Topic 1 Question 172
A company needs to manage Amazon EC2 instances through command line interfaces for Linux hosts and Windows hosts. The EC2 instances are deployed in an environment in which there is no route to the internet. The company must implement role-based access control for management of the instances. The company has a standalone on-premises environment.
Which approach will meet these requirements with the LEAST maintenance overhead?
Set up an AWS Direct Connect connection between the on-premises environment and the VPC where the instances are deployed. Configure routing, security groups, and ACLs. Connect to the instances by using the Direct Connect connection.
Deploy and configure AWS Systems Manager Agent (SSM Agent) on each instance. Deploy VPC endpoints for Systems Manager Session Manager. Connect to the instances by using Session Manager.
Establish an AWS Site-to-Site VPN connection between the on-premises environment and the VPC where the instances are deployed. Configure routing, security groups, and ACLs. Connect to the instances by using the Site-to-Site VPN connection.
Deploy an appliance to the VPC where the instances are deployed. Assign a public IP address to the appliance. Configure security groups and ACLs. Connect to the instances by using the appliance as an intermediary.
ユーザの投票
コメント(2)
- 正解だと思う選択肢: B
Only option that references Role-Based Access Control: AWS Systems Manager integrates with AWS Identity and Access Management (IAM), allowing you to define granular access permissions based on roles.
👍 9KobDragoon2024/09/30 - 正解だと思う選択肢: B
Option B is right, other options have higher maintenance overhead:
👍 1AzureDP9002024/12/29
シャッフルモード