In this scenario, there are two answers: the one you shared above and this one:
Integrate AWS Lambda and CloudWatch Events to schedule a daily process that will search through the list of running Amazon EC2 instances within your VPC. Configure the function to determine if any of these are based on unauthorized AMIs. Publish a new message to an Amazon SNS topic to inform the Security and Development teams that the issue occurred and then automatically terminate the EC2 instance.
The phrase “scheduled Lambda function” in the explanation is referring to Lambda and CloudWatch Events. I am actually trying to make our explanations more concise but I guess, I can further improve this and mention the whole thing to avoid any confusion like this.
Let us know if you need further assistance. The Tutorials Dojo team is dedicated to help you pass your AWS exam on your first try!
Jon Bonso @ Tutorials Dojo