Exam AWS DevOps Engineer Professional topic 1 question 25 discussion

I'll go with A When you create a pipeline from CodePipeline during the step-by-step it creates a CloudWatch Event rule for a given branch and repo like this: { "source": [ "aws.codecommit" ], "detail-type": [ "CodeCommit Repository State Change" ], "resources": [ "arn:aws:codecommit:us-east-1:xxxxx:repo-name" ], "detail": { "event": [ "referenceCreated", "referenceUpdated" ], "referenceType": [ "branch" ], "referenceName": [ "master" ] } }

A https://docs.aws.amazon.com/codepipeline/latest/userguide/pipelines-trigger-source-repo-changes-console.html

I'll go with B it's necessary for codepipeline to have codecommit permissions while it's not necessary to depend on a rule to start a pipeline

it is not necessary to create an Amazon CloudWatch Events rule specifically for triggering the pipeline in this scenario. The CodePipeline can be set up to directly monitor the CodeCommit repository for changes without the need for an additional CloudWatch Events rule. Creating an Amazon CloudWatch Events rule is typically required when you want to trigger an action based on events occurring in AWS services. However, in this case, CodePipeline is already integrated with CodeCommit and can directly monitor the repository for changes without the need for an additional CloudWatch Events rule. When you set up an AWS CodePipeline, the pipeline's execution events and logs are automatically sent to Amazon CloudWatch Logs. CodePipeline integrates with CloudWatch Logs to capture and store the logs for pipeline executions.

Since the pipeline is triggered by changes in the remote master branch, an Amazon CloudWatch Events rule must be created for the branch to trigger the pipeline. Therefore, the first step in troubleshooting the issue should be to check that an Amazon CloudWatch Events rule has been created for the master branch to trigger the pipeline.

C was excluded in the first round. The developer's IAM role's permission should not be related. D looks unrelated. B is weird.

Answer A is correct.

A: https://docs.aws.amazon.com/codepipeline/latest/userguide/triggering.html at the begining I though it was B, but If it were a permission problem you might have had an error pointing to it.

"the pipeline had no reaction" => pipeline is not run, so BCD rule out

Both A & B are possible to have issue and need to check

I think B is also correct. As a pipeline trigger, it can be triggered by cloudwatch event, or it can periodically check the repository for update. If latter, then B is also correct.

A is correct B & C are wrong as developer is able to push the code that mean he has access. D is can be another option but it has not reaction means even logs are not generated

The question is asking what could be the possible cause of the problem. The answers are to check the things that is required to make the pipeline work. A CloudWatch Event can help in troubleshoot but it is not required to make it work, nor it can identify what is causing the problem. So I say B is more appropriate.

C Permissions required to use the CodeCommit console To allow users to use the CodeCommit console, the administrator must grant them permissions for CodeCommit actions. For example, you could attach the AWSCodeCommitPowerUser managed policy or its equivalent to a user or group. https://docs.aws.amazon.com/codecommit/latest/userguide/auth-and-access-control-iam-identity-based-access-control.html

Strange Question as no Context to troubleshoot. Sure A, but surely could be any number of other options as well ?

Ans is A

ans: A