Topic 1 Question 181
A company requires its internal business teams to launch resources through pre-approved AWS CloudFormation templates only. The security team requires automated monitoring when resources drift from their expected state.
Which strategy should be used to meet these requirements?
Allow users to deploy CloudFormation stacks using a CloudFormation service role only. Use CloudFormation drift detection to detect when resources have drifted from their expected state.
Allow users to deploy CloudFormation stacks using a CloudFormation service role only. Use AWS Config rules to detect when resources have drifted from their expected state.
Allow users to deploy CloudFormation stacks using AWS Service Catalog only. Enforce the use of a launch constraint. Use AWS Config rules to detect when resources have drifted from their expected state.
Allow users to deploy CloudFormation stacks using AWS Service Catalog only. Enforce the use of a template constraint. Use Amazon EventBridge notifications to detect when resources have drifted from their expected state.
ユーザの投票
コメント(4)
- 正解だと思う選択肢: C
it's C
👍 1csG132023/12/29 - 正解だと思う選択肢: C
C is correct
👍 1PrasannaBalaji2023/12/29 - 正解だと思う選択肢: C
You can use AWS Managed Config cloudformation-stack-drift-detection-check rule to evaluate drift in CloudFormation stacks.
👍 1d262e672023/12/31
シャッフルモード