Topic 1 Question 245
2 つ選択A developer is building a new application that will be deployed on AWS. The developer has created an AWS CodeCommit repository for the application. The developer has initialized a new project for the application by invoking the AWS Cloud Development Kit (AWS CDK) cdk init command.
The developer must write unit tests for the infrastructure as code (IaC) templates that the AWS CDK generates. The developer also must run a validation tool across all constructs in the CDK application to ensure that critical security configurations are activated.
Which combination of actions will meet these requirements with the LEAST development overhead?
Use a unit testing framework to write custom unit tests against the cdk.out file that the AWS CDK generates. Run the unit tests in a continuous integration and continuous delivery (CI/CD) pipeline that is invoked after any commit to the repository.
Use the CDK assertions module to integrate unit tests with the application. Run the unit tests in a continuous integration and continuous delivery (CI/CD) pipeline that is invoked after any commit to the repository.
Use the CDK runtime context to set key-value pairs that must be present in the cdk.out file that the AWS CDK generates. Fail the stack synthesis if any violations are present.
Write a script that searches the application for specific key configuration strings. Configure the script to produce a report of any security violations.
Use the CDK Aspects class to create custom rules to apply to the CDK application. Fall the stack synthesis if any violations are present.
ユーザの投票
コメント(4)
B. Use the CDK assertions module to integrate unit tests with the application. Run the unit tests in a continuous integration and continuous delivery (CI/CD) pipeline that is invoked after any commit to the repository. E. Use the CDK Aspects class to create custom rules to apply to the CDK application. Fail the stack synthesis if any violations are present.
👍 3Claire_KMT2023/10/28Option B allows writing unit tests for the infrastructure code using the built-in CDK assertions. Running them in a CI/CD pipeline on commits provides automated testing.
Option E lets you define security validation rules as Aspects, which run on synth to catch issues early.
👍 1deepak5472023/11/29- 正解だと思う選択肢: BE
Option B: The standard approach to testing AWS CDK apps uses the AWS CDK's assertions module https://docs.aws.amazon.com/cdk/v2/guide/testing.html
Option E: By using the CDK Aspects class to create custom rules, you can enforce specific conditions or checks on your CDK application, including security configurations. Failing the stack synthesis if any violations are present ensures that deployments do not proceed if critical security configurations are not met. CHATGPT 3.5
👍 1TanTran042023/12/19
シャッフルモード