Topic 1 Question 478
A SysOps administrator must ensure that all of a company's current and future Amazon S3 buckets have logging enabled. If an S3 bucket does not have logging enabled, an automated process must enable logging for the S3 bucket.
Which solution will meet these requirements?
Use AWS Trusted Advisor to perform a check for S3 buckets that do not have logging enabled. Configure the check to enable logging for S3 buckets that do not have logging enabled.
Configure an S3 bucket policy that requires all current and future S3 buckets to have logging enabled.
Use the s3-bucket-logging-enabled AWS Config managed rule. Add a remediation action that uses an AWS Lambda function to enable logging.
Use the s3-bucket-logging-enabled AWS Config managed rule. Add a remediation action that uses the AWS-ConfigureS3BucketLogging AWS Systems Manager Automation runbook to enable logging.
ユーザの投票
コメント(3)
- 正解だと思う選択肢: D
prebuilt AWS Systems Manager Automation runbook (AWS-ConfigureS3BucketLogging)
👍 3igor12ghsj5772024/11/22 - 正解だと思う選択肢: D
Since it's been specifically asked about an automated method to enable for existing and future buckets so that's why Config Rule for automated detection and Systems Manager Automation Runbook for automated enabling makes a perfect combination via option D IMO.
👍 2Aamee2024/10/29 S3 is not a system... Answer is C and ChatGPT agress>>>To ensure that all current and future Amazon S3 buckets have logging enabled, and to automatically enable logging for any S3 bucket that does not have it configured, the SysOps administrator can use AWS Config with AWS Lambda to automate this process.
👍 1numark2024/11/19
シャッフルモード