A new employee has joined a company as a deployment engineer. The deployment engineer will be using AWS CloudFormation templates to create multiple AWS resources. A solutions architect wants the deployment engineer to perform job activities while following the principle of least privilege. Which combination of actions should the solutions architect take to accomplish this goal? (Choose two.)
A) Have the deployment engineer use AWS account roof user credentials for performing AWS CloudFormation stack operations.
B) Create a new IAM user for the deployment engineer and add the IAM user to a group that has the PowerUsers IAM policy attached.
C) Create a new IAM user for the deployment engineer and add the IAM user to a group that has the Administrate/Access IAM policy attached.
D) Create a new IAM User for the deployment engineer and add the IAM user to a group that has an IAM policy that allows AWS CloudFormation actions only.
E) Create an IAM role for the deployment engineer to explicitly define the permissions specific to the AWS CloudFormation stack and launch stacks using Dial IAM role.
Correct Answer:
Verified
Q215: A company runs its production workload on
Q216: An application allows users at a company's
Q217: A solutions architect is creating a new
Q218: A solutions architect must design a database
Q219: A company is Re-architecting a strongly coupled
Q221: A mobile gaming company runs application servers
Q222: A company is developing a new machine
Q223: A company is selling up an application
Q224: A company has 700 TB of backup
Q225: A company stores call recordings on a
Unlock this Answer For Free Now!
View this answer and more for free by performing one of the following actions
Scan the QR code to install the App and get 2 free unlocks
Unlock quizzes for free by uploading documents