ExamTopics Logo
Mail Us[email protected]
Menu
Amazon Discussions
exam questions

Exam AWS Certified DevOps Engineer - Professional DOP-C02 All Questions

View all questions & answers for the AWS Certified DevOps Engineer - Professional DOP-C02 exam
Go to Exam

Exam AWS Certified DevOps Engineer - Professional DOP-C02 topic 1 question 244 discussion

Exam question from Amazon's AWS Certified DevOps Engineer - Professional DOP-C02
Question #: 244
Topic #: 1
[All AWS Certified DevOps Engineer - Professional DOP-C02 Questions]

A DevOps engineer is building the infrastructure for an application. The application needs to run on an Amazon Elastic Kubernetes Service (Amazon EKS) cluster that includes Amazon EC2 instances. The EC2 instances need to use an Amazon Elastic File System (Amazon EFS) file system as a storage backend. The Amazon EFS Container Storage Interface (CSI) driver is installed on the EKS cluster.

When the DevOps engineer starts the application, the EC2 instances do not mount the EFS file system.

Which solutions will fix the problem? (Choose three.)

  • A. Switch the EKS nodes from Amazon EC2 to AWS Fargate.
  • B. Add an inbound rule to the EFS file system’s security group to allow NFS traffic from the EKS cluster.
  • C. Create an IAM role that allows the Amazon EFS CSI driver to interact with the file system
  • D. Set up AWS DataSync to configure file transfer between the EFS file system and the EKS nodes.
  • E. Create a mount target for the EFS file system in the subnet of the EKS nodes.
  • F. Disable encryption or the EFS file system.
Show Suggested Answer Hide Answer
Suggested Answer: BCE 🗳️
by KaranNishad at June 29, 2024, 2:48 p.m.
Disclaimers:
  • - ExamTopics website is not related to, affiliated with, endorsed or authorized by Amazon.
  • - Trademarks, certification & product names are used for reference only and belong to Amazon.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
jamesf
9 months, 1 week ago
Selected Answer: BCE
B: The EFS file system’s security group must allow inbound traffic on the NFS port (2049) from the EC2 instances in the EKS cluster. Without this rule, the EC2 instances won't be able to communicate with the EFS file system. C: The EFS CSI driver needs permissions to interact with the EFS file system. This involves creating an IAM role with the necessary permissions and associating it with the EFS CSI driver. E: EFS requires a mount target in each subnet where the EC2 instances reside. This mount target facilitates the network connectivity between the EFS file system and the EC2 instances.
upvoted 3 times
jamesf
9 months, 1 week ago
Why Not for options below, Not A: Switching from EC2 to AWS Fargate would not directly address the issue with EFS mounting. AWS Fargate does not support mounting EFS file systems natively. Not D: AWS DataSync is used for data transfer tasks and is not required for mounting EFS file systems in EKS. It is not relevant to solving the problem of mounting EFS. Not F: Disabling encryption is not necessary and might compromise security. Encryption of EFS file systems should not interfere with mounting unless there is a configuration issue, which is unlikely to be resolved by disabling encryption.
upvoted 1 times
...
...
tgv
9 months, 2 weeks ago
Selected Answer: BCE
---> B C E
upvoted 2 times
...
trungtd
9 months, 3 weeks ago
Selected Answer: BCE
B. EFS file system’s security group must allow inbound NFS traffic (typically on port 2049) from the security group or IP range of the EKS cluster nodes. C. Ensure that the EFS CSI driver has the necessary IAM permissions to interact with the EFS file system, such as "elasticfilesystem:DescribeFileSystems", "elasticfilesystem:DescribeMountTargets", and other relevant permissions.
upvoted 2 times
...
KaranNishad
10 months, 1 week ago
Selected Answer: BCE
So, the correct solutions are: B. Add an inbound rule to the EFS file system’s security group to allow NFS traffic from the EKS cluster. C. Create an IAM role that allows the Amazon EFS CSI driver to interact with the file system. E. Create a mount target for the EFS file system in the subnet of the EKS nodes.
upvoted 3 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago