Question

Your company has a set of EC2 Instances and On-premise. They now want to automate the deployment of their applications using the AWS Code Deploy tool in AWS.

Which of the following is not needed in this scenario?

A. Ensure both EC2 Instances and On-premise servers have the Code Deploy agent installed.

B. Ensure both EC2 Instances and On-premise servers can connect to the Code Deploy service.

C. Ensure that On-premise servers use an IAM role ARN to authenticate requests.

D. Ensure both EC2 Instances and On-premise servers have instance profiles attached to them.

Answer 1

Answer - D.

On-premises instances do not use IAM instance profiles.

All other options are incorrect because the question asks which one is not needed.

Please refer to the below links in section 'Pre-requisites' for instance profile related to On-premises servers.

https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_use_switch-role-ec2_instance-profiles.html https://docs.aws.amazon.com/en_pv/codedeploy/latest/userguide/instances-ec2-configure.html https://docs.aws.amazon.com/codedeploy/latest/userguide/tutorials-on-premises-instance.html

The correct answer is D. Ensure both EC2 Instances and On-premise servers have instance profiles attached to them.

Explanation:

AWS CodeDeploy is a fully managed deployment service that automates software deployments to a variety of compute services, including EC2 instances and on-premises servers. CodeDeploy requires an agent to be installed on the instances that will receive the application deployments. The agent enables the instances to communicate with the CodeDeploy service and receive the deployment instructions. Therefore, both EC2 instances and on-premises servers need to have the CodeDeploy agent installed (Option A) and be able to connect to the CodeDeploy service (Option B).

Additionally, to authenticate requests from on-premises servers, an IAM role ARN needs to be used (Option C). An IAM role is an AWS Identity and Access Management (IAM) entity that defines a set of permissions for making AWS service requests. An IAM role ARN is required when using an on-premises instance with CodeDeploy. This role must be granted permissions to call CodeDeploy APIs on behalf of the on-premises instance.

However, instance profiles (Option D) are not required in this scenario. Instance profiles are a container for an IAM role that you can use to pass role information to an EC2 instance when the instance starts. CodeDeploy does not use instance profiles to manage deployments, and they are not required for the CodeDeploy agent to function.

In summary, to automate the deployment of applications using AWS CodeDeploy, you need to ensure both EC2 instances and on-premises servers have the CodeDeploy agent installed, can connect to the CodeDeploy service, and use an IAM role ARN to authenticate requests. Instance profiles are not needed.