A development team has been using a builder server that is hosted on an Amazon EC2 instance to perform builds and deployments for the last 3 months. The EC2 instance's instance profile uses an IAM role that contains the Administrator Access managed policy. The development team must replace that policy with a policy that provides only the required permissions. What is the FASTEST way to create a custom 1AM policy for the EC2 instance to meet this requirement? A. Create a new IAM policy based on services that the build server deployed or updated in the last 3 months. B. Create a new IAM policy that includes all actions that AWS CloudTrail recorded for the IAM role in the last 3 months. C. Create a new permissions boundary policy that denies all access. Associate the permissions boundaries with the IAM role. D. Create a new IAM policy by using Amazon Athena to query an Amazon S3 bucket that contains AWS CloudTrail events that the IAM role performed in the last 3 months.  Suggested Answer: A Community Answer: B This question is in DVA-C01 AWS Certified Developer – Associate Exam For getting AWS Certified Developer – Associate Certificate Disclaimers: The website is not related to, affiliated with, endorsed or authorized by Amazon. Trademarks, certification & product names are used for reference only and belong to Amazon. The website does not contain actual questions and answers from Amazon's Certification Exam.
Please login or Register to submit your answer