Multiple Choice
A new employee has joined a company as a deployment engineer. The deployment engineer will be using AWS CloudFormation templates to create multiple AWS resources. A solutions architect wants the deployment engineer to perform job activities while following the principle of least privilege. Which combination of actions should the solutions architect take to accomplish this goal? (Choose two.)
A) Have the deployment engineer use AWS account roof user credentials for performing AWS CloudFormation stack operations.
B) Create a new IAM user for the deployment engineer and add the IAM user to a group that has the PowerUsers IAM policy attached.
C) Create a new IAM user for the deployment engineer and add the IAM user to a group that has the Administrate/Access IAM policy attached.
D) Create a new IAM User for the deployment engineer and add the IAM user to a group that has an IAM policy that allows AWS CloudFormation actions only.
E) Create an IAM role for the deployment engineer to explicitly define the permissions specific to the AWS CloudFormation stack and launch stacks using Dial IAM role.
Correct Answer:
Verified
Correct Answer:
Verified
Q468: A company wants to use Amazon S3
Q469: A company is deploying an application that
Q470: A marketing company is storing CSV files
Q471: A solutions architect is optimizing a website
Q472: Application developers have noticed that a production
Q474: A company hosts an application on an
Q475: A data science team requires storage for
Q476: A company is building an application on
Q477: A solutions architect is performing a security
Q478: A company's web application is using multiple