SCS-C02 · Question #52
SCS-C02 Question #52: Real Exam Question with Answer & Explanation
Sign in or unlock SCS-C02 to reveal the answer and full explanation for question #52. The question stem and answer options stay visible for context.
Question
A company uses several AWS CloudFormation stacks to handle the deployment of a suite of applications. The leader of the company's application development team notices that the stack deployments fail with permission errors when some team members try to deploy the stacks. However, other team members can deploy the stacks successfully. The team members access the account by assuming a role that has a specific set of permissions that are necessary for the job responsibilities of the team members. All team members have permissions to perform operations on the stacks. Which combination of steps will ensure consistent deployment of the stacks MOST securely? (Choose three.)
Options
- ACreate a service role that has a composite principal that contains each service that needs the
- BCreate a service role that has cloudformation.amazonaws.com as the service principal. Configure
- CFor each required set of permissions, add a separate policy to the role to allow those
- DFor each required set of permissions, add a separate policy to the role to allow those
- EUpdate each stack to use the service role.
- FAdd a policy to each member role to allow the iam:PassRole action. Set the policy's resource field
Unlock SCS-C02 to see the answer
You've previewed enough free SCS-C02 questions. Unlock SCS-C02 for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.