Exam SAP-C02 Topic 5 Question 241 Discussion

Actual exam question for Amazon's SAP-C02 exam
Question #: 241
Topic #: 5
A company is running several workloads in a single AWS account. A new company policy states that engineers can provision only approved resources and that engineers must use AWS CloudFormation to provision these resources. A solutions architect needs to create a solution to enforce the new restriction on the IAM role that the engineers use for access.
What should the solutions architect do to create the solution?

Suggested Answer: B Vote an answer

To enforce the new restriction on the IAM role that the engineers use for access, the solutions architect should update the IAM policy for the engineers' IAM role with permissions to only allow provisioning of approved resources and AWS CloudFormation. By doing this, the engineers will only be able to create resources that are explicitly approved and will be forced to use AWS CloudFormation to provision these resources.
The solutions architect should also use AWS CloudFormation templates to create stacks with approved resources. This allows the engineers to provision resources using the approved templates and ensures that only approved resources are created.
Reference:
https://aws.amazon.com/iam/
https://aws.amazon.com/cloudformation/

by Moore at Dec 17, 2023, 02:49 AM

Limited Time Offer

15%

Off

Get Premium SAP-C02 Questions as Interactive Self Test Engine or PDF

Comments

Chosen Answer:
This is a voting comment (?) , you can switch to a simple comment.
Switch to a voting comment New
Nick name: Submit Cancel
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
0
0
0
10