A development team wants to use AWS CloudFormation stacks to deploy an application. However, the developer IAM role does not have the required permissions to provision the resources that are specified in the AWS CloudFormation template. A DevOps engineer needs to implement a solution that allows the developers to deploy the stacks. The solution must follow the principle of least privilege. Which solution will meet these requirements? A. Create an IAM policy that allows the developers to provision the required resources. Attach the policy to the developer IAM role. B. Create an IAM policy that allows full access to AWS CloudFormation. Attach the policy to the developer IAM role. C. Create an AWS CloudFormation service role that has the required permissions. Grant the developer IAM role a cloudformation:* action. Use the new service role during stack deployments. D. Create an AWS CloudFormation service role that has the required permissions. Grant the developer IAM role the iam:PassRole permission. Use the new service role during stack deployments.  Suggested Answer: B Community Answer: D This question is in DOP-C02 AWS Certified DevOps Engineer – Professional Exam For getting AWS Certified DevOps Engineer – Professional Certificate Disclaimers: The website is not related to, affiliated with, endorsed or authorized by Amazon. Trademarks, certification & product names are used for reference only and belong to Amazon. The website does not contain actual questions and answers from Amazon's Certification Exam.
Please login or Register to submit your answer