An application has been written that publishes custom metrics to Amazon CloudWatch. Recently, IAM changes have been made on the account and the metrics are no longer being reported. Which of the following is the LEAST permissive solution that will allow the metrics to be delivered?
A) Add a statement to the IAM policy used by the application to allow logs:putLogEvents and logs:createLogStream Add a statement to the IAM policy used by the application to allow logs:putLogEvents and logs:createLogStream
B) Modify the IAM role used by the application by adding the CloudWatchFullAccess managed policy. Modify the IAM role used by the application by adding the CloudWatchFullAccess managed policy.
C) Add a statement to the IAM policy used by the application to allow cloudwatch:putMetricData . Add a statement to the IAM policy used by the application to allow cloudwatch:putMetricData .
D) Add a trust relationship to the IAM role used by the application for cloudwatch.amazonaws.com . Add a trust relationship to the IAM role used by the application for cloudwatch.amazonaws.com
Correct Answer:
Verified
Q34: The InfoSec team has mandated that in
Q35: Which approach will generate automated security alerts
Q36: A Security Engineer who was reviewing AWS
Q37: A Solutions Architect is designing a web
Q38: A pharmaceutical company has digitized versions of
Q40: A Security Engineer has been asked to
Q41: A Development team has asked for help
Q42: The Security Engineer is managing a traditional
Q43: Some highly sensitive analytics workloads are to
Q44: A Developer who is following AWS best
Unlock this Answer For Free Now!
View this answer and more for free by performing one of the following actions
Scan the QR code to install the App and get 2 free unlocks
Unlock quizzes for free by uploading documents