DOP-C02 Exam Dumps : AWS Certified DevOps Engineer - Professional

(A) Use ECR replication to keep images synchronized between Regions, minimizing CI/CD pipeline changes.

(C) DynamoDB global tables allow multi-Region replication and provide local read/write access, so tasks should interact with the DynamoDB replica in their Region.

(D) Use S3 cross-Region replication or separate buckets with replication; tasks access the bucket in the same Region for latency and data sovereignty.

(B) Using DynamoDB global table but pointing tasks to only one Region reduces resilience.

(E) S3 Multi-Region Access Points are newer but add complexity and are not required for minimal changes.

(F) Managing CI/CD pipeline for multiple Regions and failover routing adds complexity beyond minimal changes.

Update the status of the affected CodeArtifact package version to deleted:

Deleting the vulnerable package version prevents it from being available for download by any users or systems, ensuring that the compromised version is not consumed.

Update the CodeArtifact package origin control settings to allow direct publishing and to block upstream operations:

By allowing direct publishing, the security team can publish the patched version of the package directly to the CodeArtifact repository.

Blocking upstream operations prevents the repository from automatically fetching and serving the vulnerable package version from upstream public repositories.

By deleting the vulnerable version and configuring the origin control settings to allow direct publishing and block upstream operations, the company ensures that only the patched version is available and the vulnerable version cannot be downloaded.

Step 1: Reacting to CloudFormation Stack Events with EventBridgeAWS CloudFormation emits events during the lifecycle of a stack, including the UPDATE_COMPLETE event after a successful stack update. You can use Amazon EventBridge to detect this event and trigger a specific action (such as invoking a Lambda function).

Action: Create an EventBridge rule that listens for the UPDATE_COMPLETE event for the CloudFormation stack.

Why: EventBridge allows you to automatically detect CloudFormation stack lifecycle events and take action based on them.

Step 2: Invoking the Lambda FunctionAfter the EventBridge rule detects the UPDATE_COMPLETE event, it can invoke the pre-configured Lambda function to apply or update the tag on the specific CloudFormation stack instance.

Action: Configure the EventBridge rule to invoke the Lambda function when the UPDATE_COMPLETE event occurs.

Why: This automation ensures that the tag is applied immediately after a successful stack update without any manual intervention.