Topic 1 Question 21
A company has containerized all of its in-house quality control applications. The company is running Jenkins on Amazon EC2 instances, which require patching and upgrading. The compliance officer has requested a DevOps engineer begin encrypting build artifacts since they contain company intellectual property. What should the DevOps engineer do to accomplish this in the MOST maintainable manner?
Automate patching and upgrading using AWS Systems Manager on EC2 instances and encrypt Amazon EBS volumes by default.
Deploy Jenkins to an Amazon ECS cluster and copy build artifacts to an Amazon S3 bucket with default encryption enabled.
Leverage AWS CodePipeline with a build action and encrypt the artifacts using AWS Secrets Manager.
Use AWS CodeBuild with artifact encryption to replace the Jenkins instance running on EC2 instances.
ユーザの投票
コメント(11)
The MOST maintainable solution for encrypting build artifacts from Jenkins running on EC2 instances is to deploy Jenkins to an Amazon ECS cluster and copy build artifacts to an Amazon S3 bucket with default encryption enabled. This solution provides high availability, scalability, and security for Jenkins and ensures that artifacts are encrypted when they are stored in S3. Using an ECS cluster allows for easy management and scaling of Jenkins instances, and S3 provides automatic encryption of objects at rest with default encryption enabled. Therefore, the correct answer is B. Option D is not the most maintainable solution since it requires replacing Jenkins with AWS CodeBuild and may require significant changes to the existing build process.
👍 4jqso2342023/04/14- 正解だと思う選択肢: B
B makes sense.
👍 3ele2023/04/07 - 正解だと思う選択肢: D👍 2Dimidrol2023/04/08
シャッフルモード