Domain 2.1: Deployment Strategy

A development team wants to implement a CI/CD pipeline that deploys an application to Amazon ECS. The deployment must route 10% of traffic to the new version, monitor error rates for 5 minutes, and automatically rollback if errors exceed 1%. Which deployment strategy should be used?

A development team uses AWS CDK to define their infrastructure. They need to deploy the infrastructure across three different AWS accounts (Dev, Test, Prod) from a central CI/CD account. How should they configure the permissions for this cross-account deployment?

A company is deploying a new web application using AWS Elastic Beanstalk. They require the deployment process to maintain full capacity during updates, and if the update fails, the rollback must be instantaneous. Which deployment policy should they choose?

A company is designing a data lake architecture on AWS. They need to ingest streaming data from IoT devices, store it cost-effectively, and allow data scientists to run ad-hoc SQL queries on the data without provisioning database infrastructure. Which TWO services should be used? (Select TWO)

A team is designing a CI/CD pipeline for a microservices application deployed on Amazon EKS. They need to implement a blue/green deployment strategy. Which THREE AWS services or tools can be combined to achieve this natively? (Select THREE)

A company is migrating a legacy monolith to AWS. They want to refactor it into microservices using Amazon ECS on Fargate. They need a service discovery mechanism, mutual TLS (mTLS) between microservices, and advanced traffic routing (like canary releases). Which THREE components should they use? (Select THREE)

A company is using AWS CodePipeline for their CI/CD process. They want to introduce a manual approval step before deploying to the production environment. How can this be achieved?

An architect is designing a serverless application using AWS Lambda. The function needs to access a database hosted in a private subnet of a VPC. When the Lambda function is attached to the VPC, it loses internet access and can no longer call the AWS Systems Manager Parameter Store API. How can this be fixed MOST securely?

A company is designing a CI/CD pipeline for a microservices architecture deployed on Amazon EKS. They need to ensure zero-downtime deployments and the ability to instantly rollback if error rates spike. Which deployment strategy is MOST appropriate?

A development team uses AWS CDK to define infrastructure. They want to deploy a new serverless application across 3 AWS Regions simultaneously using a CI/CD pipeline. Which AWS service combination is BEST suited for orchestrating this?

A company is deploying a new application using Amazon ECS on Fargate. They need to implement a canary deployment strategy where 10% of traffic is routed to the new version, monitored for 5 minutes, and then fully cut over if no alarms trigger. Which service handles this natively?

A team is building a CI/CD pipeline for a serverless application using AWS SAM. They need to ensure that deployments are automatically rolled back if the new Lambda function version has a high error rate. Which TWO services/features are required? (Select TWO)

A development team is building a new CI/CD pipeline using AWS CodePipeline, CodeBuild, and CodeDeploy. They are deploying a microservice to Amazon ECS on Fargate. They require a deployment strategy that shifts traffic in 10% increments every 5 minutes, automatically rolling back if CloudWatch alarms are triggered. Which deployment strategy should the architect configure?

A company is designing a multi-region deployment strategy for a critical web application. The application uses Amazon EC2, an Application Load Balancer (ALB), and Amazon RDS for MySQL. The company wants to use AWS CloudFormation to deploy the infrastructure. They need to ensure that the deployment is identical across regions and that any updates are rolled out to one region at a time. Which combination of steps should the architect take? (Select TWO)

A development team uses AWS CloudFormation to manage their infrastructure. They want to implement a CI/CD pipeline that automatically tests CloudFormation templates for security misconfigurations (like open security groups or unencrypted buckets) BEFORE the infrastructure is deployed. Which AWS tool should be integrated into the pipeline?

A company is designing a CI/CD pipeline for a microservices application deployed on Amazon EKS. The pipeline must support automated testing, container image scanning for vulnerabilities before deployment, and a deployment strategy that shifts traffic gradually to the new version while monitoring error rates. If errors exceed 1%, the deployment must automatically roll back. Which combination of services and features should be used? (Select THREE)

A company is designing a serverless data lake architecture. Data is ingested into Amazon S3 via Amazon Kinesis Data Firehose. The data must be transformed (e.g., converting JSON to Parquet, removing PII) before being stored in the final S3 bucket. The transformation logic is complex and requires custom Python libraries. Which solution provides the MOST scalable and lowest maintenance approach?

A development team is building a new serverless application using AWS CDK. The application uses Amazon API Gateway, AWS Lambda, and Amazon DynamoDB. The team wants to implement a CI/CD pipeline that automatically deploys changes to a staging environment, runs integration tests, and then deploys to production. They want to manage the pipeline infrastructure as code alongside the application code. Which AWS service is BEST suited for this?

A company is running a large-scale web application on Amazon EC2 instances behind an Application Load Balancer. They want to implement a blue/green deployment strategy to minimize downtime and risk during updates. The infrastructure is managed using AWS CloudFormation. Which approach requires the LEAST custom scripting and operational overhead?

A company is building a machine learning pipeline. Data scientists upload raw images to an S3 bucket. An AWS Lambda function is triggered to resize the images. The resized images are then processed by an Amazon SageMaker training job. The pipeline must be fully automated, handle errors gracefully (with retries and exponential backoff), and provide a visual dashboard of the workflow state. Which combination of services and features should be used? (Select TWO)

A development team uses AWS CDK to define their infrastructure. They need to deploy a new microservice across 5 different AWS Regions simultaneously. The deployment must automatically roll back in all regions if it fails in any single region. How should this be orchestrated?

A company is deploying a new version of their application on Amazon EKS. They want to route 10% of live traffic to the new version to monitor error rates. If the error rate exceeds 1%, the deployment should automatically roll back. Which deployment strategy is this?

An application uses AWS Lambda and API Gateway. The team wants to deploy new Lambda versions without downtime. They need to shift traffic gradually over 10 minutes. Which service feature natively supports this?

A company requires that all infrastructure deployments are scanned for security vulnerabilities and compliance violations before being provisioned in AWS. They use AWS CloudFormation. How can this be automated in their CI/CD pipeline?

A team is migrating a monolithic application to microservices on Amazon ECS. They need a deployment strategy that allows them to test the new microservices in production with real traffic, but without affecting the end-user experience. Which pattern should they use?

A company is designing a CI/CD pipeline for a microservices application deployed on Amazon EKS. The pipeline must support automated canary deployments, rollback capabilities, and integration with AWS Key Management Service (KMS) for secret management. Which combination of AWS services and tools should the architect use? (Select TWO)

A company wants to implement a blue/green deployment strategy for a containerized application running on Amazon ECS with AWS Fargate. The application is fronted by an Application Load Balancer (ALB). The deployment must automatically roll back if CloudWatch alarms indicate high error rates during the green phase. Which AWS service is BEST suited to orchestrate this deployment?