Question 2

Question

A company uses an AWS CodeArtifact repository to store Python packages that the company
developed internally. A DevOps engineer needs to use AWS CodeDeploy to deploy an application to
an Amazon EC2 instance. The application uses a Python package that is stored in the CodeArtifact
repository. A BeforeInstall lifecycle event hook will install the package.
The DevOps engineer needs to grant the EC2 instance access to the CodeArtifact repository.
Which solution will meet this requirement?

Accepted Answer

Create an instance profile that contains an IAM role that has access to CodeArtifact. Associate the
instance profile with the EC2 instance. Use the aws codeartifact login CLI command on the instance.

Neha U. · Answer

Option D again with more AWS hoops to jump through just for package access, but that's their typical stance.

SeasonedOps3126 · Answer

D , that's the usual AWS playbook-instance profile with the needed IAM perms and then run aws codeartifact login on the EC2. Not seeing any scenario where C or B would actually apply here.

Jason D. · Answer

Probably D since you need an instance profile with the right IAM role for CodeArtifact. Resource-based policies (like B) don't let EC2 instances access like that. Not 100% but that's AWS's usual pattern here.

Taylor X. · Answer

B tbh, I remember seeing similar logic in some practice exams and the official guide. Official whitepapers are also worth reviewing.

Premium Access Includes

FLASH OFFER

avail 10% DISCOUNT on YOUR PURCHASE