Free AWS DOP-C02 Actual Exam Questions - Question 5 Discussion
custom on-premises CI/CD pipeline solution to build and package software.
The company wants its software packages and dependent public repositories to be available in AWS
CodeArtifact to facilitate the creation of application-specific pipelines.
Which combination of steps should the company take to update the CI/CD pipeline solution and to
configure CodeArtifact with the LEAST operational overhead? (Select TWO.)
B/D for sure. B avoids managing long-term credentials by using IAM Roles Anywhere, and D simplifies dependency management with upstream connections. The other choices add unnecessary complexity or overhead.
This one feels like B and D. B makes sense because IAM Roles Anywhere lets the on-prem pipeline assume a role securely without managing long-lived creds, which reduces operational work. And D is the cleanest way to handle public repo dependencies by setting them as upstream connections in CodeArtifact, so you don’t have to manually sync or maintain them yourself. Other options add unnecessary steps or complexity, but B and D keep it simple and scalable.
I’m convinced B and D are the way to go here. B lets the on-prem pipeline safely assume an IAM role to push packages without juggling static credentials, which cuts down on manual overhead. And D nails the public repo part by setting up upstream repos in CodeArtifact, so you don’t have to manage multiple copies or complicated syncing. This combo feels clean and efficient compared to the other options that add unnecessary layers like S3 or Lambda triggers.
Not A, B is better since it lets the on-prem pipeline securely assume a role without creating images or extra VM overhead. Also, D is simpler for managing public dependencies with upstream repos than setting up multiple repos.
Makes sense to use B for secure access, and D to simplify public repo handling D
D imo makes the most sense for handling public repos since you can just set them as upstream in one place—no need to manage multiple repos separately. For the on-premises pipeline part, B is pretty straightforward because IAM Roles Anywhere lets you avoid managing long-term credentials, which really cuts down on operational overhead. The other options either introduce extra moving parts or seem more complex than necessary. So B and D together feel like the cleanest, least hands-on approach for migrating smoothly.
Maybe B and D. B lets the on-prem pipeline securely push packages using IAM Roles Anywhere, avoiding static creds. D handles public repos neatly by configuring upstream connections in CodeArtifact, reducing extra work.
B/D? Using IAM Roles Anywhere (B) seems like the cleanest way for the on-prem pipeline to authenticate with CodeArtifact without managing long-term credentials. Then setting up external connections on CodeArtifact repos (D) makes the dependent public repositories available without extra manual syncing. This combo should keep operational overhead low since you avoid extra Lambda or S3 steps and keep everything integrated. Options like C look more complicated with Lambda triggers, and A feels like overkill with VMs and AMIs just to upload packages.
B/C? B lets the on-prem pipeline authenticate cleanly without juggling keys, and C automates uploading packages via S3 and Lambda, cutting down manual steps. D seems good but might add more repos than needed.
Option B makes sense to let the on-prem CI/CD pipeline authenticate directly with CodeArtifact by assuming an IAM role, which is cleaner than managing keys or extra credentials. Option D stands out for handling public repos since setting up external connections as upstream repositories is straightforward and avoids duplicating dependencies manually. Together, these reduce overhead compared to building AMIs or adding complex Lambda triggers. The other options seem more convoluted for this use case.
B imo, and D for public repos setup. Less hassle that way.