DevOps Engineer Professional (Page 9)

A DevOps engineer is tasked with creating a more stable deployment solution for a web application in AWS.Previous deployments have resulted in user-facing bugs, premature user traffic, and inconsistencies between web servers running behind an Application Load Balancer.The current strategy uses AWS CodeCommit to store the code for the application.When developers push to the main branch of the repository, CodeCommit triggers an AWS Lambda deploy function, which invokes an AWS Systems Manager run command to build and deploy the new code to all Amazon EC2 instances.Which combination of actions should be taken to implement a more stable deployment solution? (Choose two.)Read More →

A software-as-a-service (SaaS) company is using AWS Elastic Beanstalk to deploy its primary .NET application.The Elastic Beanstalk environment is configured to use Amazon EC2 Auto Scaling and Elastic Load Balancing (ELB) for its underlying Amazon EC2 instances.The company is experiencing incidents in which EC2 instances are marked unhealthy and are terminated by Auto Scaling groups after a failed ELB health check.The company’s DevOps team must build a solution that will notify the operations team whenever an Auto Scaling group terminates EC2 instances for any existing client environments.What should the DevOps team do to meet this requirement?Read More →

A company has a single developer writing code for an automated deployment pipeline.The developer is storing source code in an Amazon S3 bucket for each project.The company wants to add more developers to the team but is concerned about code conflicts and lost work.The company also wants to build a test environment to deploy newer versions of code for testing and allow developers to automatically deploy to both environments when code is changed in the repository.What is the MOST efficient way to meet these requirements?Read More →

A company grants external users access to its AWS account by creating an IAM user for each external user.A DevOps engineer must implement a solution to revoke access from IAM users that have not accessed the account in 90 days.Which solution will meet these requirements?Read More →

A company has provided an externally hosted third-party vendor product with access to the company’s AWS account.The vendor product performs various AWS actions in the AWS account and requires various IAM permissions.The company granted the access by creating an IAM user, associating IAM policies and inserting the IAM user credentials into the vendor product.A security review reveals that the vendor’s access is overly permissive.The company wants to apply the principle of least privilege and wants to continue giving the vendor permissions to perform only the actions that the vendor has performed in the last 6 months.Which solution will meet these requirements with the LEAST effort?Read More →

A company has multiple child accounts that are part of an organization in AWS Organizations.The security team needs to review every Amazon EC2 security group and their inbound and outbound rules.The security team wants to programmatically retrieve this information from the child accounts using an AWS Lambda function in the management account of the organization.Which combination of access changes will meet these requirements? (Choose three.)Read More →

A company has developed a static website hosted on an Amazon S3 bucket.The website is deployed using AWS CloudFormation.The Cloud Formation template defines an S3 bucket and a custom resource that copies content into the bucket from a source location.The company has decided that it needs to move the website to a new location, so the existing CloudFormation stack must be deleted and re-created.However, CloudFormation reports that the stack could not be deleted cleanly.What is the MOST likely cause and how can the DevOps engineer mitigate this problem for this and future versions of the website?Read More →

A company is implementing an Amazon Elastic Container Service (Amazon ECS) cluster to run its workload.The company architecture will run multiple ECS services on the cluster.The architecture includes an Application Load Balancer on the front end and uses multiple target groups to route traffic.A DevOps engineer must collect application and access logs.The DevOps engineer then needs to send the logs to an Amazon S3 bucket for near-real-time analysis.Which combination of steps must the DevOps engineer take to meet these requirements? (Choose three.)Read More →

A company is using AWS Organizations to create separate AWS accounts for each of its departments.The company needs to automate the following tasks:✑ Update the Linux AMIs with new patches periodically and generate a golden image✑ Install a new version of Chef agents in the golden image, if available✑ Provide the newly generated AMIs to the department’s accountsWhich solution meets these requirements with the LEAST management overhead?Read More →

A company is using AWS Database Migration Service (AWS DMS) to replicate data from a source database in a data center to a target Amazon Aurora PostgreSQL database.The company has created a DMS replication task with change data capture (CDC).The replication instance sometimes gets interrupted and affects critical functionality.The company must improve the replication instance’s resiliency and receive notifications about interruptions.Which solution will meet these requirements with the LEAST operational overhead?Read More →