| Exam Name: | AWS Certified DevOps Engineer - Professional | ||
| Exam Code: | DOP-C02 Dumps | ||
| Vendor: | Amazon Web Services | Certification: | AWS Certified Professional |
| Questions: | 449 Q&A's | Shared By: | brooklyn |
A DevOps administrator is responsible for managing the security of a company ' s Amazon CloudWatch Logs log groups. The company’s security policy states that employee IDs must not be visible in logs except by authorized personnel. Employee IDs follow the pattern of Emp-XXXXXX, where each X is a digit.
An audit discovered that employee IDs are found in a single log file. The log file is available to engineers, but the engineers are not authorized to view employee IDs. Engineers currently have an AWS IAM Identity Center permission that allows logs:* on all resources in the account.
The administrator must mask the employee ID so that new log entries that contain the employee ID are not visible to unauthorized personnel.
Which solution will meet these requirements with the MOST operational efficiency?
A company hosts a security auditing application in an AWS account. The auditing application uses an IAM role to access other AWS accounts. All the accounts are in the same organization in AWS Organizations.
A recent security audit revealed that users in the audited AWS accounts could modify or delete the auditing application ' s IAM role. The company needs to prevent any modification to the auditing application ' s IAM role by any entity other than a trusted administrator IAM role.
Which solution will meet these requirements?
A company wants to use AWS CloudFormation for infrastructure deployment. The company has strict tagging and resource requirements and wants to limit the deployment to two Regions. Developers will need to deploy multiple versions of the same application.
Which solution ensures resources are deployed in accordance with company policy?
A company’s web app publishes JSON logs with transaction status to CloudWatch Logs. The company wants a dashboard showing the number of successful transactions with the least operational overhead.
Which solution meets this?