A company requires its internal business teams to launch resources through pre-approved AWS CloudFormation templates only. The security team requires automated monitoring when resources drift from their expected state. Which strategy should be used to meet these requirements?
A) Allow users to deploy CloudFormation stacks using a CloudFormation service role only. Use CloudFormation drift detection to detect when resources have drifted from their expected state.
B) Allow users to deploy CloudFormation stacks using a CloudFormation service role only. Use AWS Config rules to detect when resources have drifted from their expected state.
C) Allow users to deploy CloudFormation stacks using AWS Service Catalog only. Enforce the use of a launch constraint. Use AWS Config rules to detect when resources have drifted from their expected state.
D) Allow users to deploy CloudFormation stacks using AWS Service Catalog only. Enforce the use of a template constraint. Use Amazon EventBridge (Amazon CloudWatch Events) notifications to detect when resources have drifted from their expected state.
Correct Answer:
Verified
Q253: A company is developing a web application's
Q254: A DevOps engineer is deploying a new
Q255: A company wants to use AWS Systems
Q256: A software company wants to automate the
Q257: A DevOps engineer is scheduling legacy AWS
Q259: A company wants to migrate its content
Q260: A company uses AWS Storage Gateway in
Q261: You are responsible for your company's large
Q262: You have an application running on an
Q263: Your application uses CloudFormation to orchestrate your
Unlock this Answer For Free Now!
View this answer and more for free by performing one of the following actions
Scan the QR code to install the App and get 2 free unlocks
Unlock quizzes for free by uploading documents