Explanation:
The best solution with the least operational overhead is to attach the appropriate IAM role to each existing and new instance and use AWS Systems Manager Session Manager to establish a remote SSH session. This method is secure, eliminates the need for managing SSH keys, bastion hosts, or VPN connections, and integrates seamlessly with AWS services, following the AWS Well-Architected Framework.
Ultimate access to all questions.
A company has deployed new workloads on Amazon EC2 and requires a secure, repeatable remote administration process compatible with AWS services and the Well-Architected Framework. Which solution offers the least operational overhead?
A
Utilize the EC2 serial console for direct terminal access to each instance.
B
Assign IAM roles to instances and use AWS Systems Manager Session Manager for remote SSH sessions.
C
Generate an admin SSH key pair, apply the public key to instances, and use a bastion host in a public subnet for secure instance administration.
D
Set up an AWS Site-to-Site VPN, enabling admins to connect to instances via SSH keys through the VPN.
No comments yet.