Exam AWS Certified DevOps Engineer - Professional DOP-C02 All Questions

View all questions & answers for the AWS Certified DevOps Engineer - Professional DOP-C02 exam

Exam AWS Certified DevOps Engineer - Professional DOP-C02 topic 1 question 199 discussion

Exam question from Amazon's AWS Certified DevOps Engineer - Professional DOP-C02

Question #: 199
Topic #: 1

[All AWS Certified DevOps Engineer - Professional DOP-C02 Questions]

A company is migrating from its on-premises data center to AWS. The company currently uses a custom on-premises Cl/CD pipeline solution to build and package software.

The company wants its software packages and dependent public repositories to be available in AWS CodeArtifact to facilitate the creation of application-specific pipelines.

Which combination of steps should the company take to update the CI/CD pipeline solution and to configure CodeArtifact with the LEAST operational overhead? (Choose two.)

A. Update the C1ICD pipeline to create a VM image that contains newly packaged software. Use AWS Import/Export to make the VM image available as an Amazon EC2 AMI. Launch the AMI with an attached IAM instance profile that allows CodeArtifact actions. Use AWS CLI commands to publish the packages to a CodeArtifact repository.
B. Create an AWS Identity and Access Management Roles Anywhere trust anchor. Create an IAM role that allows CodeArtifact actions and that has a trust relationship on the trust anchor. Update the on-premises CI/CD pipeline to assume the new IAM role and to publish the packages to CodeArtifact.
C. Create a new Amazon S3 bucket. Generate a presigned URL that allows the PutObject request. Update the on-premises CI/CD pipeline to use the presigned URL to publish the packages from the on-premises location to the S3 bucket. Create an AWS Lambda function that runs when packages are created in the bucket through a put command. Configure the Lambda function to publish the packages to CodeArtifact.
D. For each public repository, create a CodeArutact repository that is configured with an external connection. Configure the dependent repositories as upstream public repositories.
E. Create a Codeartitact repository that is configured with a set of external connections to the public repositories. Configure the external connections to be downstream of the repository.

Show Suggested Answer

Suggested Answer: BD 🗳️

by Arnaud92 at Feb. 7, 2024, 1:18 p.m.

Disclaimers:

- ExamTopics website is not related to, affiliated with, endorsed or authorized by Amazon.
- Trademarks, certification & product names are used for reference only and belong to Amazon.

Comments

Submit Cancel

thanhnv142

Highly Voted 1 year ago

Selected Answer: BD

B and D are correct: <wants its software packages and dependent public repositories to be available in AWS CodeArtifact >: we need to push onprem artifact to CodeArtifact with IAM Anywhere Role and create an upstream for public repositories A: irrelevant B: correct C: irrelevant D: correct E: there is no downstream in CodeArtifact

upvoted 6 times

...

GripZA

Most Recent 4 months ago

Selected Answer: BD

B: IAM Roles Anywhere lets workloads outside AWS (on‑prem servers, VMs, containers) exchange X.509 certificates for short‑lived AWS credentials (just like an EC2 role) D: a CodeArtifact external connection is a managed link to a public upstream, you only configure one external connection per repository—CodeArtifact handles mirroring and caching. you then create a second, “downstream” CodeArtifact repo (your private repo) and add the external‑connected repos as an upstream

upvoted 2 times

...

youonebe

7 months, 4 weeks ago

Selected Answer: BD

AWS IAM Roles Anywhere is a feature that allows workloads running outside of AWS, such as on-premises servers, containers, and applications, to access AWS resources using temporary security credentials obtained by assuming an IAM role.

upvoted 1 times

...

dkp

10 months, 1 week ago

Selected Answer: BD

ANS B&D

upvoted 2 times

...

DanShone

11 months, 1 week ago

Selected Answer: BD

B & D B - https://docs.aws.amazon.com/rolesanywhere/latest/userguide/getting-started.html D - Best practice for external connections is to have one repository per domain with an external connection to a given public repository.

upvoted 4 times

...

Ramdi1

1 year ago

Selected Answer: BD

B & D The other options have drawbacks: A: Complex setup: Requires VM image creation, import, and AMI launching, adding unnecessary complexity. Security concerns: Using EC2 instances might introduce security risks compared to IAM roles. Inefficient publishing: Relies on manual CLI commands for publishing, less automated than other options.

upvoted 3 times

Ramdi1

1 year ago

B: Minimal infrastructure: Only requires an IAM role and trust anchor setup in AWS, without creating additional resources like VMs or S3 buckets. Secure access: Leverages IAM for secure communication between the on-premises pipeline and CodeArtifact. Direct publishing: Enables direct package publishing from the pipeline to CodeArtifact. D: Centralized management: Manages public repositories through a single CodeArtifact repository with external connections. Automatic updates: Upstream repository changes are automatically reflected in CodeArtifact. Reduced bandwidth: Packages stored in public repositories, minimizing data transfer to AWS.

upvoted 1 times

...

vortegon

1 year ago

Selected Answer: BD

https://www.pulumi.com/ai/answers/bddaepm6EeuDs9du1MVtC8/aws-codeartifact-and-iam-roles-setup

upvoted 2 times

...

Arnaud92

1 year ago

Selected Answer: AD

D. In CodeArtifact, the intended way to use external connections is to have one repository per domain with an external connection to a given public repository. A. Using aws codeartifact with rolesanywhere is the LEAST operational overhead => https://www.pulumi.com/ai/answers/bddaepm6EeuDs9du1MVtC8/aws-codeartifact-and-iam-roles-setup

upvoted 1 times

Arnaud92

1 year ago

I meant B :-) (not A)

upvoted 1 times

...