DOP-C02 Exam Dumps : AWS Certified DevOps Engineer - Professional

Step 1: Reducing Replication Lag in Aurora Global DatabasesIn Amazon Aurora global databases, write operations on the primary cluster can be delayed due to the time it takes to replicate to secondary clusters, especially when there are multiple secondary regions involved.

Issue: The write operations are occasionally blocked due to the RPO setting, which guarantees replication within 60 seconds.

Action: Remove one of the secondary clusters from the global database.

Why: Fewer secondary clusters will reduce the overall replication lag, improving write performance and reducing the frequency of blocked writes.

Enable AWS Config Across the Organization:

AWS Config provides a detailed view of the configuration of AWS resources in your AWS account. It can be used to assess, audit, and evaluate the configurations of your resources.

Enabling AWS Config across the organization ensures that all accounts are monitored for compliance.

Create a Conformance Pack Using the approved-amis-by-id AWS Config Managed Rule:

A conformance pack is a collection of AWS Config rules and remediation actions that can be easily deployed across an organization.

The approved-amis-by-id managed rule checks whether running instances are using approved AMIs.

Deploy the Conformance Pack Across the Organization:

Deploying the conformance pack across the organization ensures that all accounts adhere to the policy of using only approved AMIs.

The conformance pack can be deployed via the AWS Management Console, CLI, or SDKs.

Configure the Rule to Run the AWS-StopEC2Instance AWS Systems Manager Automation Runbook for Non-Compliant EC2 Instances:

The AWS-StopEC2Instance runbook can be configured to automatically stop any EC2 instances that are found to be non-compliant (i.e., not using approved AMIs).

This remediation action ensures that any unauthorized instances are promptly stopped, enforcing the policy without manual intervention.

By following these steps, the solution ensures that all EC2 instances across the organization use approved AMIs, and any non-compliant instances are remediated automatically.

In CodePipeline’s execution mode,

PARALLEL mode for pull_request pipelines ensures that multiple feature branches can be tested simultaneously for quick feedback.

QUEUED mode for main_branch ensures deployments run sequentially — each must finish before the next begins, preventing overlap. This configuration aligns with AWS CodePipeline best practices for trunk-based development and concurrent test pipelines.