🔄 CI/CD Pipelines on AWS - DOP-C02 Practice Questions

Master CodePipeline, CodeBuild, CodeDeploy, and CodeCommit for automated software delivery. Understand pipeline stages, artifacts, approvals, and cross-account deployments.

45Questions Available
2Exam Domains

Practice CI/CD Pipelines Questions Now

Start a timed practice session focusing on CI/CD Pipelines on AWS topics from the DOP-C02 question bank.

Start DOP-C02 Practice Quiz →

DOP-C02 CI/CD Pipelines Question Bank (45 Questions)

Browse all 45 practice questions covering CI/CD Pipelines on AWS for the DOP-C02 certification exam. Answers are intentionally hidden on this page so you can self-test first before checking results in quiz mode.

  1. Question 1SDLC Automation

    A CodePipeline pipeline has a source action pointing to a CodeCommit repository. The pipeline is not triggering on new commits. What is the MOST LIKELY cause?

    ACodeCommit does not integrate with CodePipeline
    BThe EventBridge rule that was automatically created to detect CodeCommit commits has been deleted or disabled
    CThe CodePipeline IAM role lacks CodeCommit permissions
    DCodePipeline requires a webhook to be configured manually

    Answer hidden for practice.

    Use the interactive quiz to reveal the correct answer and explanation.

    Start DOP-C02 Quiz
  2. Question 2SDLC Automation

    A company wants to automatically create a new CodePipeline pipeline when a new microservice repository is created in CodeCommit. What is the most automated implementation?

    AManually create a pipeline for each new repository
    BEventBridge rule detecting CodeCommit repository creation event triggers a Lambda function that creates the CodePipeline pipeline using the SDK
    CUse a scheduled Lambda to check for new repositories
    DUse CloudFormation to create repositories and pipelines together

    Answer hidden for practice.

    Use the interactive quiz to reveal the correct answer and explanation.

    Start DOP-C02 Quiz
  3. Question 3SDLC Automation

    A company needs to create a CodePipeline that automatically deploys infrastructure changes when a CloudFormation template is modified in CodeCommit. What is the pipeline structure?

    ASource: CodeCommit → Build: CodeBuild (validate template) → Deploy: CloudFormation CreateOrUpdateStack action
    BSource: CodeCommit → Deploy: CloudFormation directly
    CSource: CodeCommit → Build: CodeBuild → Manual Approval → Deploy: CloudFormation with change set
    DBoth A and C are valid, with C adding human oversight via change set review

    Answer hidden for practice.

    Use the interactive quiz to reveal the correct answer and explanation.

    Start DOP-C02 Quiz
  4. Question 4SDLC Automation

    A company's CodePipeline fails at the Deploy stage. The team wants to get detailed error messages from the CodeDeploy deployment. Where is this information found?

    AIn the CodePipeline execution history only
    BIn the CodeDeploy console: deployment details page shows each instance's lifecycle hook events with error messages; also in CloudWatch Logs if the CodeDeploy agent is configured to log to CloudWatch
    CIn the S3 artifact store
    DIn CloudTrail management events

    Answer hidden for practice.

    Use the interactive quiz to reveal the correct answer and explanation.

    Start DOP-C02 Quiz
  5. Question 5SDLC Automation

    A company uses Jenkins integrated with AWS CodeDeploy. When a Jenkins build succeeds, it calls the CodeDeploy API to deploy. Jenkins is being deprecated and they want to replace it with CodePipeline while keeping CodeDeploy. What is the migration approach?

    ARebuild everything from scratch
    BReplicate the Jenkins pipeline as a CodePipeline: Source action (CodeCommit/GitHub), Build action (CodeBuild replacing Jenkins build), Deploy action (CodeDeploy — same deployment group configuration); minimal CodeDeploy changes
    CCodePipeline cannot integrate with CodeDeploy
    DKeep Jenkins but add CodePipeline in parallel

    Answer hidden for practice.

    Use the interactive quiz to reveal the correct answer and explanation.

    Start DOP-C02 Quiz
  6. Question 6SDLC Automation

    A company wants their entire CI/CD infrastructure (CodePipeline, CodeBuild projects, IAM roles, S3 buckets) to be provisioned via Infrastructure as Code. What is the RECOMMENDED approach?

    AManually create CI/CD resources in the console
    BDefine all CI/CD resources in CDK or CloudFormation (CodePipeline::Pipeline, CodeBuild::Project, S3::Bucket, IAM::Role); deploy from a bootstrap pipeline ('pipeline that builds pipelines'); version control all CI/CD configuration
    CUse AWS CLI scripts to create CI/CD resources
    DCDK Pipelines (cdk-pipelines) manages itself

    Answer hidden for practice.

    Use the interactive quiz to reveal the correct answer and explanation.

    Start DOP-C02 Quiz
  7. Question 7SDLC Automation

    A team runs security scans in their CodePipeline. They want the pipeline to automatically fail if a critical vulnerability is found in a container image before deployment. Which action implements this automated quality gate?

    ACodeBuild stage that queries ECR scan results and fails if critical findings exist
    BCodeDeploy with health check validation
    CManual approval action after ECR push
    DCloudWatch alarm on ECR scan metrics

    Answer hidden for practice.

    Use the interactive quiz to reveal the correct answer and explanation.

    Start DOP-C02 Quiz
  8. Question 8Resilient Cloud Solutions

    A team uses CodePipeline to deploy changes to multiple regions. They want automatic rollback across all regions if a canary deployment fails within 5 minutes. Which approach implements this automated cross-region rollback?

    AManual approval actions in each regional stage
    BCloudWatch alarms in each region triggering CodePipeline execution API to revert
    CAWS Config rules with auto-remediation per region
    DAmazon EventBridge cross-region routing with Lambda rollback

    Answer hidden for practice.

    Use the interactive quiz to reveal the correct answer and explanation.

    Start DOP-C02 Quiz
  9. Question 9Security and Compliance

    A DevOps team wants to scan CloudFormation templates in their CodeBuild pipeline to reject templates that create overly permissive IAM roles. Which AWS-native tool provides rule-based CloudFormation template validation?

    AAWS Config
    BAWS CloudFormation Guard (cfn-guard)
    CAmazon Inspector
    DAWS Trusted Advisor

    Answer hidden for practice.

    Use the interactive quiz to reveal the correct answer and explanation.

    Start DOP-C02 Quiz
  10. Question 10SDLC Automation

    A DevOps team uses CodePipeline to deploy a Lambda function. After deployment they want to automatically run integration tests against the new function. If tests fail, the pipeline should roll back. What is the CORRECT implementation?

    AAdd a CodeBuild test action after the Deploy stage; configure the Deploy stage to roll back on CodeBuild failure
    BAdd a CodeBuild test action after the Deploy stage; configure an Invoke (Lambda) action that calls an automated rollback function on failure
    CUse CodeDeploy's built-in integration test support
    DAdd a Manual Approval action and let a human decide whether to roll back

    Answer hidden for practice.

    Use the interactive quiz to reveal the correct answer and explanation.

    Start DOP-C02 Quiz
  11. Question 11SDLC Automation

    A company has a CodePipeline that builds a Docker image and pushes to ECR, then deploys to ECS. They want to ensure only images with no CRITICAL vulnerabilities are deployed. How should this be enforced?

    AAdd a manual approval action where security engineers approve each image
    BAdd a CodeBuild action after the ECR push that uses the ECR DescribeImageScanFindings API to check for CRITICAL findings; fail the pipeline if any are found
    CEnable ECR image scanning and it will automatically block deployments
    DUse Amazon Inspector to block non-compliant images

    Answer hidden for practice.

    Use the interactive quiz to reveal the correct answer and explanation.

    Start DOP-C02 Quiz
  12. Question 12SDLC Automation

    A team needs to run automated browser-based UI tests as part of their pipeline. Tests require a full browser environment. Which CodeBuild configuration supports this?

    AStandard CodeBuild build environment (Linux) — all browsers are pre-installed
    BUse a custom Docker image containing the browser (e.g., Chrome headless); specify the image in the CodeBuild project environment configuration
    CUse AWS Device Farm for all browser tests
    DOnly Lambda can run browser tests

    Answer hidden for practice.

    Use the interactive quiz to reveal the correct answer and explanation.

    Start DOP-C02 Quiz
  13. Question 13SDLC Automation

    A team uses CodePipeline with three stages: Source, Build, Deploy. They want different AWS accounts for build and deploy (build in dev account, deploy in prod account). How should cross-account pipeline actions be configured?

    ACreate separate pipelines in each account
    BUse cross-account CodePipeline actions: the pipeline artifact S3 bucket must be accessible from both accounts; create a cross-account IAM role in the target account trusted by the pipeline's account
    CCodePipeline cannot span multiple accounts
    DUse CodeDeploy in the prod account with a shared IAM user

    Answer hidden for practice.

    Use the interactive quiz to reveal the correct answer and explanation.

    Start DOP-C02 Quiz
  14. Question 14SDLC Automation

    A company runs a multi-stage CodePipeline that should run in response to both code changes AND scheduled events (nightly builds). How should the pipeline be triggered?

    ACreate two separate pipelines
    BUse an EventBridge scheduled rule to trigger the pipeline via the StartPipelineExecution API; the existing CodeCommit event rule handles code-change triggers
    CCodePipeline supports scheduled triggers natively
    DUse CloudWatch Events Cron expressions in CodePipeline source

    Answer hidden for practice.

    Use the interactive quiz to reveal the correct answer and explanation.

    Start DOP-C02 Quiz
  15. Question 15SDLC Automation

    A company uses GitHub for source control and CodePipeline for CI/CD. After connecting GitHub to CodePipeline, commits to the main branch should trigger the pipeline. What connection type is RECOMMENDED for new integrations?

    AGitHub version 1 source action using personal access tokens
    BGitHub version 2 source action using AWS CodeStar Connections (OAuth-based, no token management)
    CWebhook-based GitHub action
    DGitHub Actions with CodePipeline integration

    Answer hidden for practice.

    Use the interactive quiz to reveal the correct answer and explanation.

    Start DOP-C02 Quiz
  16. Question 16SDLC Automation

    A DevOps engineer needs to implement a deployment pipeline where the same pipeline artifact is deployed to dev, staging, and prod environments sequentially. What CodePipeline feature ensures each environment completes before the next begins?

    ARun parallel actions for all three environments
    BUse separate deployment stages for each environment in a single pipeline; add a Manual Approval action before the prod stage; stages execute sequentially
    CCreate separate pipelines for each environment
    DUse CodeDeploy deployment groups for environment separation

    Answer hidden for practice.

    Use the interactive quiz to reveal the correct answer and explanation.

    Start DOP-C02 Quiz
  17. Question 17Resilient Cloud Solutions

    A company wants to implement multi-region deployments. Their CodePipeline pipeline currently deploys to us-east-1 only. What configuration extends deployment to a second region (eu-west-1)?

    ACreate a separate pipeline in eu-west-1
    BAdd cross-region Deploy actions to the pipeline: configure the action in eu-west-1 with a cross-region artifact store (S3 bucket in eu-west-1); CodePipeline replicates artifacts automatically
    CUse CloudFormation StackSets triggered from the pipeline
    DCross-region deployments require separate pipelines

    Answer hidden for practice.

    Use the interactive quiz to reveal the correct answer and explanation.

    Start DOP-C02 Quiz
  18. Question 18Monitoring and Logging

    A company wants to monitor their CodePipeline pipeline's execution history and receive notifications when a deployment fails. What is the SIMPLEST implementation?

    APoll CodePipeline API every minute with Lambda
    BCreate an EventBridge rule matching CodePipeline pipeline execution state change events with status FAILED; target an SNS topic to notify the team
    CUse CloudWatch Logs for pipeline events
    DConfigure CodePipeline email notifications manually

    Answer hidden for practice.

    Use the interactive quiz to reveal the correct answer and explanation.

    Start DOP-C02 Quiz
  19. Question 19SDLC Automation

    A company runs microservices where each service has its own CodePipeline. They want to trigger a downstream service's pipeline when an upstream service completes its deployment. How should inter-pipeline dependencies be implemented?

    AMerge all microservices into a single monolithic pipeline
    BWhen the upstream pipeline completes, it invokes a Lambda action that calls StartPipelineExecution on the downstream pipeline; or use EventBridge rule on pipeline state change to trigger the downstream pipeline
    CUse CodePipeline's built-in pipeline chaining feature
    DUse CodeDeploy deployment groups with dependencies

    Answer hidden for practice.

    Use the interactive quiz to reveal the correct answer and explanation.

    Start DOP-C02 Quiz
  20. Question 20SDLC Automation

    A DevOps engineer needs to create reusable CodePipeline pipeline templates for 20 microservices. All pipelines follow the same pattern but differ in repository name and environment variables. What is the most maintainable approach?

    ACreate 20 identical pipelines with manual customizations
    BDefine the pipeline structure in a CloudFormation template with parameters for repo name and env vars; deploy a stack per microservice; changes to the template propagate to all stacks via StackSets update
    CUse AWS Service Catalog to share a pipeline template across teams
    DBoth B and C are valid approaches

    Answer hidden for practice.

    Use the interactive quiz to reveal the correct answer and explanation.

    Start DOP-C02 Quiz
  21. Question 21SDLC Automation

    A company uses Terraform for infrastructure provisioning. They want to integrate Terraform into CodePipeline. What is the CORRECT setup for running Terraform plan and apply in separate stages?

    ATerraform cannot run in CodePipeline
    BCodeBuild action runs 'terraform plan -out=tfplan' and uploads the plan file as a pipeline artifact; a Manual Approval stage allows review; another CodeBuild action runs 'terraform apply tfplan' using the saved plan
    CUse CodeDeploy for Terraform deployments
    DRun terraform apply directly without a plan stage

    Answer hidden for practice.

    Use the interactive quiz to reveal the correct answer and explanation.

    Start DOP-C02 Quiz
  22. Question 22SDLC Automation

    A team's pipeline fails intermittently due to CodeBuild builds timing out. The build downloads external packages that are sometimes slow. What is the BEST long-term solution?

    AIncrease the CodeBuild build timeout
    BMirror all external packages to CodeArtifact; configure the build to use the CodeArtifact upstream repository; download speeds are consistent from the same AWS region
    CRetry failed builds automatically
    DUse a pre-built Docker image with all packages

    Answer hidden for practice.

    Use the interactive quiz to reveal the correct answer and explanation.

    Start DOP-C02 Quiz
  23. Question 23SDLC Automation

    A company wants to implement a pull request validation pipeline that checks code quality, security scanning, and unit tests. Results should be posted to the pull request as status checks. Which CodeBuild feature supports this?

    ACodeBuild runs tests but cannot post results back to pull requests
    BCodeBuild webhook with pull request events triggers builds; build results are automatically reported as GitHub/CodeCommit status checks (pass/fail) on the pull request
    CUse CodePipeline for pull request validation
    DPost results manually to the pull request

    Answer hidden for practice.

    Use the interactive quiz to reveal the correct answer and explanation.

    Start DOP-C02 Quiz
  24. Question 24SDLC Automation

    A company's CodePipeline source action uses an S3 bucket as the source. The pipeline should trigger when a new zip file is uploaded to a specific S3 key prefix. What enables this trigger?

    ACodePipeline periodically polls S3 for changes
    BS3 bucket event notification (or EventBridge S3 event) for ObjectCreated events on the specific key prefix triggers the pipeline via the StartPipelineExecution API
    CSet the polling interval to 1 minute in CodePipeline
    DS3 source automatically triggers on any upload

    Answer hidden for practice.

    Use the interactive quiz to reveal the correct answer and explanation.

    Start DOP-C02 Quiz
  25. Question 25SDLC Automation

    A company wants to run performance/load tests as part of their CodePipeline after deploying to staging. If p99 latency exceeds 500ms, the pipeline should fail and not promote to production. What is the CORRECT implementation?

    ARun manual load tests before production deployment
    BAdd a CodeBuild action that runs a load testing tool (Gatling, k6, Artillery); the buildspec parses the results file; if p99 > 500ms, exit with non-zero code to fail the pipeline stage
    CUse CloudWatch alarms to detect high latency and stop the pipeline
    DAWS has a built-in load testing service for pipelines

    Answer hidden for practice.

    Use the interactive quiz to reveal the correct answer and explanation.

    Start DOP-C02 Quiz
  26. Question 26SDLC Automation

    A company needs to ensure the production CodePipeline can only be triggered by the release manager, not by code commits. How should this be configured?

    ARemove all EventBridge rules that trigger the pipeline
    BDelete or disable the EventBridge trigger rule for the pipeline; grant only the release manager IAM principal StartPipelineExecution permissions; the manager manually triggers via console or CLI
    CUse CodePipeline filters to restrict who can trigger it
    DUse a Manual Approval action at the start of the pipeline

    Answer hidden for practice.

    Use the interactive quiz to reveal the correct answer and explanation.

    Start DOP-C02 Quiz
  27. Question 27SDLC Automation

    A company uses AWS CodeStar Connections to connect CodePipeline to a GitHub repository. The connection requires authorization. When is the authorization step required?

    AEvery time the pipeline runs
    BOnce when the connection is first created — an AWS administrator must complete the OAuth authorization in the AWS console; after authorization the connection is reused for all pipelines referencing it
    CEvery 90 days when the token expires
    DAuthorization is automatic and requires no action

    Answer hidden for practice.

    Use the interactive quiz to reveal the correct answer and explanation.

    Start DOP-C02 Quiz
  28. Question 28Incident and Event Response

    A company wants to detect when their CodePipeline pipeline is stuck in a stage for more than 1 hour (potential hung deployment). What monitoring solution detects this?

    AManually check pipelines hourly
    BEventBridge rule matching CodePipeline stage start events → store timestamp in DynamoDB; a scheduled Lambda (every 30 minutes) checks for stages running longer than 1 hour by comparing current time to stored timestamp; alerts via SNS
    CCloudWatch alarm on CodePipeline execution duration
    DCodePipeline has a built-in timeout feature

    Answer hidden for practice.

    Use the interactive quiz to reveal the correct answer and explanation.

    Start DOP-C02 Quiz
  29. Question 29Security and Compliance

    A team wants to ensure their CodePipeline pipeline cannot be disabled or modified by anyone other than the DevOps leads. What controls enforce this?

    ARemove all IAM access to CodePipeline
    BApply an SCP or IAM policy Deny on codepipeline:DeletePipeline, codepipeline:UpdatePipeline, codepipeline:DisableStageTransition for all principals except the DevOps lead IAM role
    CEnable MFA for all CodePipeline operations
    DUse CloudTrail to detect unauthorized changes

    Answer hidden for practice.

    Use the interactive quiz to reveal the correct answer and explanation.

    Start DOP-C02 Quiz
  30. Question 30SDLC Automation

    A team has a CodePipeline that deploys to production. A deployment was successful but caused a performance regression. The team wants to automatically detect performance regressions in future deployments. What approach implements this?

    AManual performance testing after every deployment
    BAdd a post-deployment CodeBuild stage that runs performance benchmarks; compare p99 latency against the baseline stored in Parameter Store; fail the stage if degradation exceeds 10%; trigger rollback via CodeDeploy
    CUse CloudWatch anomaly detection on latency
    DUse AWS X-Ray to detect regressions automatically

    Answer hidden for practice.

    Use the interactive quiz to reveal the correct answer and explanation.

    Start DOP-C02 Quiz
  31. Question 31SDLC Automation

    A company wants to create isolated test environments on demand using CodePipeline. Each test run should create its own CloudFormation stack, run tests, then destroy the stack. What CodePipeline action type supports creating and deleting CloudFormation stacks?

    ACodeBuild with CloudFormation CLI
    BCloudFormation Deploy action (CREATE_OR_REPLACE or CHANGE_SET_EXECUTE) for creation; CloudFormation DELETE action for destruction — both are native CodePipeline action types
    CLambda actions for CloudFormation management
    DOnly external tools can create/delete CloudFormation stacks in pipelines

    Answer hidden for practice.

    Use the interactive quiz to reveal the correct answer and explanation.

    Start DOP-C02 Quiz
  32. Question 32SDLC Automation

    A company wants to ensure that changes to a production ECS service configuration (task definition, desired count) can only be made through CodePipeline. Direct console or CLI modifications should be prevented. What control implements this?

    AEnable CloudTrail and review changes manually
    BIAM policy: deny ecs:UpdateService, ecs:RegisterTaskDefinition for all IAM principals except the CodePipeline execution role; allow those actions only for the pipeline role
    CECS service protection prevents all changes
    DUse Service Catalog for all ECS deployments

    Answer hidden for practice.

    Use the interactive quiz to reveal the correct answer and explanation.

    Start DOP-C02 Quiz
  33. Question 33SDLC Automation

    A team's CodePipeline frequently fails because a production hotfix branch needs to bypass the normal release process. What CodePipeline configuration supports expedited hotfix deployments?

    AThere is no way to expedite through CodePipeline
    BCreate a dedicated 'hotfix' pipeline with expedited stages (minimal testing, no staging environment); route hotfix/* branches to this pipeline via EventBridge rules; document the hotfix process
    CDisable all pipeline gates for hotfixes
    DDeploy hotfixes manually, bypassing CodePipeline

    Answer hidden for practice.

    Use the interactive quiz to reveal the correct answer and explanation.

    Start DOP-C02 Quiz
  34. Question 34SDLC Automation

    A company's build pipeline should be triggered by changes in multiple CodeCommit repositories. A shared library change in repo-A should trigger builds for all 10 services in their own repositories. What is the most scalable approach?

    AAdd each service repo as a source to a single pipeline
    BEventBridge rule monitors repo-A CodeCommit push events; Lambda function calls StartPipelineExecution for all 10 service pipelines; each service has its own pipeline that can also be triggered independently
    CCreate one giant repository with all services
    DManually trigger rebuilds when shared library changes

    Answer hidden for practice.

    Use the interactive quiz to reveal the correct answer and explanation.

    Start DOP-C02 Quiz
  35. Question 35SDLC Automation

    A team uses CodePipeline with GitHub source (via CodeStar Connection). A GitHub organization policy change revoked the CodeStar Connection app's access. The pipeline stops triggering. What is required to fix this?

    ACreate a new CodePipeline from scratch
    BReconnect the CodeStar Connection by re-authorizing it in the GitHub organization settings; the connection will transition back to AVAILABLE state; the existing pipeline continues using the same connection
    CDelete and recreate the CodeStar Connection
    DSwitch to GitHub personal access token

    Answer hidden for practice.

    Use the interactive quiz to reveal the correct answer and explanation.

    Start DOP-C02 Quiz
  36. Question 36SDLC Automation

    A company wants to implement testing for their CloudFormation templates using TaskCat. TaskCat deploys the template in multiple regions with different parameter configurations. How should this integrate with CodePipeline?

    ATaskCat only runs locally
    BAdd a CodeBuild action after the Source stage that runs taskcat run --no-cleanup-on-failure; TaskCat deploys to configured test regions, validates, and destroys test stacks; build fails if any test fails
    CUse CodeDeploy to run TaskCat
    DTaskCat requires a separate AWS account

    Answer hidden for practice.

    Use the interactive quiz to reveal the correct answer and explanation.

    Start DOP-C02 Quiz
  37. Question 37Security and Compliance

    A company's CloudFormation deployment creates IAM policies. Security team requires that all IAM policies go through a review process. What CodePipeline control enforces human review of IAM changes?

    AIAM changes are automatically reviewed by AWS
    BIn the pipeline, add a Manual Approval action before the CloudFormation Deploy stage; the approval request includes a link to the Change Set showing all IAM policy changes; security team reviews the change set before approving
    CUse CloudFormation Guard to auto-approve IAM policies
    DStore IAM policies in a separate stack

    Answer hidden for practice.

    Use the interactive quiz to reveal the correct answer and explanation.

    Start DOP-C02 Quiz
  38. Question 38Security and Compliance

    A company uses AWS CodePipeline to deploy infrastructure changes. The security team requires that every pipeline execution is logged, including who triggered it, what changed, and the result. What provides this audit trail?

    ACodePipeline execution history in the console
    BAWS CloudTrail records all CodePipeline API calls (StartPipelineExecution, CreatePipeline, UpdatePipeline) with IAM principal identity; EventBridge captures pipeline state changes; together they provide a complete audit trail
    CCodePipeline automatically generates audit reports
    DS3 artifact store logs all pipeline activity

    Answer hidden for practice.

    Use the interactive quiz to reveal the correct answer and explanation.

    Start DOP-C02 Quiz
  39. Question 39SDLC Automation

    A company wants to implement contract testing between microservices. Consumer-driven contract tests should run in CI to ensure service changes don't break consumers. What approach integrates contract testing into CodePipeline?

    AManual API testing after each deployment
    BUse Pact or Spring Cloud Contract; publish contracts to a contract broker; provider pipeline runs contract verification tests in CodeBuild; tests fail if service changes break the consumer contract
    CUse API Gateway for contract validation
    DIntegration tests cover contract testing needs

    Answer hidden for practice.

    Use the interactive quiz to reveal the correct answer and explanation.

    Start DOP-C02 Quiz
  40. Question 40SDLC Automation

    A team uses AWS CodePipeline to deploy containerized applications. After a successful deployment to staging, a manual tester runs exploratory tests. If issues are found, how should the tester reject the deployment and prevent promotion to production?

    AThe tester emails the team to stop the pipeline
    BThe tester uses the Manual Approval action in CodePipeline — rejects the approval with a comment explaining the issue; CodePipeline marks the stage as failed and the pipeline stops at that stage
    CThe tester deletes the staging environment
    DThe tester stops the ECS service

    Answer hidden for practice.

    Use the interactive quiz to reveal the correct answer and explanation.

    Start DOP-C02 Quiz
  41. Question 41SDLC Automation

    A company's pipeline builds a Node.js application. They want to enforce code coverage thresholds: unit test coverage must be at least 80%. Builds failing the threshold should fail the pipeline. How is this implemented in CodeBuild?

    AManual coverage review after each build
    BRun tests with coverage tool (Jest with --coverage); configure the coverage threshold in jest.config.js (coverageThreshold: { global: { branches: 80, lines: 80 } }); Jest exits non-zero if threshold not met, failing CodeBuild
    CUse CodeBuild Test Reports for coverage thresholds
    DCodeBuild automatically enforces 80% coverage

    Answer hidden for practice.

    Use the interactive quiz to reveal the correct answer and explanation.

    Start DOP-C02 Quiz
  42. Question 42SDLC Automation

    A company's pipeline produces multiple artifacts (Docker image, Lambda zip, CloudFormation template). They need to store all artifacts and share them between pipeline stages. What is the correct CodePipeline configuration?

    AUse separate S3 buckets for each artifact type
    BConfigure CodePipeline with an artifact store (single S3 bucket with KMS encryption); each action can declare output artifacts with unique names; subsequent stages reference these artifacts by name as input artifacts
    CUse ECR for all artifacts in CodePipeline
    DArtifacts must be rebuilt in each stage

    Answer hidden for practice.

    Use the interactive quiz to reveal the correct answer and explanation.

    Start DOP-C02 Quiz
  43. Question 43SDLC Automation

    A company wants to run their CodePipeline in a highly regulated environment where all artifacts must stay within a specific AWS region. What configuration ensures artifacts don't leave the region?

    ACodePipeline artifacts automatically stay in one region
    BConfigure CodePipeline with an S3 artifact bucket in the required region with aws:RequestedRegion condition SCP preventing cross-region operations; ensure all actions (CodeBuild, CodeDeploy) run in the same region
    CUse CodeCommit to store artifacts regionally
    DAll AWS services are regional by default

    Answer hidden for practice.

    Use the interactive quiz to reveal the correct answer and explanation.

    Start DOP-C02 Quiz
  44. Question 44SDLC Automation

    A company's microservices each have independent CodePipeline pipelines. They want a dashboard showing the health of all pipelines simultaneously. What AWS tool provides this without custom development?

    AAWS Console Pipeline list view
    BCreate a CloudWatch dashboard with CodePipeline state change Event metrics or use the CodePipeline console pipeline list which shows current status of all pipelines; for custom views, EventBridge → DynamoDB → API Gateway → custom UI
    CUse AWS Developer Tools to create a pipeline dashboard
    DCloudWatch automatically creates pipeline dashboards

    Answer hidden for practice.

    Use the interactive quiz to reveal the correct answer and explanation.

    Start DOP-C02 Quiz
  45. Question 45SDLC Automation

    A company's CodePipeline deployment to production fails. After manual hotfix and resolution, they want to ensure the same pipeline is used to deploy the fix (not bypass the pipeline). What prevents bypassing the pipeline?

    ATrust developers not to bypass the pipeline
    BIAM policies explicitly deny ecs:UpdateService, lambda:UpdateFunctionCode, cloudformation:UpdateStack for all IAM principals except the CodePipeline execution role; only the pipeline role can make production changes
    CUse CloudTrail to detect bypasses
    DUse MFA for all production changes

    Answer hidden for practice.

    Use the interactive quiz to reveal the correct answer and explanation.

    Start DOP-C02 Quiz

Key CI/CD Pipelines Concepts for DOP-C02

cicdcodepipelinecodebuildcodedeploycodecommitpipelinecontinuous integrationcontinuous delivery

DOP-C02 CI/CD Pipelines Exam Tips

CI/CD Pipelines on AWS questions in DOP-C02 are typically scenario-based. Focus on CI/CD automation, reliability engineering, and feedback-driven operations. Priority concepts: cicd, codepipeline, codebuild, codedeploy, codecommit, pipeline.

What DOP-C02 Expects

  • Anchor your answer in choose auditable, automated release and operations patterns with strong rollback readiness.
  • CI/CD Pipelines scenarios for DOP-C02 are frequently mapped to Domain 1 (22%), Domain 2 (17%), so read the objective carefully before picking controls or architecture.
  • Expect multi-topic scenarios where CI/CD Pipelines interacts with IAM, networking, storage, or observability patterns rather than appearing as an isolated question.
  • When two options are both technically valid, prefer the choice that best aligns with the exam's operational scope (Professional) and vendor best practices.

High-Value CI/CD Pipelines Concepts

  • Know the core CI/CD Pipelines building blocks cold: cicd, codepipeline, codebuild, codedeploy.
  • Review the edge-case features and limits for codecommit, pipeline; these details are commonly used to differentiate answer choices.
  • Practice service-integration reasoning: how CI/CD Pipelines pairs with Deployment Strategies, CloudFormation, Containers in real deployment patterns.
  • For DOP-C02, explain why the chosen CI/CD Pipelines design meets reliability, security, and cost expectations better than the alternatives.

Common DOP-C02 Traps

  • Watch for manual promotion and approval logic where pipeline automation is expected.
  • Questions in SDLC Automation often include distractors that look correct for CI/CD Pipelines but violate least-privilege, durability, or availability requirements.
  • Avoid picking options purely by feature name; validate data path, failure handling, and governance impact before answering.
  • If the prompt hints at automation or repeatability, eliminate manual-only operational answers first.

Fast Review Checklist

  • Can you compare at least two CI/CD Pipelines implementation paths and justify which one best fits the scenario?
  • Can you map the chosen answer back to SDLC Automation (22%) outcomes for DOP-C02?
  • Can you explain security and access boundaries for CI/CD Pipelines without relying on default-open assumptions?
  • Can you describe how CI/CD Pipelines integrates with Deployment Strategies and CloudFormation during failure, scaling, and monitoring events?

Exam Domains Covering CI/CD Pipelines

Domain 1SDLC Automation22%Domain 2Configuration Management & IaC17%

Related Resources

🎯 Free DOP-C02 Mock Exam Deployment Strategies Questions CloudFormation Questions Containers Questions

More DOP-C02 Study Resources

← DOP-C02 Study Hub30-Day Study PlanFull Practice Exam