AWS Certified Solutions Architect – Professional — Question 277

A company provides AWS solutions to its users with AWS CloudFormation templates. Users launch the templates in their accounts to have different solutions provisioned for them. The users want to improve the deployment strategy for solutions while retaining the ability to do the following:
✑ Add their own features to a solution for their specific deployments.
✑ Run unit tests on their changes.
✑ Turn features on and off for their deployments.
✑ Automatically update with code changes.
✑ Run security scanning tools for their deployments.
Which strategies should the Solutions Architect use to meet the requirements?

Answer options

• A. Allow users to download solution code as Docker images. Use AWS CodeBuild and AWS CodePipeline for the CI/CD pipeline. Use Docker images for different solution features and the AWS CLI to turn features on and off. Use AWS CodeDeploy to run unit tests and security scans, and for deploying and updating a solution with changes.
• B. Allow users to download solution code artifacts. Use AWS CodeCommit and AWS CodePipeline for the CI/CD pipeline. Use AWS Amplify plugins for different solution features and user prompts to turn features on and off. Use AWS Lambda to run unit tests and security scans, and AWS CodeBuild for deploying and updating a solution with changes.
• C. Allow users to download solution code artifacts in their Amazon S3 buckets. Use Amazon S3 and AWS CodePipeline for the CI/CD pipelines. Use CloudFormation StackSets for different solution features and to turn features on and off. Use AWS Lambda to run unit tests and security scans, and CloudFormation for deploying and updating a solution with changes.
• D. Allow users to download solution code artifacts. Use AWS CodeCommit and AWS CodePipeline for the CI/CD pipeline. Use the AWS Cloud Development Kit constructs for different solution features, and use the manifest file to turn features on and off. Use AWS CodeBuild to run unit tests and security scans, and for deploying and updating a solution with changes.

Correct answer: D

Explanation

Option D is the correct choice because AWS CodeCommit and AWS CodePipeline provide a robust, automated CI/CD pipeline that triggers updates on code changes. Using AWS Cloud Development Kit (AWS CDK) constructs allows users to easily add custom features, while a manifest file offers a clean mechanism to toggle features on and off. Additionally, AWS CodeBuild is the ideal service designed to run unit tests, execute security scanning tools, and deploy the CDK-based infrastructure.