Answer-first summary for fast verification
Answer: Create an IAM role with the minimum required permissions for the CloudFormation stack to access the necessary services and assign it to the stack.
To ensure secure and least privilege access for the CloudFormation stack, you should create an IAM role with the minimum required permissions for the stack to access the necessary services and assign it to the stack. This approach follows the principle of least privilege by granting the CloudFormation stack access only to the resources it needs. Option A provides excessive permissions, while options C and D are not recommended as they involve using the root account or manually configuring permissions, which can lead to security risks or errors.
Author: LeetQuiz Editorial Team
Ultimate access to all questions.
No comments yet.
You are working on a project that requires the use of AWS CloudFormation to deploy resources. You need to ensure that the CloudFormation stack has the necessary permissions to access other AWS services. Which of the following steps should you take to achieve this?
A
Create an IAM role with full access to all AWS services and assign it to the CloudFormation stack.
B
Create an IAM role with the minimum required permissions for the CloudFormation stack to access the necessary services and assign it to the stack.
C
Use the root account credentials to deploy the CloudFormation stack.
D
Manually configure the necessary permissions for each resource in the CloudFormation template.