendCommand API to reliably execute a predefined script (an SSM document) on the instance to copy the logs. Once the command is sent, the Lambda function signals the lifecycle hook to CONTINUE, allowing the Auto Scaling group to proceed with the termination.

A. This option incorrectly uses the ABANDON signal, which would cancel the termination action, preventing the instance from being scaled in as intended by the Auto Scaling group.

C. Reducing the log delivery frequency only lessens the chance of data loss but does not guarantee it. Furthermore, user data scripts run only at instance launch and cannot be re-invoked to handle termination events.

D. This option incorrectly uses the ABANDON signal. This would cancel the scale-in event, leaving the instance running and disrupting the Auto Scaling group's desired capacity.

1. AWS Auto Scaling Documentation - Amazon EC2 Auto Scaling lifecycle hooks: This document explains how lifecycle hooks work

including the EC2INSTANCETERMINATING state. It explicitly mentions the pattern of using EventBridge

Lambda

and SSM Run Command to perform actions before termination. See the section "Tutorial: Configure a lifecycle hook that invokes a Lambda function".

Source: AWS Documentation

Amazon EC2 Auto Scaling User Guide

"Amazon EC2 Auto Scaling lifecycle hooks".

2. AWS Auto Scaling Documentation - CompleteLifecycleAction: This API reference details the CONTINUE and ABANDON results. It clarifies that CONTINUE signals that the lifecycle action is complete and the Auto Scaling group can proceed

while ABANDON cancels the action.

Source: AWS Documentation

Amazon EC2 Auto Scaling API Reference

"CompleteLifecycleAction".

3. AWS Systems Manager Documentation - AWS Systems Manager Run Command: This document describes how Run Command allows you to remotely and securely manage the configuration of your managed instances. It is the recommended method for running scripts on instances in response to events.

Source: AWS Documentation

AWS Systems Manager User Guide

"AWS Systems Manager Run Command".

4. AWS Compute Blog - Using lifecycle hooks to drain tasks from a container instance: While this example is for ECS

it demonstrates the same architectural pattern: Lifecycle Hook -> EventBridge -> Lambda. The blog states

"The Lambda function is responsible for performing the custom action and then sending the CONTINUE signal back to the Auto Scaling group." This confirms the correct use of the CONTINUE signal.

Source: AWS Compute Blog

"Using lifecycle hooks to drain tasks from a container instance

" Paragraph 5 under "The solution".