AWS Certified DevOps Engineer – Professional (DOP-C02) — Question 56

A company runs an application with an Amazon EC2 and on-premises configuration. A DevOps engineer needs to standardize patching across both environments. Company policy dictates that patching only happens during non-business hours.
Which combination of actions will meet these requirements? (Choose three.)

Answer options

• A. Add the physical machines into AWS Systems Manager using Systems Manager Hybrid Activations.
• B. Attach an IAM role to the EC2 instances, allowing them to be managed by AWS Systems Manager.
• C. Create IAM access keys for the on-premises machines to interact with AWS Systems Manager.
• D. Run an AWS Systems Manager Automation document to patch the systems every hour
• E. Use Amazon EventBridge scheduled events to schedule a patch window.
• F. Use AWS Systems Manager Maintenance Windows to schedule a patch window.

Correct answer: A, B, F

Explanation

The correct actions include adding physical machines to AWS Systems Manager using Hybrid Activations (A), attaching an IAM role for EC2 instance management (B), and scheduling patching via Maintenance Windows (F). Options C and D are incorrect because generating IAM access keys is not necessary for on-premises machines to interact with Systems Manager, and running automation every hour does not comply with the non-business hours policy.