Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Amazon Exam DOP-C02 Topic 2 Question 45 Discussion

Actual exam question for Amazon's DOP-C02 exam
Question #: 45
Topic #: 2
[All DOP-C02 Questions]

A company wants to deploy a workload on several hundred Amazon EC2 instances. The company will provision the EC2 instances in an Auto Scaling group by using a launch template.

The workload will pull files from an Amazon S3 bucket, process the data, and put the results into a different S3 bucket. The EC2 instances must have least-privilege permissions and must use temporary security credentials.

Which combination of steps will meet these requirements? (Select TWO.)

Show Suggested Answer Hide Answer
Suggested Answer: B

* Modify the Build Stage to Add a Test Action with a RunOrder Value of 2:

The build stage in AWS CodePipeline can have multiple actions. By adding a test action with a runOrder value of 2, the test action will execute after the initial build action completes.

* Use AWS CodeBuild as the Action Provider to Run Unit Tests:

AWS CodeBuild is a fully managed build service that compiles source code, runs tests, and produces software packages.

Using CodeBuild to run unit tests ensures that the tests are executed in a controlled environment and that only the code changes that pass the unit tests proceed to the deploy stage.

Example configuration in CodePipeline:

{

'name': 'BuildStage',

'actions': [

{

'name': 'Build',

'actionTypeId': {

'category': 'Build',

'owner': 'AWS',

'provider': 'CodeBuild',

'version': '1'

},

'runOrder': 1

},

{

'name': 'Test',

'actionTypeId': {

'category': 'Test',

'owner': 'AWS',

'provider': 'CodeBuild',

'version': '1'

},

'runOrder': 2

}

]

}

By integrating the unit tests into the build stage and ensuring they run after the build process, the pipeline guarantees that only code changes passing all unit tests are deployed.


AWS CodePipeline

AWS CodeBuild

Using CodeBuild with CodePipeline

by Anthony at Mar 04, 2025, 10:57 AM

Limited Time Offer

25%

Off

Get Premium DOP-C02 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Lucina
3 days ago
Ah, the old 'let's create an IAM user and hardcode the credentials' trick. Classic move, but definitely not the right way to go here. Kudos to Rashad for catching that one!
upvoted 0 times
...
Rashad
6 days ago
I was about to choose options C and E, but then I realized that's a terrible idea. Hardcoding secret keys and tokens in the launch template is a huge security risk. Nope, nope, nope!
upvoted 0 times
...
Nakisha
9 days ago
I agree with Lasandra. The IAM role and instance profile approach is the recommended way to handle this scenario. Temporary security credentials are the way to go.
upvoted 0 times
...
Lasandra
20 days ago
Options A and B seem like the right choice here. Using an IAM role with the appropriate permissions and attaching it to the instance profile is the best way to manage the security credentials.
upvoted 0 times
...
Roy
29 days ago
Updating the launch template to include the IAM instance profile is also important.
upvoted 0 times
...
Oliva
30 days ago
Yes, and we should add that IAM role to the instance profile.
upvoted 0 times
...
Reuben
1 months ago
I think we need to create an IAM role for S3 permissions.
upvoted 0 times
...

Save Cancel