Deployment And Delivery Design — AWS DevOps Engineer (DOP-C02)
Rollback Speed and Blast Radius Are Different Constraints
CodeDeploy's canary and linear traffic shifting limits blast radius during deployment. CloudFormation stack rollback addresses infrastructure drift. Blue/green on ECS provides full environment isolation with instant traffic cut-back. The deciding constraint changes the answer entirely. If the scenario emphasizes fast rollback after a bad deploy, full environment isolation wins. If it emphasizes minimizing customer impact during the shift itself, canary traffic weighting wins. Map the stated failure scenario to the correct mechanism before choosing.
What This Pattern Tests
The exam tests deployment pipeline design with service-appropriate strategies. CodePipeline orchestrates source-build-test-deploy stages with manual approval gates. CodeDeploy supports blue/green on ECS (shift traffic between task sets), canary on Lambda (shift 10% then all), and rolling on EC2. For DOP-C02, CloudFormation StackSets deploy infrastructure across multiple accounts and regions simultaneously, while change sets preview modifications before execution. For AIF-C01 and MLS-C01, SageMaker Pipelines orchestrate ML workflows — data processing, training, evaluation, and model registration — with Model Registry tracking model versions and approval status before deployment to endpoints. The trap is using CodeDeploy for ML model deployment (SageMaker Pipelines handles the ML lifecycle) or CloudFormation direct updates without change sets in production.
Decision Axis
Deployment risk tolerance and workload type determine the pipeline: application code uses CodePipeline, infrastructure uses CloudFormation StackSets, ML models use SageMaker Pipelines.
Associated Traps
More Top Traps on This Exam
Decision Rules
Which ECS deployment controller — native rolling update or CodeDeploy blue/green — satisfies a hard sub-minute rollback SLA, given that both strategies can achieve zero-downtime during the happy path.
When both zero-downtime and a sub-60-second rollback RTO are explicit requirements for an ECS workload, blue/green deployment (retaining the original task set for instant ALB listener re-route) must be chosen over rolling update (which requires launching new tasks to roll back, making rollback latency minutes rather than seconds).
Whether to use CodeDeploy ECS rolling update or CodeDeploy ECS blue/green — the 60-second rollback RTO is the deciding constraint because rolling update has no independent stable target group to atomically reroute to, while blue/green can flip the ALB listener rule back in seconds.
Whether to configure the CodeDeploy Lambda deployment with a gradual traffic-shift preference (canary or linear) that bounds blast radius and enables meaningful pre-promotion alarm-triggered rollback, or accept an all-at-once shift that maximizes speed but exposes 100% of traffic before the alarm evaluation window can protect customers.
Whether a 90-second rollback RTO can be satisfied by CodeDeploy in-place rolling deployment on EC2 or whether blue/green deployment with ALB traffic rerouting to the original Auto Scaling group is required to meet both the zero-downtime and sub-90-second rollback constraints simultaneously.
Domain Coverage
Difficulty Breakdown