A company allows its developers to attach existing IAM policies to existing IAM roles to enable faster experimentation and agility. However, the security operations team is concerned that the developers could attach the existing administrator policy, which would allow the developers to circumvent any other security policies. How should a solutions architect address this issue?
A) Create an Amazon SNS topic to send an alert every time a developer creates a new policy.
B) Use service control policies to disable IAM activity across all account in the organizational unit.
C) Prevent the developers from attaching any policies and assign all IAM duties to the security operations team.
D) Set an IAM permissions boundary on the developer IAM role that explicitly denies attaching the administrator policy.
Correct Answer:
Verified
Q18: A company captures clickstream data from multiple
Q19: A recently acquired company is required to
Q20: A company currently operates a web application
Q21: A company is hosting a web application
Q22: A marketing company is storing CSV files
Q24: A company built a food ordering application
Q25: A solutions architect is implementing a document
Q26: A company has a two-tier application architecture
Q27: A company is planning to use Amazon
Q28: A company's web application is using multiple
Unlock this Answer For Free Now!
View this answer and more for free by performing one of the following actions
Scan the QR code to install the App and get 2 free unlocks
Unlock quizzes for free by uploading documents