ExamTopics Logo
Mail Us[email protected]
Menu
Amazon Discussions
exam questions

Exam AWS Certified DevOps Engineer - Professional DOP-C02 All Questions

View all questions & answers for the AWS Certified DevOps Engineer - Professional DOP-C02 exam
Go to Exam

Exam AWS Certified DevOps Engineer - Professional DOP-C02 topic 1 question 199 discussion

Exam question from Amazon's AWS Certified DevOps Engineer - Professional DOP-C02
Question #: 199
Topic #: 1
[All AWS Certified DevOps Engineer - Professional DOP-C02 Questions]

A company is migrating from its on-premises data center to AWS. The company currently uses a custom on-premises Cl/CD pipeline solution to build and package software.

The company wants its software packages and dependent public repositories to be available in AWS CodeArtifact to facilitate the creation of application-specific pipelines.

Which combination of steps should the company take to update the CI/CD pipeline solution and to configure CodeArtifact with the LEAST operational overhead? (Choose two.)

  • A. Update the C1ICD pipeline to create a VM image that contains newly packaged software. Use AWS Import/Export to make the VM image available as an Amazon EC2 AMI. Launch the AMI with an attached IAM instance profile that allows CodeArtifact actions. Use AWS CLI commands to publish the packages to a CodeArtifact repository.
  • B. Create an AWS Identity and Access Management Roles Anywhere trust anchor. Create an IAM role that allows CodeArtifact actions and that has a trust relationship on the trust anchor. Update the on-premises CI/CD pipeline to assume the new IAM role and to publish the packages to CodeArtifact.
  • C. Create a new Amazon S3 bucket. Generate a presigned URL that allows the PutObject request. Update the on-premises CI/CD pipeline to use the presigned URL to publish the packages from the on-premises location to the S3 bucket. Create an AWS Lambda function that runs when packages are created in the bucket through a put command. Configure the Lambda function to publish the packages to CodeArtifact.
  • D. For each public repository, create a CodeArutact repository that is configured with an external connection. Configure the dependent repositories as upstream public repositories.
  • E. Create a Codeartitact repository that is configured with a set of external connections to the public repositories. Configure the external connections to be downstream of the repository.
Show Suggested Answer Hide Answer
Suggested Answer: BD 🗳️
by Arnaud92 at Feb. 7, 2024, 1:18 p.m.
Disclaimers:
  • - ExamTopics website is not related to, affiliated with, endorsed or authorized by Amazon.
  • - Trademarks, certification & product names are used for reference only and belong to Amazon.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
thanhnv142
Highly Voted 10 months, 2 weeks ago
Selected Answer: BD
B and D are correct: <wants its software packages and dependent public repositories to be available in AWS CodeArtifact >: we need to push onprem artifact to CodeArtifact with IAM Anywhere Role and create an upstream for public repositories A: irrelevant B: correct C: irrelevant D: correct E: there is no downstream in CodeArtifact
upvoted 6 times
...
GripZA
Most Recent 2 months, 1 week ago
Selected Answer: BD
B: IAM Roles Anywhere lets workloads outside AWS (on‑prem servers, VMs, containers) exchange X.509 certificates for short‑lived AWS credentials (just like an EC2 role) D: a CodeArtifact external connection is a managed link to a public upstream, you only configure one external connection per repository—CodeArtifact handles mirroring and caching. you then create a second, “downstream” CodeArtifact repo (your private repo) and add the external‑connected repos as an upstream
upvoted 2 times
...
youonebe
6 months ago
Selected Answer: BD
AWS IAM Roles Anywhere is a feature that allows workloads running outside of AWS, such as on-premises servers, containers, and applications, to access AWS resources using temporary security credentials obtained by assuming an IAM role.
upvoted 1 times
...
dkp
8 months, 2 weeks ago
Selected Answer: BD
ANS B&D
upvoted 2 times
...
DanShone
9 months, 2 weeks ago
Selected Answer: BD
B & D B - https://docs.aws.amazon.com/rolesanywhere/latest/userguide/getting-started.html D - Best practice for external connections is to have one repository per domain with an external connection to a given public repository.
upvoted 4 times
...
Ramdi1
10 months, 3 weeks ago
Selected Answer: BD
B & D The other options have drawbacks: A: Complex setup: Requires VM image creation, import, and AMI launching, adding unnecessary complexity. Security concerns: Using EC2 instances might introduce security risks compared to IAM roles. Inefficient publishing: Relies on manual CLI commands for publishing, less automated than other options.
upvoted 3 times
Ramdi1
10 months, 3 weeks ago
B: Minimal infrastructure: Only requires an IAM role and trust anchor setup in AWS, without creating additional resources like VMs or S3 buckets. Secure access: Leverages IAM for secure communication between the on-premises pipeline and CodeArtifact. Direct publishing: Enables direct package publishing from the pipeline to CodeArtifact.   D: Centralized management: Manages public repositories through a single CodeArtifact repository with external connections. Automatic updates: Upstream repository changes are automatically reflected in CodeArtifact. Reduced bandwidth: Packages stored in public repositories, minimizing data transfer to AWS.
upvoted 1 times
...
...
vortegon
10 months, 3 weeks ago
Selected Answer: BD
https://www.pulumi.com/ai/answers/bddaepm6EeuDs9du1MVtC8/aws-codeartifact-and-iam-roles-setup
upvoted 2 times
...
Arnaud92
10 months, 3 weeks ago
Selected Answer: AD
D. In CodeArtifact, the intended way to use external connections is to have one repository per domain with an external connection to a given public repository. A. Using aws codeartifact with rolesanywhere is the LEAST operational overhead => https://www.pulumi.com/ai/answers/bddaepm6EeuDs9du1MVtC8/aws-codeartifact-and-iam-roles-setup
upvoted 1 times
Arnaud92
10 months, 3 weeks ago
I meant B :-) (not A)
upvoted 1 times
...
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel