AWS Certified DevOps Engineer - Professional
Get started today
Ultimate access to all questions.
Ultimate access to all questions.
A company utilizes AWS CodeArtifact for centralized storage of Python packages, configured with a specific repository policy. A development team within an AWS Organizations account seeks to utilize a Python library already stored in this CodeArtifact repository. They employ AWS CodePipeline and AWS CodeBuild for their application's build process, which is configured to execute within a VPC that lacks internet connectivity due to compliance mandates. Despite the team's creation of VPC endpoints for CodeArtifact and the update of the CodeBuild buildspec.yaml file, they encounter issues downloading the Python library. What actions should a DevOps engineer undertake to facilitate the development team's access to the CodeArtifact repository?
Explanation:
The correct answers are A and D. Option A is correct because CodeArtifact uses Amazon S3 for storage, and in a VPC without internet connectivity, a gateway endpoint is needed to access S3, ensuring that the CodeBuild job can fetch artifacts from CodeArtifact. Option D is correct because the role used by the CodeBuild project needs to have sufficient permissions to interact with the CodeArtifact repository. Without these permissions, the build process will not be able to access or download the necessary Python libraries.