AWS Certified DevOps Engineer – Professional (DOP-C02) — Question 284

A DevOps administrator is configuring a repository to store a company's container images. The administrator needs to configure a lifecycle rule that automatically deletes container images that have a specific tag and that are older than 15 days.

Which solution will meet these requirements with the MOST operational efficiency?

Answer options

• A. Create a repository in Amazon Elastic Container Registry (Amazon ECR). Add a lifecycle policy to the repository to expire images that have the matching tag after 15 days.
• B. Create a repository in AWS CodeArtifact. Add a repository policy to the CodeArtifact repository to expire old assets that have the matching tag after 15 days.
• C. Create a bucket in Amazon S3. Add a bucket lifecycle policy to expire old objects that have the matching tag after 15 days
• D. Create an EC2 Image Builder container recipe. Add a build component to expire the container that has the matching tag after 15 days.

Correct answer: A

Explanation

Amazon ECR is the native AWS service designed specifically for storing container images and includes a built-in lifecycle policy feature that can automatically delete images based on age and tag status. AWS CodeArtifact is intended for software package management (such as npm or Maven) rather than container images, while using Amazon S3 or EC2 Image Builder would require unnecessary custom development and operational overhead.