DOP-C02 Exam Dumps - Amazon Web Services AWS Certified Professional Questions and Answers

The correct approach to meet the requirements for separate environment pipelines and automatic deployment for test environments is to create two AWS CodePipeline configurations, one for each environment. The production pipeline should have a manual approval step to ensure that changes are reviewed before being deployed to production. A single AWS CodeCommit repository with separate branches for each environment allows for organized and efficient code management. Each CodePipeline retrieves the source code from the appropriate branch in the repository. The deployment step utilizes AWS CloudFormation to deploy the Lambda functions, ensuring that the infrastructure as code is maintained and version-controlled.

AWS Lambda with Amazon API Gateway: Using AWS Lambda with Amazon API Gateway

Tutorial on using Lambda with API Gateway: Tutorial: Using Lambda with API Gateway

AWS CodePipeline automatic deployment: Set Up a Continuous Deployment Pipeline Using AWS CodePipeline

Building a pipeline for test and production stacks: Walkthrough: Building a pipeline for test and production stacks

To implement a control that requires the use of IMDSv2 on all EC2 instances in the account, the DevOps engineer can use a permissions boundary. A permissions boundary is a policy that defines the maximum permissions that an IAM entity can have. The DevOps engineer can create a permissions boundary that prevents the ec2:RunInstance action if the ec2:MetadataHttpTokens condition key is not set to a value of required. This condition key enforces the use of IMDSv2 on EC2 instances. The DevOps engineer can attach the permissions boundary to the IAM role that was used to launch the instance. This way, any attempt to launch an EC2 instance without using IMDSv2 will be denied by the permissions boundary.

The core problem described is deployment inconsistency and lack of reliability caused by using AWS Systems Manager Run Command for application deployment. Run Command executes ad hoc commands and does not provide deployment orchestration, version tracking, lifecycle hooks, or health-based traffic control, which commonly leads to drift between EC2 instances.

The most reliable AWS-native solution is to adopt AWS CodePipeline combined with AWS CodeDeploy . Option B introduces a structured CI/CD pipeline with a clear build stage followed by a test stage , ensuring that only tested artifacts progress to deployment. Sequential build and test stages are preferred for reliability and deterministic behavior, especially when test results must gate deployments.

Option C is essential because AWS CodeDeploy is the service specifically designed to deploy application revisions consistently across EC2 fleets. By creating a CodeDeploy application and deployment group and integrating it with the ALB, deployments gain support for lifecycle events, health checks, instance synchronization, and automatic rollback. This ensures that all EC2 instances receive the same application version and that traffic is managed safely during deployments.

Option A introduces unnecessary parallelism that does not address the core issue. Option D adds excessive complexity with Lambda orchestration. Option E incorrectly replaces CodeArtifact with S3 without addressing deployment reliability.

Therefore, combining CodePipeline (B) with CodeDeploy and ALB integration (C) provides consistent, repeatable, and reliable deployments aligned with AWS best practices.

https://docs.aws.amazon.com/codedeploy/latest/userguide/reference-appspec-file-structure-hooks.html

https://aws.amazon.com/about-aws/whats-new/2020/02/aws-cloudformation-stacksets-introduces-automatic-deployments-across-accounts-and-regions-through-aws-organizations/

 The correct solution is to create a new assertion safety rule in Route 53 ARC and apply it to the two routing controls. An assertion safety rule is a type of safety rule that ensures that a minimum number of routing controls are always enabled. The ATLEAST type of assertion safety rule specifies the minimum number of routing controls that must be enabled for the rule to evaluate as healthy. By setting the threshold to 1, the rule ensures that at least one routing control is always turned on. This prevents the scenario where both routing controls are accidentally turned off and the application becomes unavailable in both Regions.

The other solutions are incorrect because they do not use safety rules to prevent both routing controls from being turned off. A gating safety rule is a type of safety rule that prevents routing control state changes that violate the rule logic. The OR type of gating safety rule specifies that one or more routing controls must be enabled for the rule to evaluate as healthy. However, this rule does not prevent a user from turning off both routing controls manually. A resource set is a collection of resources that are tested for readiness by Route 53 ARC. A readiness check is a test that verifies that all the resources in a resource set are operational. However, these concepts are not related to routing control states or safety rules. Therefore, creating a new resource set and a new readiness check will not ensure that at least one routing control is turned on at all times. References:

Routing control in Amazon Route 53 Application Recovery Controller

Viewing and updating routing control states in Route 53 ARC

Creating a control panel in Route 53 ARC

Creating safety rules in Route 53 ARC

To allow an EC2 instance to access CodeArtifact, an IAM role attached via an instance profile must be granted permissions to access the CodeArtifact repository. The EC2 instance assumes this role.

The instance then uses the AWS CLI command aws codeartifact login to authenticate and configure the package manager (e.g., pip) to use the CodeArtifact repository. This command obtains an authorization token and sets up repository credentials securely on the instance.

Service-linked roles (Option A) are managed by AWS services, not used for instance access. CodeArtifact does not support ACLs (Option C), and resource-based policies (Option B) do not grant access to EC2 instances by principal.

This method is standard for securely managing credentials and access to CodeArtifact in automated deployments.

Exporting logs using CloudWatch subscription filters + Firehose → S3 enables long-term archival. S3 lifecycle transitions optimize cost with Standard-IA (low-latency) and Deep Archive (long-term retention). This matches AWS best practice for cost-effective log retention.

S3 RTC ensures ≤15-min replication SLA.

Multi-Region Access Point (MRAP) simplifies active-passive replication access.

SubmitMultiRegionAccessPointRoutes API manages routing changes during failover. This configuration follows AWS DR best practices for S3 active/passive architectures.

Option A is incorrect because setting the deployment configuration to LambdaAllAtOnce means that the new version of the application will be deployed to all Lambda functions at once, affecting all customers. This does not meet the requirement of affecting the fewest customers possible. Moreover, configuring automatic rollbacks on the deployment group is not operationally efficient, as it requires manual intervention to fix the errors and redeploy the application.

Option B is correct because setting the deployment configuration to LambdaCanary10Percent10Minutes means that the new version of the application will be deployed to 10 percent of the Lambda functions first, and then to the remaining 90 percent after 10 minutes. This minimizes the impact of errors on customers, as only 10 percent of them will be affected by a faulty deployment. Configuring automatic rollbacks on the deployment group also meets the requirement of reverting to the most recent stable version of the application when an error is detected. Creating a CloudWatch alarm that detects HTTP Bad Gateway errors on API Gateway is a valid way to monitor the health of the application and trigger a rollback if needed.

Option C is incorrect because setting the deployment configuration to LambdaAllAtOnce means that the new version of the application will be deployed to all Lambda functions at once, affecting all customers. This does not meet the requirement of affecting the fewest customers possible. Moreover, configuring manual rollbacks on the deployment group is not operationally efficient, as it requires human intervention to stop the current deployment and start a new one. Creating an SNS topic to send notifications every time a deployment fails is not sufficient to detect errors in the application, as it does not monitor the API Gateway responses.

Option D is incorrect because configuring manual rollbacks on the deployment group is not operationally efficient, as it requires human intervention to stop the current deployment and start a new one. Creating a metric filter on a CloudWatch log group for API Gateway to monitor HTTP Bad Gateway errors is a valid way to monitor the health of the application, but invoking a new Lambda function to perform a rollback is unnecessary and complex, as CodeDeploy already provides automatic rollback functionality.