Topic 1 Question 285
2 つ選択A company has an AWS CloudFormation template that creates an Amazon S3 bucket. A user authenticates to the corporate AWS account with their Active Directory credentials and attempts to deploy the CloudFormation template. However, the stack creation fails.
Which factors could cause this failure?
The user’s IAM policy does not allow the cloudformation:CreateStack action.
The user’s IAM policy does not allow the cloudformation:CreateStackSet action.
The user’s IAM policy does not allow the s3:CreateBucket action.
The user’s IAM policy explicitly denies the s3:ListBucket action.
The user’s IAM policy explicitly denies the s3:PutObject action.
ユーザの投票
コメント(2)
Options B, D, and E are not relevant to the CloudFormation stack creation failure for an S3 bucket. Option B is related to CloudFormation StackSets, not individual stacks. Option D and E are related to specific S3 bucket actions (list and put) and are not directly related to the stack creation process.
Therefore, the correct answers are A and C.
👍 7trvtrinh2023/07/23- 正解だと思う選択肢: AC
Options B, D, and E are less likely to be directly related to the failure of stack creation:
B. The user’s IAM policy does not allow the cloudformation:CreateStackSet action. Stack sets are generally used for deploying stacks across multiple accounts and regions, and it might not be directly related to a stack creation failure in a single account. D. The user’s IAM policy explicitly denies the s3:ListBucket action. While s3:ListBucket is needed for some S3 operations, it's not necessarily required for creating an S3 bucket. E. The user’s IAM policy explicitly denies the s3:PutObject action. Denying s3:PutObject would prevent the user from uploading objects to an existing S3 bucket. It's not a direct factor for creating a new S3 bucket.👍 1r2c3po2023/12/28
シャッフルモード