DOP-C02 Exam Dumps - Amazon Web Services AWS Certified Professional Questions and Answers

The correct answer is D. The scenario requires a solution that can migrate an application from on premises to AWS, run on specific versions of Apache Tomcat, HAProxy, and Varnish Cache, tune the operating system-level parameters, automate the deployment of new application versions, and scale and replace faulty servers automatically. Option D meets all these requirements by using AWS CodeCommit, AWS CodeDeploy, AWS CodePipeline, and Amazon EC2 Auto Scaling. AWS CodeCommit is a fully managed source control service that hosts Git repositories and works with Git-based tools. AWS CodeDeploy is a fully managed deployment service that automates software deployments to a variety of compute services, including Amazon EC2, AWS Fargate, AWS Lambda, and on-premises servers. AWS CodePipeline is a fully managed continuous delivery service that helps automate the release pipelines for fast and reliable application updates. Amazon EC2 Auto Scaling helps maintain application availability and allows scaling of Amazon EC2 capacity up or down automatically according to the defined conditions. By using these services together, the DevOps engineer can migrate the application code to AWS, configure and install the necessary software using the appspec.yml file, automate the deployment process using the pipeline, and scale and replace the servers using the Auto Scaling group.

Option A is incorrect because AWS Fargate is a serverless compute engine for containers that works with Amazon ECS and Amazon EKS. Fargate removes the need to provision and manage servers, but it also limits the ability to tune the operating system-level parameters, which is a requirement in the scenario. Moreover, Fargate does not support HAProxy and Varnish Cache as sidecar containers, which are needed to run the application properly.

Option B is incorrect because AWS Elastic Beanstalk is a fully managed service that automates the deployment and scaling of web applications and services using familiar servers such as Apache, Nginx, Passenger, and IIS. However, Elastic Beanstalk does not support HAProxy and Varnish Cache as part of the Tomcat solution stack, which are needed to run the application properly. Moreover, Elastic Beanstalk web server tier environments are designed to serve HTTP requests, not to process background tasks, which is the purpose of worker tier environments.

Option C is incorrect because AWS Elastic Beanstalk worker tier environments are designed to process background tasks using a daemon process that runs on each Amazon EC2 instance in the environment. Worker tier environments are not suitable for running web applications that serve HTTP requests, which is the case in the scenario. Moreover, Elastic Beanstalk does not support HAProxy and Varnish Cache as part of the Tomcat solution stack, which are needed to run the application properly.

AWS CodeCommit

AWS CodeDeploy

AWS CodePipeline

Amazon EC2 Auto Scaling

AWS Fargate

AWS Elastic Beanstalk

This solution will meet the requirements because it will use a rolling restart to gradually replace the EC2 instances in the green environment with new instances that have the new software version installed. A rolling restart is a process that terminates and launches instances in batches, ensuring that there is always a minimum number of healthy instances in service. This way, the green environment can be updated without affecting the availability or performance of the application. When the rolling restart is complete, the DevOps engineer can use an AWS CLI command to modify the listener rules of the ALB and change the default action to forward traffic to the green environment’s target group. This will switch the traffic from the blue environment to the green environment all at once, as required by the question.

Apply SCPs for Region and service restriction. Use CloudFormation StackSets to consistently deploy IAM roles with trust policies for SSO/AD integration. This model enforces governance uniformly across all accounts per AWS multi-account best practices.

To scale microservice Pods based on CPU utilization, the Kubernetes Horizontal Pod Autoscaler (HPA) uses the Kubernetes Metrics Server to monitor resource usage and automatically adjusts the number of Pods. However, scaling Pods may require additional nodes if the current node capacity is insufficient.

The Cluster Autoscaler works with EKS managed node groups to add or remove worker nodes based on pending Pod requirements and resource usage.

By deploying both HPA and Cluster Autoscaler, the system can automatically scale Pods and add nodes as necessary, ensuring efficient resource utilization and availability.

Configuring the Cluster Autoscaler with auto-discovery allows it to manage node groups without manual intervention, reducing operational effort.

Option A only scales nodes based on node CPU utilization, not Pods.

Option B uses VPA recommender mode, which only suggests resource changes and does not scale automatically.

Option C involves manual updates and is not automated scaling. Therefore, option D provides the most operationally efficient, fully automated scaling solution.

Reference from AWS Official Documentation:

Kubernetes Horizontal Pod Autoscaler: " HPA automatically scales the number of Pods based on observed CPU utilization or other metrics. " (Kubernetes HPA)

Cluster Autoscaler on Amazon EKS: " The Cluster Autoscaler automatically adjusts the size of the Kubernetes cluster when there are Pods that fail to run due to insufficient resources or when nodes in the cluster are underutilized. " (AWS EKS Cluster Autoscaler)

The company needs multi-Region data persistence with immediate propagation and minimal operational overhead. For S3, the correct mechanism is S3 replication (Cross-Region Replication or Same-Region Replication), which continuously and asynchronously replicates new objects as they are written. Configuring two-way replication between the primary and secondary Region buckets ensures that objects written in either Region are replicated to the other automatically without custom code.

For DynamoDB, the native solution for multi-Region replication is DynamoDB global tables . Global tables provide multi-master, multi-Region replication with low-latency reads and writes in each Region and automatic propagation of changes. Converting existing tables into global tables and adding the secondary Region as a replica gives immediate, managed cross-Region replication with minimal maintenance.

Option A combines these two fully managed features: two-way S3 replication and DynamoDB global tables. This yields the highest operational efficiency.

Options B, C, and D rely on S3 Batch Operations or DynamoDB Streams + Lambda to manually copy data cross-Region. These approaches add complexity, custom code, and operational risk, and they are less suitable when AWS provides managed replication mechanisms specifically designed for this purpose.

Therefore, Option A is the correct and most efficient solution.

https://repost.aws/knowledge-center/cloudformation-update-rollback-failed If your stack is stuck in the UPDATE_ROLLBACK_FAILED state after a failed update, then the only actions that you can perform on the stack are the ContinueUpdateRollback or DeleteStack operations.

To meet the requirements of failover and disaster recovery, the company should use the following deployment strategies:

Create an Amazon Aurora global database in two AWS Regions as the data store. In the event of a failure, promote the secondary Region to the primary for the application. Update the application to use the Aurora cluster endpoint in the secondary Region. This strategy can provide a low RPO and RTO for the data, as Aurora global database replicates data with minimal latency across Regions and allows fast and easy failover12. The company can use the Amazon Aurora cluster endpoint to connect to the current primary DB cluster without needing to change any application code1.

Set up the application in two AWS Regions. Configure AWS Global Accelerator to point to Application Load Balancers (ALBs) in both Regions. Add both ALBs to a single endpoint group. Use health checks and Auto Scaling groups in each Region. This strategy can provide high availability and performance for the application, as AWS Global Accelerator uses the AWS global network to route traffic to the closest healthy endpoint3. The company can also use static IP addresses that are assigned by Global Accelerator as a fixed entry point for their application1. By using health checks and Auto Scaling groups, the company can ensure that their application can scale up or down based on demand and handle any instance failures4.

The other options are incorrect because:

Creating an Amazon Aurora Single-AZ cluster in multiple AWS Regions as the data store would not provide a fast failover or disaster recovery solution, as the company would need to manually restore data from backups or snapshots in another Region in case of a failure.

Creating an Amazon Aurora cluster in multiple AWS Regions as the data store and using a Network Load Balancer to balance the database traffic in different Regions would not work, as Network Load Balancers do not support cross-Region routing. Moreover, this strategy would not provide a consistent view of the data across Regions, as Aurora clusters do not replicate data automatically between Regions unless they are part of a global database.

Setting up the application in two AWS Regions and using Amazon Route 53 failover routing that points to Application Load Balancers in both Regions would not provide a low RTO, as Route 53 failover routing relies on DNS resolution, which can take time to propagate changes across different DNS servers and clients. Moreover, this strategy would not provide deterministic routing, as Route 53 failover routing depends on DNS caching behavior, which can vary depending on different factors.