Examtopics

AWS Certified SysOps Administrator - Associate

220
222

Topic 1 Question 221
A company’s application currently uses an IAM role that allows all access to all AWS services. A SysOps administrator must ensure that the company’s IAM policies allow only the permissions that the application requires.

How can the SysOps administrator create a policy to meet this requirement?
- Turn on AWS CloudTrail. Generate a policy by using AWS Security Hub.
- Turn on Amazon EventBridge (Amazon CloudWatch Events). Generate a policy by using AWS Identity and Access Management Access Analyzer.
- Use the AWS CLI to run the get-generated-policy command in AWS Identity and Access Management Access Analyzer.
- Turn on AWS CloudTrail. Generate a policy by using AWS Identity and Access Management Access Analyzer.
ユーザの投票
コメント(1)
- 正解だと思う選択肢: D
  Ans is D, https://docs.aws.amazon.com/IAM/latest/UserGuide/what-is-access-analyzer.html#what-is-access-analyzer-policy-generation
  
  👍 2
  zolthar_z2023/01/03
シャッフルモード

220
222