You will be using AWS Setup to verify the configuration of the resources in your AWS account. We will be using an existing LAM role and using it for the AWS Config resource. Which of the following 0 necessary to ensure the AWS configuration service can operate as required?
Make sure there is a trust policy in place for the AWS Config service within the role
Make sure there is a concession policy in force for the AWS service in the role Conflg
Make sure there is a user policy in place for the AWS Config service within the role
Make sure there is a group policy in place for the AWS Config service within the role the answer is correct.
Your developer is using the Key Management Service and a spanner in their assigned Java program. They get the following erro when you run the code ARN: AWS: iam :: 1 1374538.871000 2: UserB user is not authorized to perform: km: DescribeKey Which of the following could help solve the problem? Please select:
Ensure that the user B is given the role LAM right to access the key
Ensure that the user B is given the right permissions in AML policy
Ensure that the user B is given the right permissions in Key policy
Ensure that the user B is given the right permissions in the Bucket policy
Does your company have an external website. This website needs to access objects in an S3 bucket. Which of the following would help the website to access objects in the safest way? Please select:
Giving the public access to the bucket with the bucket policy
Use aws Key Referer in clause provided for the bucket policy
Use the AWS Key sites in clause provided for the bucket policy
Granting a role that can be taken from the website
Your IT Security team has identified a number of critical vulnerabilities through EC2 instances in the company SWS account. What would be the simplest way to ensure these vulnerabilities are remediated?
Create AWS Lambda functions to download updates and patches of the server.
Use the AWS CLI commands to download updates and patches for servers.
Using AWS inspector patch servers
Use AWS Systems Manager patch servers
An organization has launched five cases: two for production and 3 for tests. The organization wants a particular group of Lam users should only access the test instances and not those of production. How you can set the organization as a part of politics? Please select:
Start the test instances and manufacture in separate regions and allow access to the region wise group
Define the LAM policy that allows access by the ID request
Lam Create a policy with a condition that allows access only to small instances
Define the tag on the test server and production and to add a condition to the AML policy, which allows access to specific tags