Amazon Web Services DOP-C02 Exam With Confidence Using Practice Dumps

C. Create new ALB and Auto Scaling group resources in the new Region and configure the new ALB to direct traffic to the new Auto Scaling group. This will allow users in the new Region to access the application with lower latency by reducing the network hops between the user and the application servers.

D. Create Amazon Route 53 records, health checks, and latency-based routing policies to route to the ALB. This will enable Route 53 to route user traffic to the nearest healthy ALB, based on the latency between the user and the ALBs.

F. Convert the DynamoDB table to a global table. This will enable reads and writes to the table in both Regions with low latency, improving the overall response time of the application

Comprehensive & Detailed Explanation (150–250 words):

AWS Control Tower provides Account Factory and Account Factory Customizations (AFC) as the lowest-overhead and most scalable method for creating and configuring new accounts. AFC allows you to define blueprints that include mandatory baseline resources such as IAM roles, logging configurations, guardrails, network settings, and tagging standards. When accounts are created through Account Factory using a customization blueprint, all controls and baseline configurations are applied automatically during provisioning, without any additional automation steps or StackSet deployments.

Option B requires running StackSets after the account is created, which adds manual management overhead and defeats the built-in automation advantages of Control Tower. Options C and D rely on manually provisioning accounts via AWS Organizations, which bypasses Control Tower’s governance and would require custom Lambda or StackSet automation to replicate controls that Control Tower already provides automatically.

Because the question explicitly asks for the least operational overhead, the correct answer is to use the Control Tower AFC blueprint, ensuring every account is born compliant with the required guardrails and baseline configuration.

The company’s primary goals are to produce daily builds, publish artifacts to an Amazon S3–hosted website, and do so with the least operational overhead. Because the source repository is public and builds are produced on a fixed daily schedule, there is no requirement for complex multi-stage orchestration or manual pipeline invocations.

Option B provides the most streamlined and AWS-recommended solution. By using AWS CodeBuild directly with the public repository as the source, the company eliminates the need to manage an AWS CodePipeline altogether. CodeBuild can natively compile the project and publish build artifacts directly to an Amazon S3 bucket through its artifacts configuration. This minimizes service dependencies and operational complexity.

Using an Amazon EventBridge scheduled rule to trigger the CodeBuild project daily ensures builds occur automatically without manual intervention. Enabling artifact encryption is the AWS best practice, even for public artifacts, because encryption at rest does not prevent public read access when bucket policies allow it.

Option A relies on webhooks and push-based triggers, which do not meet the “build every day” requirement and introduce unnecessary coupling to repository activity. Options C and D retain CodePipeline, which adds extra configuration and maintenance overhead without providing additional value for this simple build-and-publish workflow.

Therefore, Option B meets all requirements with the least operational effort while following AWS-recommended CI/CD design principles.