AWS DevOps Engineer Professional Practice Test 2025 - Free DevOps Practice Questions and Certification Study Guide

The correct answer is that the account needs sudo/root access, and machines must have outbound access on port 443.

AWS CodeDeploy is a deployment service that allows you to automate application deployments to various compute services, including on-premises servers. For on-premise instances, the requirements ensure that the CodeDeploy agent can be installed and operates correctly. Sudo or root access is essential because installing the CodeDeploy agent and making necessary configurations requires elevated permissions on the instance.

Furthermore, the outbound connection on port 443 is critical, as the CodeDeploy agent must communicate with the AWS API endpoint over HTTPS. If the instances lack this internet access, they won't be able to receive deployment instructions or report back their status, thereby disrupting the deployment process.

Other options do not align with the operational requirements for using CodeDeploy effectively. For instance, specifying that all machines must be Windows-based and connected to VPN overlooks the fact that CodeDeploy can work with both Linux and Windows servers, and a VPN connection isn't a requirement if the instances can communicate with the AWS endpoint directly. Thus, the first option accurately encapsulates the necessary conditions for using AWS CodeDeploy with on-premises instances.