Multiple Choice
A company requires its internal business teams to launch resources through pre-approved AWS CloudFormation templates only. The security team requires automated monitoring when resources drift from their expected state. Which strategy should be used to meet these requirements?
A) Allow users to deploy CloudFormation stacks using a CloudFormation service role only. Use CloudFormation drift detection to detect when resources have drifted from their expected state.
B) Allow users to deploy CloudFormation stacks using a CloudFormation service role only. Use AWS Config rules to detect when resources have drifted from their expected state.
C) Allow users to deploy CloudFormation stacks using AWS Service Catalog only. Enforce the use of a launch constraint. Use AWS Config rules to detect when resources have drifted from their expected state.
D) Allow users to deploy CloudFormation stacks using AWS Service Catalog only. Enforce the use of a template constraint. Use Amazon EventBridge (Amazon CloudWatch Events) notifications to detect when resources have drifted from their expected state.
Correct Answer:
Verified
Correct Answer:
Verified
Q55: A company manages an application that stores
Q56: You have an application running on multiple
Q57: A DevOps Engineer discovered a sudden spike
Q58: A DevOps Engineer just joined a new
Q59: A company that runs many workloads on
Q61: A company is using AWS CodePipeline to
Q62: Currently, your deployment process consists of setting
Q63: A healthcare services company is concerned about
Q64: A user has created a new EBS
Q65: What method should you use to author