A company’s CISO has asked a solutions architect to re-engineer the company's current CI/…

Question

A company’s CISO has asked a solutions architect to re-engineer the company's current CI/CD practices to make sure patch deployments to its application can happen as quickly as possible with minimal downtime if vulnerabilities are discovered. The company must also be able to quickly roll back a change in case of errors. The web application is deployed in a fleet of Amazon EC2 instances behind an Application Load Balancer. The company is currently using GitHub to host the application source code, and has configured an AWS CodeBuild project to build the application. The company also intends to use AWS CodePipeline to trigger builds from GitHub commits using the existing CodeBuild project. What CI/CD configuration meets all of the requirements?

Accepted Answer

Correct answer: B. B. Configure CodePipeline with a deploy stage using AWS CodeDeploy configured for blue/green deployments. Monitor the newly deployed code, and, if there are any issues, trigger a manual rollback using CodeDeploy. — AWS CodeDeploy with a blue/green deployment configuration is the optimal choice because it provisions a new set of EC2 instances for the patch, shifts traffic over with minimal downtime, and allows for an immediate rollback to the original environment if issues are detected. In-place deployments (Options A and D) and CloudFormation redeployments (Option C) require pushing subsequent code changes or rebuilding infrastructure, which fails to meet the requirement for rapid rollback with minimal downtime.

AWS Certified Solutions Architect – Professional (SAP-C02) — Question 347

Answer options

Correct answer: B

Explanation