ExamTopics Logo
Mail Us[email protected]
Menu
Amazon Discussions
exam questions

Exam AWS DevOps Engineer Professional All Questions

View all questions & answers for the AWS DevOps Engineer Professional exam
Go to Exam

Exam AWS DevOps Engineer Professional topic 1 question 75 discussion

Exam question from Amazon's AWS DevOps Engineer Professional
Question #: 75
Topic #: 1
[All AWS DevOps Engineer Professional Questions]

A company is using AWS Organizations to create separate AWS accounts for each of its departments. The company needs to automate the following tasks:
✑ Update the Linux AMIs with new patches periodically and generate a golden image
✑ Install a new version of Chef agents in the golden image, if available
✑ Provide the newly generated AMIs to the department's accounts
Which solution meets these requirements with the LEAST management overhead?

  • A. Write a script to launch an Amazon EC2 instance from the previous golden image. Apply the patch updates. Install the new version of the Chef agent, generate a new golden image, and then modify the AMI permissions to share only the new image with the department's accounts.
  • B. Use Amazon EC2 Image Builder to create an image pipeline that consists of the base Linux AMI and components to install the Chef agent. Use AWS Resource Access Manager to share EC2 Image Builder images with the department's accounts.
  • C. Use an AWS Systems Manager Automation runbook to update the Linux AMI by using the previous image. Provide the URL for the script that will update the Chef agent. Use AWS Organizations to replace the previous golden image in the department's accounts.
  • D. Use Amazon EC2 Image Builder to create an image pipeline that consists of the base Linux AMI and components to install the Chef agent. Create a parameter in AWS Systems Manager Parameter Store to store the new AMI ID that can be referenced by the department's accounts.
Show Suggested Answer Hide Answer
Suggested Answer: B 🗳️
by ohcn at Sept. 1, 2022, 7 p.m.
Disclaimers:
  • - ExamTopics website is not related to, affiliated with, endorsed or authorized by Amazon.
  • - Trademarks, certification & product names are used for reference only and belong to Amazon.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
ericzaj
Highly Voted 2 years, 4 months ago
Selected Answer: B
B looks correct: https://docs.aws.amazon.com/imagebuilder/latest/userguide/manage-shared-resources.html
upvoted 6 times
...
MikeyJ
Highly Voted 2 years, 7 months ago
Selected Answer: B
EC2 Image Builder integrates with AWS Resource Access Manager (AWS RAM) to allow you to share certain resources with any AWS account or through AWS Organizations. EC2 Image Builder resources that can be shared are: Components Images Recipes https://docs.aws.amazon.com/imagebuilder/latest/userguide/manage-shared-resources.html
upvoted 6 times
...
Piccaso
Most Recent 2 years, 2 months ago
Selected Answer: A
A satisfies the demanding of "LEAST management overhead".
upvoted 2 times
fartosh
2 years, 2 months ago
How does a custom script satisfy the "least management overhead" scenario? This does not make any sense.
upvoted 2 times
...
...
Bulti
2 years, 3 months ago
Correct answer us B. RAM is used to share Image builder resources as well as images created by the ImageBuilder pipeline.
upvoted 2 times
...
saggy4
2 years, 4 months ago
Selected Answer: B
People struggling with B and D. I would go for B. Though D seems a very good option the answer does not mention anything about how to share the Parameter Store with other accounts.
upvoted 5 times
...
alinato
2 years, 5 months ago
Selected Answer: D
I would go with D as it does not require anyone to change AMI Id after it has been updated. Having tons of CloudFormation templates, parameter store approach looks to have least overhead
upvoted 3 times
neta1o
2 years, 5 months ago
I like D as well but I'm not sure how the other accounts would access the AMI's if they aren't shared in some way. For that reason I'm leaning toward B for now. But if D mentioned the sharing I think D would be a better overall solution.
upvoted 2 times
...
...
ohcn
2 years, 8 months ago
Selected Answer: B
B - EC2 Image Builder allows you to create a pipeline which turns into least management overhead. https://docs.aws.amazon.com/imagebuilder/latest/userguide/what-is-image-builder.html "The images you build are created in your account and you can configure them for operating system patches on an ongoing basis." RAM helps you to share accross organizations and accounts. https://docs.aws.amazon.com/imagebuilder/latest/userguide/manage-shared-resources.html
upvoted 3 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago