A hybrid workload will use AWS CodeDeploy on on-premises servers. What is the MOST secure way to register targets and deploy with tag-based deployment groups?
Multiple choice — select one answer
Answer choices
Architectural breakdown & explanation
Temporary credentials from AssumeRole avoid long-lived keys; CodeDeploy deployment groups target tags.
Correct answer(s): a. IAM role with STS AssumeRole; refresh credentials on a schedule; install the CodeDeploy agent; register on-premises instances; tag-based deployment group.
Exam domain: Domain 1: SDLC Automation (22% weight on the official guide).
Official documentation & study links
Practice this certification
This page is one question from the AWS Certified DevOps Engineer – Professional bank. Run a full timed practice exam with domain-weighted random questions in your browser.