DVA-C02 · Question #713
DVA-C02 Question #713: Real Exam Question with Answer & Explanation
The correct answer is A: Configure the pipeline's artifact properties to reference the Amazon Resource Name (ARN) of the. Updating the pipeline’s artifact settings to specify the customer managed KMS key ensures pipeline-level artifact encryption with the desired key. Updating the CodeBuild project’s artifact settings to reference the customer managed KMS key ensures build artifacts are encrypted wi
Question
A company uses a pipeline in AWS CodePipeline that include AWS CodeBuild projects. The company encrypts the pipeline and build artifacts with AWS managed AWS KMS keys. The company needs to update the pipeline to encrypt artifacts by using an existing customer managed KMS key. Which combination of steps will meet these requirements in the MOST cost-effective way? (Choose two.)
Options
- AConfigure the pipeline's artifact properties to reference the Amazon Resource Name (ARN) of the
- BConfigure the build project's artifact properties to reference the Amazon Resource Name (ARN) of
- CCreate a new build project in CodeBuild that uses the Amazon Resource Name (ARN) of the
- DModify the artifact bucket properties to use server-side encryption with AWS KMS keys (SSE-
- EModify the artifact bucket properties to use dual-layer server-side encryption with AWS KMS keys
Explanation
Updating the pipeline’s artifact settings to specify the customer managed KMS key ensures pipeline-level artifact encryption with the desired key. Updating the CodeBuild project’s artifact settings to reference the customer managed KMS key ensures build artifacts are encrypted with that key.
Community Discussion
No community discussion yet for this question.