A DevOps team supports many accounts across an organization in AWS Organizations. The DevOps team has decided to use AWS Coring across the organization to implement centralized automatic remediation of Amazon S3 buckets that have public ACLs. Individual accounts must not be able to modify the remediation strategy. Which solution will meet these requirements?

Topic #: - All AWS DevOps Engineer Professional Questions

A. Create an AWS Config conformance pack that contains a rule that checks for S3 buckets that have public ACLs. Configure the conformance pack to use an AWS Systems Manager Automation runbook to block public access to the S3 buckets. Deploy the conformance pack across the organization.
B. Configure AWS Config rules that detect S3 buckets that have public ACLs. Configure a remediation action that uses AWS Lambda to block public access to the S3 buckets. Use AWS CloudFormation StackSets to deploy the rules across the organization.
C. Configure AWS Config rules that detect S3 buckets that have public ACLs. Configure a remediation action that uses an AWS Systems Manager Automation runbook to block public access to the S3 buckets. Use AWS CloudFormation StackSets to deploy the rules across the organization.
D. Create an AWS Config conformance pack that contains a rule that checks for 53 buckets that have public ACLs. Configure the conformance pack to use an AWS Lambda function to block public access to the S3 buckets. Deploy the conformance pack across the organization.

- Awsexamhub website is not related to, affiliated with, endorsed or authorized by Amazon.
- Trademarks, certification & product names are used for reference only and belong to Amazon.

Suggested Answer:

Reference Material:

Suggested Answer:

Reference Material:

Share this post

Join the Discussion