Multiple Choice
A company allows its developers to attach existing IAM policies to existing IAM roles to enable faster experimentation and agility. However, the security operations team is concerned that the developers could attach the existing administrator policy, when would allow the developers to circumvent any other security policies. How should a solutions architect address this issue?
A) Create an Amazon SNS topic to send an alert every time a developer creates a new policy.
B) Use service control policies to disable IAM activity across all account in the organizational unit.
C) Prevent the developers from attaching any policies and assign all IAM duties to the security operations team.
D) Set an IAM permissions boundary on the developer IAM role that explicitly denies attaching the administrator policy.
Correct Answer:
Verified
Correct Answer:
Verified
Q520: A company has created a VPC with
Q521: A company has a Microsoft Windows-based application
Q522: A company recently launched Linux-based application instances
Q523: A company is planning to deploy an
Q524: A company has a 10 Gbps AWS
Q526: A solutions architect is planning the deployment
Q527: A solutions architect is working on optimizing
Q528: A manufacturing company wants to implement predictive
Q529: A solutions architect is designing the cloud
Q530: A solutions architect is designing a solution