Q44 — AWS DOP-C02 Ch.1

Question 44 of 100 | ← Chapter 1

A company’s DevOps team uses Node Package Manager (NPM) open-source libraries to build applications. The DevOps team runs application builds in an AWS CodeBuild project. The company downloads NPM libraries from the public NPM registry. The company wants to host NPM libraries in a private NPM repository. The company also needs to validate new library versions before the DevOps team uses them.

Correct Answer: A. Create an AWS CodeArtifact repository with an upstream repository named npmjs.org. Configure the application build process to use the CodeArtifact repository as the default NPM source. Create an AWS CodePipeline pipeline to perform required checks on package versions in the CodeArtifact repository. If checks fail, set the package status to unlisted.

Explanation

This question tests implementing a private NPM repository in AWS with version validation. AWS documentation states CodeArtifact supports hosting private repositories and upstream configuration to public npm registries. Option A uses CodeArtifact to host the private repository and CodePipeline to automate validation, marking packages as unlisted on failure—requiring no additional infrastructure management. Option B relies on S3 caching, which cannot host a private repository. Options C and D misuse CodeCommit as a package repository, requiring manual per-library management and violating npm protocol standards, increasing complexity. Option A leverages native CodeArtifact functionality with minimal operational overhead.