AWS Certified Solutions Architect – Professional — Question 520

You want to use AWS CodeDeploy to deploy an application to Amazon EC2 instances running within an Amazon Virtual Private Cloud (VPC).
What criterion must be met for this to be possible?

Answer options

• A. The AWS CodeDeploy agent installed on the Amazon EC2 instances must be able to access only the public AWS CodeDeploy endpoint.
• B. The AWS CodeDeploy agent installed on the Amazon EC2 instances must be able to access only the public Amazon S3 service endpoint.
• C. The AWS CodeDeploy agent installed on the Amazon EC2 instances must be able to access the public AWS CodeDeploy and Amazon S3 service endpoints.
• D. It is not currently possible to use AWS CodeDeploy to deploy an application to Amazon EC2 instances running within an Amazon Virtual Private Cloud (VPC.)

Correct answer: C

Explanation

For AWS CodeDeploy to successfully deploy applications to Amazon EC2 instances within a VPC, the on-instance AWS CodeDeploy agent must be able to communicate with two critical services. It needs access to the AWS CodeDeploy endpoint to receive execution commands and status updates, and it needs access to the Amazon S3 endpoint to fetch the deployment bundles. Restricting access to only one of these endpoints, or claiming the configuration is unsupported, is incorrect.