SAP-C02 · Question #314
SAP-C02 Question #314: Real Exam Question with Answer & Explanation
The correct answer is B: Develop infrastructure services using AWS Cloud Formation templates.. With EndUserFullAccess, user can launch products. AWSServiceCatalogEndUserFullAccess - Grants full access to the end user console view. Grants permission to launch products and manage provisioned products. AWSServiceCatalogEndUserReadOnlyAccess - Grants read-only access to the en
Question
An enterprise company is building an infrastructure services platform for its users. The company has the following requirements: - Provide least privilege access to users when launching AWS infrastructure so users cannot provision unapproved services. - Use a central account to manage the creation of infrastructure services. - Provide the ability to distribute infrastructure services to multiple accounts in AWS Organizations. - Provide the ability to enforce tags on any infrastructure that is started by users. Which combination of actions using AWS services will meet these requirements? (Choose three.)
Options
- ADevelop infrastructure services using AWS Cloud Formation templates.
- BDevelop infrastructure services using AWS Cloud Formation templates.
- CAllow user IAM roles to have AWSCloudFormationFullAccess and AmazonS3ReadOnlyAccess
- DAllow user IAM roles to have ServiceCatalogEndUserAccess permissions only.
- EUse the AWS Service Catalog TagOption Library to maintain a list of tags required by the
- FUse the AWS CloudFormation Resource Tags property to enforce the application of tags to any
Explanation
With EndUserFullAccess, user can launch products. AWSServiceCatalogEndUserFullAccess - Grants full access to the end user console view. Grants permission to launch products and manage provisioned products. AWSServiceCatalogEndUserReadOnlyAccess - Grants read-only access to the end user console view. Does not grant permission to launch products or manage provisioned products.
Community Discussion
No community discussion yet for this question.