Topic 1 Question 194
A company is reviewing its IAM policies. One policy written by the DevOps engineer has been flagged as too permissive. The policy is used by an AWS Lambda function that issues a stop command to Amazon EC2 instances tagged with Environment: NonProduction over the weekend. The current policy is:
What changes should the engineer make to achieve a policy of least permission?
Add the following conditional expression:
Change "Resource": ""to "Resource": "arn:aws:ec2:::instance/"
Add the following conditional expression:
Add the following conditional expression:
Change "Action": "ec2:*"to "Action": "ec2:StopInstances"
Add the following conditional expression:
ユーザの投票
コメント(5)
BDE is correct
👍 2PrasannaBalaji2023/12/29- 正解だと思う選択肢: B
B, D & E seem correct.
👍 2csG132023/12/29 - 正解だと思う選択肢: B
BDE seems correct
👍 1ozansenturk2024/01/02
シャッフルモード