A Development team wants to deploy an application using AWS CloudFormation stacks, but the Developer IAM role does not currently have the required permissions to provision the resources specified in the CloudFormation template. A DevOps Engineer is tasked with allowing Developers to deploy the stacks while following the principal of least privilege. Which solution will meet these requirements?
A) Create an IAM policy that allows Developers to provision the required resources. Attach the policy to the Developer role.
B) Create an IAM policy that allows full access to CloudFormation. Attach the policy to the Developer role.
C) Create a new IAM role with the required permissions to use as a CloudFormation service role. Grant the Developer role a cloudformation:* action.
D) Create a new IAM role with the required permissions to use as a CloudFormation service role. Grant the Developer role the iam:PassRole permission.
Correct Answer:
Verified
Q485: A company runs an application consisting of
Q486: A company uses federated access for its
Q487: A company has multiple development teams sharing
Q488: A company recently launched an application that
Q489: You have an application which consists of
Q491: A company has multiple child accounts that
Q492: A company is deploying a container-based application
Q493: An application running on multiple Amazon EC2
Q494: A company's legacy application uses IAM user
Q495: A company has an application deployed using
Unlock this Answer For Free Now!
View this answer and more for free by performing one of the following actions
Scan the QR code to install the App and get 2 free unlocks
Unlock quizzes for free by uploading documents