SAP-C02 · Question #262
SAP-C02 Question #262: Real Exam Question with Answer & Explanation
Sign in or unlock SAP-C02 to reveal the answer and full explanation for question #262. The question stem and answer options stay visible for context.
Question
A company is using multiple AWS accounts. The company has a shared service account and several other accounts for different projects. A team has a VPC in a project account. The team wants to connect this VPC to a corporate network through an AWS Direct Connect gateway that exists in the shared services account. The team wants to automatically perform a virtual private gateway association with the Direct Connect gateway by using an already-tested AWS Lambda function while deploying its VPC networking stack. The Lambda function code can assume a role by using AWS Security Token Service (AWS STS). The team is using AWS CloudFormation to deploy its infrastructure. Which combination of steps will meet these requirements? (Choose three.)
Options
- ADeploy the Lambda function to the project account.
- BCreate a cross-account IAM role in the shared services account that grants the Lambda function
- CAdd a custom resource to the CloudFormation networking stack that references the Lambda
- DDeploy the Lambda function that is performing the association to the shared services account.
- ECreate a cross-account IAM role in the shared services account that grants the sts:AssumeRole
- FAdd a custom resource to the CloudFormation networking stack that references the Lambda
Unlock SAP-C02 to see the answer
You've previewed enough free SAP-C02 questions. Unlock SAP-C02 for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.