AWS Certified DevOps Engineer – Professional (DOP-C02) — Question 391

A company wants to build a pipeline to update the standard AMI monthly. The AMI must be updated to use the most recent patches to ensure that launched Amazon EC2 instances are up to date. Each new AMI must be available to all AWS accounts in the company's organization in AWS Organizations.

The company needs to configure an automated pipeline to build the AMI.

Which solution will meet these requirements with the MOST operational efficiency?

Answer options

• A. Create an AWS CodePipeline pipeline that uses AWS CodeBuild. Create an AWS Lambda function to run the pipeline every month. Create an AWS CloudFormation template. Share the template with all AWS accounts in the organization.
• B. Create an AMI pipeline by using EC2 Image Builder. Configure the pipeline to distribute the AMI to the AWS accounts in the organization. Configure the pipeline to run monthly.
• C. Create an AWS CodePipeline pipeline that runs an AWS Lambda function to build the AMI. Configure the pipeline to share the AMI with the AWS accounts in the organization. Configure Amazon EventBridge Scheduler to invoke the pipeline every month.
• D. Create an AWS Systems Manager Automation runbook. Configure the automation to run in all AWS accounts in the organization. Create an AWS Lambda function to run the automation every month.

Correct answer: B

Explanation

EC2 Image Builder is a fully managed AWS service purpose-built for automating the creation, maintenance, and distribution of AMIs, making it the most operationally efficient choice. It natively supports monthly scheduling and direct integration with AWS Organizations to share the resulting AMI across all accounts. The other options involve building custom pipelines using AWS CodePipeline, AWS Lambda, or Systems Manager runbooks, which require significantly more development and maintenance effort.