Become Amazon Certified with updated SCS-C02 exam questions and correct answers
A company's IAM account consists of approximately 300 IAM users. Now there is a mandate that an access
change is required for 100 IAM users to have unlimited privileges to S3.As a system administrator, how can
you implement this effectively so that there is no need to apply the policy at the individual user level?
Please select:
A company has an encrypted Amazon Aurora DB cluster in the us-east-1 Region. The DB cluster is encrypted
with an AWS Key Management Service (AWS KMS) customer managed key. To meet compliance
requirements, the company needs to copy a DB snapshot to the us-west-1 Region. However, when the
company tries to copy the snapshot to us-west-1 the company cannot access the key that was used to encrypt
the original database.
What should the company do to set up the snapshot in us-west-1 with proper encryption?
A company has two VPCs in the same AWS Region and in the same AWS account Each VPC uses a CIDR
block that does not overlap with the CIDR block of the other VPC One VPC contains AWS Lambda functions
that run inside a subnet that accesses the internet through a NAT gateway. The Lambda functions require
access to a publicly accessible Amazon Aurora MySQL database that is running in the other VPC
A security engineer determines that the Aurora database uses a security group rule that allows connections
from the NAT gateway IP address that the Lambda functions use. The company's security policy states that no
database should be publicly accessible.
What is the MOST secure way that the security engineer can provide the Lambda functions with access to the Aurora database?
© Copyrights DumpsCertify 2025. All Rights Reserved
We use cookies to ensure your best experience. So we hope you are happy to receive all cookies on the DumpsCertify.