Topic 1 Question 675
A company uses Amazon EC2 instances and Amazon Elastic Block Store (Amazon EBS) volumes to run an application. The company creates one snapshot of each EBS volume every day to meet compliance requirements. The company wants to implement an architecture that prevents the accidental deletion of EBS volume snapshots. The solution must not change the administrative rights of the storage administrator user.
Which solution will meet these requirements with the LEAST administrative effort?
Create an IAM role that has permission to delete snapshots. Attach the role to a new EC2 instance. Use the AWS CLI from the new EC2 instance to delete snapshots.
Create an IAM policy that denies snapshot deletion. Attach the policy to the storage administrator user.
Add tags to the snapshots. Create retention rules in Recycle Bin for EBS snapshots that have the tags.
Lock the EBS snapshots to prevent deletion.
ユーザの投票
コメント(2)
- 正解だと思う選択肢: D
Locking EBS Snapshots (Option D): The "lock" feature in AWS allows you to prevent accidental deletion of resources, including EBS snapshots. This can be set at the snapshot level, providing a straightforward and effective way to meet the requirements without changing the administrative rights of the storage administrator user.
👍 5meenkaza2023/12/29 - 正解だと思う選択肢: D
Typical use case for object lock aka D
👍 3pentium752024/01/03
シャッフルモード