ExamTopics Logo
Mail Us[email protected]
Menu
Amazon Discussions
exam questions

Exam AWS DevOps Engineer Professional All Questions

View all questions & answers for the AWS DevOps Engineer Professional exam
Go to Exam

Exam AWS DevOps Engineer Professional topic 1 question 135 discussion

Exam question from Amazon's AWS DevOps Engineer Professional
Question #: 135
Topic #: 1
[All AWS DevOps Engineer Professional Questions]

A company has a guideline that every Amazon EC2 instance must be launched from an AMI that the company's security team produces. Every month, the security team sends an email message with the latest approved AMIs to all the development teams.

The development teams use AWS CloudFormation to deploy their applications. When developers launch a new service, they have to search their email for the latest AMIs that the security department sent. A DevOps engineer wants to automate the process that the security team uses to provide the AMI IDs to the development teams.

What is the MOST scalable solution that meets these requirements?

  • A. Direct the security team to use CloudFormation to create new versions of the AMIs and to list the AMI ARNs in an encrypted Amazon S3 object as part of the stack's Outputs section. Instruct the developers to use a cross-stack reference to load the encrypted S3 object and obtain the most recent AMI ARNs.
  • B. Direct the security team to use a CloudFormation stack to create an AWS CodePipeline pipeline that builds new AMIs and places the latest AMI ARNs in an encrypted Amazon S3 object as part of the pipeline output. Instruct the developers to use a cross-stack reference within their own CloudFormation template to obtain the S3 object location and the most recent AMI ARNs.
  • C. Direct the security team to use Amazon EC2 Image Builder to create new AMIs and to place the AMI ARNs as parameters in AWS Systems Manager Parameter Store. Instruct the developers to specify a parameter of type SSM in their CloudFormation stack to obtain the most recent AMI ARNs from Parameter Store.
  • D. Direct the security team to use Amazon EC2 Image Builder to create new AMIs and to create an Amazon Simple Notification Service (Amazon SNS) topic so that every development team can receive notifications. When the development teams receive a notification, instruct them to write an AWS Lambda function that will update their CloudFormation stack with the most recent AMI ARNs.
Show Suggested Answer Hide Answer
Suggested Answer: C 🗳️
by SuriSagar at Dec. 23, 2022, 12:27 p.m.
Disclaimers:
  • - ExamTopics website is not related to, affiliated with, endorsed or authorized by Amazon.
  • - Trademarks, certification & product names are used for reference only and belong to Amazon.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
SuriSagar
Highly Voted 2 years, 4 months ago
In the question "When developer launches a new service" A parameter store can be used to dynamically get new AMI ID's Answer is C
upvoted 9 times
...
Imstack
Highly Voted 2 years, 4 months ago
c is the answer
upvoted 6 times
...
Piccaso
Most Recent 2 years, 3 months ago
Selected Answer: D
C and D are better than A and B, because EC2 Image Builder is the correct tool to build AMI. D is more automated than C.
upvoted 1 times
Piccaso
2 years, 3 months ago
Since the IAM is created by security team, dynamic reference should not be used. There is another reason to eliminate C.
upvoted 1 times
...
...
DerekKey
2 years, 3 months ago
Selected Answer: C
C - correct - https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/dynamic-references.html
upvoted 2 times
...
TravisHk
2 years, 3 months ago
Selected Answer: C
C is the correct answer with this one
upvoted 1 times
...
Bulti
2 years, 3 months ago
C is the right answer.
upvoted 1 times
...
saggy4
2 years, 4 months ago
Selected Answer: C
D is wrong as it has too many manual steps and hassles C is correct
upvoted 5 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago